r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7228
Expires: Tue, 06 Sep 2022 06:24:32 GMT
Date: Tue, 06 Sep 2022 04:24:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 03:45:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JfE4366z_47bc4cSH9nfwjC0gOUremOgTxF6ViWNuGWhqcC4B9dB4g==
Age: 2329
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KhsyqaJBtC8AyJEeEni4Ii1mEtS9oACHSwYah3D6_DE26qt3FeHbFg==
age: 11327
X-Firefox-Spdy: h2
go.cpm-controls.com/e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs
52.54.96.194301 Moved Permanently 0 B URL HTTP/1.1 go.cpm-controls.com/e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs
IP 52.54.96.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs HTTP/1.1
Host: go.cpm-controls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 04:24:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
location: https://go.cpm-controls.com/e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs
vary: User-Agent
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 04:24:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62aa66e3bfc4c014ff7e6451eb6a6903
7cb1c87ad3b174d91d3e7bb97ea94d5d05c8f102
7c91961183af387fbd809a9080133dcd299408f4034fd3eb52dd22cbb8f62d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C91961183AF387FBD809A9080133DCD299408F4034FD3EB52DD22CBB8F62D85"
Last-Modified: Sat, 03 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4318
Expires: Tue, 06 Sep 2022 05:36:02 GMT
Date: Tue, 06 Sep 2022 04:24:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 03:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 04:29:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 39jLVdo52RXzEYi_TrTjQNHoxDjYlVsVAcRDSlpgEkg1GEzEbfF8oA==
Age: 2746
go.cpm-controls.com/e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs
3.92.120.28301 Moved Permanently 175 B URL HTTP/1.1 go.cpm-controls.com/e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs
IP 3.92.120.28:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 650c51d0b88137f4000479e29c82fcce
e3beda041b0262943c58cc08cbecf73a01088d3d
004da0cb6022e2e71c713e95c192dba902d30a1b07fa5df43d33933c534117ed
GET /e/911112/-class-october-27-28-2022-html/nv8mk/1040472547?h=gd1cYuApTSiJOFPWrkpBB4ozzhhI_O-vGd5aMP-fELs HTTP/1.1
Host: go.cpm-controls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 04:24:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 175
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
location: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: max-age=63072000
expires: Thu, 05 Sep 2024 04:24:04 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:05 GMT
Last-Modified: Tue, 06 Sep 2022 02:56:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6MSSMerR9g6GNKQw5uV/cw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c5IF5KoJ+A5t+xaxvh3KHNI2288=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70d750c56c5685d95b764d3f06fca713
5afe674d1a31c146e39696accfb772eb9a1457ba
ff21d06164ef476c67e5d30655184c178e63084d29bb2c5c75461731a2287005
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF21D06164EF476C67E5D30655184C178E63084D29BB2C5C75461731A2287005"
Last-Modified: Mon, 05 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Tue, 06 Sep 2022 10:24:02 GMT
Date: Tue, 06 Sep 2022 04:24:05 GMT
Connection: keep-alive
www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
199.34.228.77200 OK 37 kB URL HTTP/1.1 www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39747)
Hash eacd34c29b7b0d634d9a8a3ebf488a56
ad9ec0461ba4ec506ac5d4031003e16b9e29b916
6e569245b83a37f2ca4069e0998eb4b8e6fb79725349a10fca787855aee3d6e3
Analyzer Verdict Alert fortinet Phishing
GET /2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:05 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.ppmglobalservices.com
language=en; expires=Tue, 20-Sep-2022 04:24:05 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"87d87aa831e567b92e92ae28cf006107-gzip"
Content-Encoding: gzip
X-Host: blu135.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 36808
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/old/fancybox.css?1654648342
151.101.85.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 29 Aug 2022 23:13:57 GMT
etag: "630d4835-f47"
expires: Tue, 13 Sep 2022 11:30:22 GMT
cache-control: max-age=1209600
x-host: grn69.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 579223
x-served-by: cache-sjc10052-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662438246.946091,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1654648342
151.101.85.46200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1654648342
IP 151.101.85.46:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Hash 15eaf839ff82242f8d02b1f60c073760
ed5886bbb71827073b52523683a95f0a051f8c40
c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
GET /js/site/main-commerce-browse.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 23:14:16 GMT
etag: "630d4848-f92d"
expires: Tue, 13 Sep 2022 08:14:53 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 590952
x-served-by: cache-sjc10059-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662438246.946075,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/sites.css?buildTime=1654648342
151.101.85.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 30 Aug 2022 19:50:18 GMT
etag: W/"630e69fa-347ac"
expires: Wed, 14 Sep 2022 10:32:15 GMT
cache-control: max-age=1209600
x-host: grn81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 496311
x-served-by: cache-sjc10041-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662438246.948491,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/social-icons.css?buildtime=1654648342
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 771ec2cf038214c40ed54dc7d0ce7e4c
20b2a198541e596346f26f9e15d51488bb76608b
33269d6ddede29e1043070cb0ee0f3034f154ce264970994fe071c092fa8b675
GET /css/social-icons.css?buildtime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 22 Aug 2022 20:43:15 GMT
etag: W/"6303ea63-3319"
expires: Tue, 06 Sep 2022 11:05:17 GMT
cache-control: max-age=1209600
x-host: blu115.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 1185528
x-served-by: cache-sjc10048-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662438246.949450,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1654648342
151.101.85.46200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (32011)
Hash e32a0ae988b9f1c9de6f0f70bfa0ffbd
c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
GET /js/site/commerce-core.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-f57e"
expires: Tue, 06 Sep 2022 12:18:17 GMT
cache-control: max-age=1209600
x-host: blu38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 1181148
x-served-by: cache-sjc10074-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662438246.951287,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1654648342
151.101.85.46200 OK 159 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1654648342
IP 151.101.85.46:0
File type ASCII text, with very long lines (32007)
Size 159 kB (158975 bytes)
Hash c29a5e4fd4ee0d3b7cd0597f2b9b602b
bb134ed641467954f4a724167dc7ea56a03e7fa8
bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
Analyzer Verdict Alert fortinet Malware
GET /js/site/main-customer-accounts-site.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 23:32:06 GMT
etag: "630957f6-8250f"
expires: Mon, 12 Sep 2022 12:37:57 GMT
cache-control: max-age=1209600
x-host: blu121.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 661568
x-served-by: cache-sjc10072-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662438246.947750,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158975
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W6HMK8K
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W6HMK8K
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash f189f66f83e2ee373df6a3e4b1aca4e8
86ca6e54ce0eecf9b29e3c876985215b7ff2a1ba
7146930d6e989a41f746790efd104ad7da3c683d3db0934c7b8957029bf589d2
GET /gtm.js?id=GTM-W6HMK8K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 04:24:06 GMT
expires: Tue, 06 Sep 2022 04:24:06 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ppmglobalservices.com/gdpr/gdprscript.js?buildTime=1654648342
199.34.228.77200 OK 16 kB URL HTTP/1.1 www.ppmglobalservices.com/gdpr/gdprscript.js?buildTime=1654648342
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- C source, ASCII text, with very long lines (14060)
Hash 8213569fa2d51a0bc22accceca61ee37
45e58c79e3670c3aab3484edac6e9496be43174d
145db81c3620213bbaa73d4f76cbbc6d47ada107470a31bd177f154649a1fbc5
GET /gdpr/gdprscript.js?buildTime=1654648342 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:06 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Tue, 20-Sep-2022 04:24:06 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: grn105.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Keep-Alive: timeout=10, max=43
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
cdn.oribi.io/Xy0yMDMyODkzNDEx/oribi.js
143.204.55.82200 OK 3 B URL HTTP/2 cdn.oribi.io/Xy0yMDMyODkzNDEx/oribi.js
IP 143.204.55.82:0
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /Xy0yMDMyODkzNDEx/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Tue, 06 Sep 2022 04:24:06 GMT
cache-control: public, max-age=60
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 275hM7dxX-IzCYbBKB5yfdz4J1rHEkZyqCsLePl_kf37HoDJaOJ9iw==
X-Firefox-Spdy: h2
www.ppmglobalservices.com/files/templateArtifacts.js?1654696781
199.34.228.77200 OK 1.6 kB URL HTTP/1.1 www.ppmglobalservices.com/files/templateArtifacts.js?1654696781
IP 199.34.228.77:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Phishing
GET /files/templateArtifacts.js?1654696781 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu24.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2808
Expires: Tue, 06 Sep 2022 05:10:54 GMT
Date: Tue, 06 Sep 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2808
Expires: Tue, 06 Sep 2022 05:10:54 GMT
Date: Tue, 06 Sep 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2808
Expires: Tue, 06 Sep 2022 05:10:54 GMT
Date: Tue, 06 Sep 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2808
Expires: Tue, 06 Sep 2022 05:10:54 GMT
Date: Tue, 06 Sep 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2808
Expires: Tue, 06 Sep 2022 05:10:54 GMT
Date: Tue, 06 Sep 2022 04:24:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 23760
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33c890c7-3b18-4d4b-add0-8ff463600dac.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33c890c7-3b18-4d4b-add0-8ff463600dac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dac1fe00cdfa4d93ac5a6faf3d4195e
edef86e8f104c99ba7ce1b8da160d8aebfb3cfd3
244beec1db6210613017ea2e2a21740bb55b610017763f3581ffe8d6979356ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33c890c7-3b18-4d4b-add0-8ff463600dac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9159
x-amzn-requestid: 083b5590-5f1d-40e5-be2f-d96709d4692b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAY4oEDgoAMFotw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e9d-71e2ad492668fa600b64b417;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:48:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: guRwEjPygjq0fycaUloPf2ysYcG4d3IvD3xaKNHxaJ_cMzd_BkN6aQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "edef86e8f104c99ba7ce1b8da160d8aebfb3cfd3"
content-type: image/jpeg
age: 21975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ppmglobalservices.com/files/main_style.css?1654696781
199.34.228.77200 OK 6.9 kB URL HTTP/1.1 www.ppmglobalservices.com/files/main_style.css?1654696781
IP 199.34.228.77:0
File type ASCII text, with very long lines (670)
Hash e4333c0d0354cf8337361d5623a74f91
69df16aea4b5d805728fe8c7ed06839c2f404b30
f24ed6a1266ef1241adb9409197b0098ec5fd76f7f06dc284affce19fdaf61eb
Analyzer Verdict Alert fortinet Phishing
GET /files/main_style.css?1654696781 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu14.sf2p.intern.weebly.net
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F138851fb-8f85-4c8f-bc68-6379594e193e.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F138851fb-8f85-4c8f-bc68-6379594e193e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f6a99e78dfec89481facf3a2d7d91af
f61b6ec5eabfb8fc0b80c9010f8d83839fcac402
270081c67dc47c59d0d1293f9321bf6e2a85011618d1076ec26e8ea125918c40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F138851fb-8f85-4c8f-bc68-6379594e193e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7406
x-amzn-requestid: 384d9ad8-ff0b-436d-846c-6119068ed381
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYAAEx5oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d33-3cf1e9207448200d306f731e;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2q-4HfYhelWQd6uhaeS8QNu5nnFNN_NUV5Qgj6j4KSCaz9JeBx-UuQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:05:38 GMT
age: 22708
etag: "f61b6ec5eabfb8fc0b80c9010f8d83839fcac402"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 07:44:45 GMT
age: 74361
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 06:23:03 GMT
age: 79263
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0efc32eccbf76ac0d89f324d09a7fd1f
f8589eb3907582137d8b9373af745d80eddbf1bb
ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8UExY-3ojiqMEfyXXKG6kJcB5CRiNnfgG5JQS3gWnd4t4bbKNzbsYA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:43 GMT
age: 23903
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ppmglobalservices.com/files/theme/custom.js?1556830109
199.34.228.77200 OK 1.8 kB URL HTTP/1.1 www.ppmglobalservices.com/files/theme/custom.js?1556830109
IP 199.34.228.77:0
Hash 697c59e01098eb0a4ecc5d2eeec52ede
e6ef89da323e2024eaeb9933b93e61a33217629a
6324c79976a9864103265af761c905bc8cdfdb7e631c71dc65eb838e82efd013
GET /files/theme/custom.js?1556830109 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 28 Sep 2021 18:36:32 GMT
x-rgw-object-type: Normal
ETag: W/"d5fb588a458645eb36265e3581aceea6"
x-amz-request-id: tx000000000000001b9d4c1-00628481d5-b9fbc7f-sfo1
X-Storage-Bucket: z7c94
X-Storage-Object: 7c94a9bdc62c584903702204b6ff060018717512c0eae82d0937ba0ee0092d94
X-Host: blu13.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f8268290f1ea715075ad0a284b25d64
9ff2e712b38d6a0d8600fd434e20b4a4cf6f34a3
598c60ad7b0c786955e44bf2cc58a30610ee31350d1ca5abfd8592e92f0c65e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "598C60AD7B0C786955E44BF2CC58A30610EE31350D1CA5ABFD8592E92F0C65E4"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7289
Expires: Tue, 06 Sep 2022 06:25:35 GMT
Date: Tue, 06 Sep 2022 04:24:06 GMT
Connection: keep-alive
www.ppmglobalservices.com/files/theme/plugins.js?1556830109
199.34.228.77200 OK 20 kB URL HTTP/1.1 www.ppmglobalservices.com/files/theme/plugins.js?1556830109
IP 199.34.228.77:0
Hash f949d0652f86cf688f158f57e45c8d88
f9634dc2aa2678f26708aefd82420a8aff002c92
3f3fb2fcdd039d7376833076b04ae214e0bb469fbf2f6ac9e40140ad0b6221f3
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/plugins.js?1556830109 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Apr 2020 15:10:21 GMT
ETag: W/"1c8a26f413525e51e0716d20f48b9146"
x-amz-request-id: tx00000000000000002abb7-005ea35ac3-10e20e2-las
X-Storage-Bucket: z04a6
X-Storage-Object: 04a6442538bbcd643a22e79a05200ea073ee4d8efb5bcae54ffb5d6303bb1385
X-Host: blu14.sf2p.intern.weebly.net
Content-Encoding: gzip
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-software-box_194.jpg
199.34.228.77200 OK 10 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-software-box_194.jpg
IP 199.34.228.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 295x250, components 3\012- data
Hash 79dbe8a7ea6050df91f3a1fb8388f1fe
6b3a43b69d735f79018abb97c63ac18ba8b50ac9
8964b8b248feb200a6ac297cde50c1b48860efcd61e5b329b474997099a11339
GET /uploads/1/2/5/4/125436625/primavera-p6-software-box_194.jpg HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: image/jpeg
Content-Length: 10059
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2019 22:07:34 GMT
x-rgw-object-type: Normal
ETag: "79dbe8a7ea6050df91f3a1fb8388f1fe"
x-amz-request-id: tx000000000000001c82be3-0062848a77-b9fbc29-sfo1
X-Storage-Bucket: z8964
X-Storage-Object: 8964b8b248feb200a6ac297cde50c1b48860efcd61e5b329b474997099a11339
X-Host: blu44.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
Hash ad35847f50e2092ce3744db8cfa438e0
af27516023bf8ee47a5448861230f87ba0b41ba3
be2773dad34f2fa63b42f821059d910388d86ec809cf8394527032f9c650b0a0
GET /css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 04:24:06 GMT
date: Tue, 06 Sep 2022 04:24:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gen.sendtric.com/countdown/uo4yd04deg
109.105.221.13200 OK 10 kB URL HTTP/2 gen.sendtric.com/countdown/uo4yd04deg
IP 109.105.221.13:0
Hash 1d7e7401fd23474a5c00205a7f025528
9cce5b91014e5e1333b043fe86e04736bc96519e
e5abdbb268941a6cf4a825b5e855093c08541feb6ce3f9cc707b7ee90e06eb34
GET /countdown/uo4yd04deg HTTP/1.1
Host: gen.sendtric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: image/gif
etag: 1731198549312020534
expires: -1
pragma: no-cache
vary: Accept-Encoding
date: Tue, 06 Sep 2022 04:24:06 GMT
server: Fly/ec6d9b89 (2022-09-02)
via: 2 fly.io
fly-request-id: 01GC8GN28DQMGKFG9P2E32SWR1-ams
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 463798
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:47:56 GMT
expires: Thu, 31 Aug 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 462970
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 558825
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:51:08 GMT
expires: Thu, 31 Aug 2023 19:51:08 GMT
cache-control: public, max-age=31536000
age: 462778
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 463798
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 558825
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:06 GMT
age: 416725
x-served-by: cache-sjc10034-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 4340
x-timer: S1662438247.890097,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148
199.34.228.77200 OK 27 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148
IP 199.34.228.77:0
File type PNG image data, 335 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 84061e75ebc0607aacb6389a927a3a9f
a59e9eaaaafe091174d1d608942cf42f0fdb1d4d
859e988a98960c53a3c6b2ec737a1ab60b909fffd067eed468ed9f3088049130
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/2/5/4/125436625/published/ppm-global-logo.png?1556672148 HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: image/png
Content-Length: 26655
Connection: keep-alive
Last-Modified: Wed, 01 May 2019 00:53:02 GMT
x-rgw-object-type: Normal
ETag: "84061e75ebc0607aacb6389a927a3a9f"
x-amz-request-id: tx000000000000010bbc1b1-0062da1ced-c03521c-sfo1
X-Storage-Bucket: z859e
X-Storage-Object: 859e988a98960c53a3c6b2ec737a1ab60b909fffd067eed468ed9f3088049130
X-Host: grn32.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.powr.io/powr.js
104.22.50.245200 OK 6.2 kB IP 104.22.50.245:0
File type HTML document, ASCII text, with very long lines (15830), with no line terminators
Hash db9ecc42b71180048977f80c3e4aba68
50ec7c9ed5124bfe4004d4d7f69c15fb539a67e0
9d2f5514a58dabfbcd3670945866d4afe35ae8731ec4713cd48d221b0bb7b5a0
GET /powr.js HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:05 GMT
content-type: application/javascript
cache-control: max-age=604800, public
cf-bgj: minify
expires: Mon, 04 Sep 2023 21:21:24 GMT
last-modified: Sun, 04 Sep 2022 21:21:17 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
age: 69242
server: cloudflare
cf-ray: 74646edd0be5b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4473
Expires: Tue, 06 Sep 2022 05:38:40 GMT
Date: Tue, 06 Sep 2022 04:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4460
Expires: Tue, 06 Sep 2022 05:38:27 GMT
Date: Tue, 06 Sep 2022 04:24:07 GMT
Connection: keep-alive
www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-professional-training_171.png
199.34.228.77200 OK 164 kB URL HTTP/1.1 www.ppmglobalservices.com/uploads/1/2/5/4/125436625/primavera-p6-professional-training_171.png
IP 199.34.228.77:0
File type PNG image data, 700 x 462, 8-bit/color RGBA, non-interlaced\012- data
Size 164 kB (164004 bytes)
Hash 435f85fc4f231c9bd244e5f11877c3c5
c8b2420434be9cb1d4ff15a3db4f62cdd4f65dd6
55a43ebbfd3bb54d0124e632d4449a9b344f4f3cf2ac495b2a6bf1efee527273
GET /uploads/1/2/5/4/125436625/primavera-p6-professional-training_171.png HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:06 GMT
Content-Type: image/png
Content-Length: 164004
Connection: keep-alive
Last-Modified: Tue, 18 Jun 2019 16:17:08 GMT
x-rgw-object-type: Normal
ETag: "435f85fc4f231c9bd244e5f11877c3c5"
x-amz-request-id: tx0000000000000193b201e-0062a8b074-b9fbc7f-sfo1
X-Storage-Bucket: z55a4
X-Storage-Object: 55a43ebbfd3bb54d0124e632d4449a9b344f4f3cf2ac495b2a6bf1efee527273
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21132
Expires: Tue, 06 Sep 2022 10:16:19 GMT
Date: Tue, 06 Sep 2022 04:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d93601cc2f457bfad392700f328f034a
854c7e99404e951060f8030f53750faafd277040
de7408598e8186cc5b8df74fbf496f3eefbbbe595cac4c84579f647ef46985e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE7408598E8186CC5B8DF74FBF496F3EEFBBBE595CAC4C84579F647EF46985E0"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8737
Expires: Tue, 06 Sep 2022 06:49:44 GMT
Date: Tue, 06 Sep 2022 04:24:07 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c5c1be3dcf198cf8cf8b5aff7455c969
3fca07a92ffdef09fd7ac0ca66bf742a821471dd
d6bea86a955037c59258788bd0cc4dd65d2b52c963aed995a7ae695293527490
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:07 GMT
Last-Modified: Tue, 06 Sep 2022 03:41:13 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aJ-Sig5TzJ3ZiSwLjvSfI0kDQ8RwYiEbmN4VQWMQZDS_w6w_5z0E8w==
Age: 2574
cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
151.101.85.229200 OK 33 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (32047)
Hash 63e182df0883a4702e8db066451bdba0
993f0816fd2c8286c0f59df00e2697d6f7ad25cb
b9c375a13d4fa1e14ba88460ddb93ac9d380e77965cceb203145127f6ea82961
GET /npm/jquery@1.11.2/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"176de-sz7jtCuYju+dTWJJW25U4j3WQv0"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:07 GMT
age: 5453902
x-served-by: cache-fra19169-FRA, cache-bma1665-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 33348
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 07193c446ec5d7bafcb56c6a868564f0
38a7a31fb6ff79c5df82e3f14170a17ad2ff82ec
55a229f376857bcb96ee4fa092aa97e2aae0f7e1364fc7619f02ab897cf5caec
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C59685CB4181686EB78B9C07F789AE65F5914F45"
Expires: Tue, 06 Sep 2022 16:00:00 GMT
Last-Modified: Tue, 06 Sep 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 564
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74646ee5fde20b69-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b80866a3e984dfcd41b8e3b5a2910355
07a6110cda520934b52b3b110769516c5fa9375b
29d7cdd414431cc62a84225be6d727028cfc74508aaf2aee15c9c3c53fac6dde
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:07 GMT
Etag: "63165146-1d7"
Server: ECS (amb/6BBB)
Content-Length: 471
www.weebly.com/weebly/images/file_icons/pdf.png
74.115.50.110200 OK 33 kB URL HTTP/1.1 www.weebly.com/weebly/images/file_icons/pdf.png
IP 74.115.50.110:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 8427712afa66ee68c0b1cd1f2ffb7d0f
8d0502a31f7d594983ebeee2fa0b631c79f9415d
f99cbcdbd9842094dda720b7b11cf335a491f52b977a2dd944b6aa4e2abcdb33
GET /weebly/images/file_icons/pdf.png HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:07 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 18:09:04 GMT
ETag: "8154-5e7b5a00f3000"
Accept-Ranges: bytes
Content-Length: 33108
X-Host: blu133.sf2p.intern.weebly.net
Vary: User-Agent
Keep-Alive: timeout=10, max=64
Connection: Keep-Alive
Content-Type: image/png
X-W-DC: SFO
Set-Cookie: sto-id-editor=MEADBNAK; Domain=weebly.com; Path=/
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
104.18.23.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
IP 104.18.23.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 7882327
accept-ranges: bytes
server: cloudflare
cf-ray: 74646ee69c8a0b65-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d
104.18.23.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d
IP 104.18.23.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 174321
accept-ranges: bytes
server: cloudflare
cf-ray: 74646ee69c930b65-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
104.18.23.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
IP 104.18.23.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 7884933
accept-ranges: bytes
server: cloudflare
cf-ray: 74646ee69c960b65-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 67c9019264924ecf97a5567289c014ad
0699df1c84a5eb45a01961d67e024fbea5d0c7aa
6a6c9b6ec366d2320d008d32898c02fbd0abfd97bb9632ca982f05d4b8eb7e07
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:07 GMT
Last-Modified: Tue, 06 Sep 2022 02:44:14 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R1hZjW6n11t4XMWB7oe4fzae0AMAJ8IVOjSMMLJFTvXh5a5LC6fo2Q==
Age: 5993
mas-d.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-d.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 67c9019264924ecf97a5567289c014ad
0699df1c84a5eb45a01961d67e024fbea5d0c7aa
6a6c9b6ec366d2320d008d32898c02fbd0abfd97bb9632ca982f05d4b8eb7e07
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:07 GMT
Last-Modified: Tue, 06 Sep 2022 02:36:27 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y-jRfRlZCFk4i_vsKhe0L4xh2Dt3E24M11p7mbVTSlE7zZkx4sRgeA==
Age: 6460
mas-e.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-e.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
mas-a.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-a.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
13.110.46.154200 OK 14 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
IP 13.110.46.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6823), with CRLF, LF line terminators
Hash c3bbbfa6b53b4ad5269ff23e44c718ed
423169fa5d2815aa80736a03f055cc143e727e39
58b59b2a7511fd2f116a33487c753ebd3e4096cc27e8f74657e313c5a3def865
GET /EventPage?eventId=a0V4z00000NKfdn HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:07 GMT
Set-Cookie: CookieConsentPolicy=0:1; path=/; expires=Wed, 06-Sep-2023 04:24:07 GMT; Max-Age=31536000
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Wed, 06-Sep-2023 04:24:07 GMT; Max-Age=31536000
BrowserId=v3_Vjy2bEe2BHu_3v5Hhfg; domain=.force.com; path=/; expires=Wed, 06-Sep-2023 04:24:07 GMT; Max-Age=31536000
BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg; domain=.force.com; path=/; expires=Wed, 06-Sep-2023 04:24:07 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=600
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Expires: Tue, 06 Sep 2022 04:34:07 GMT
Last-Modified: Tue, 06 Sep 2022 04:24:07 GMT
origin-trial: AklbvN3zzNjVBN1btIvZVEXQottJ9SBp7rLB02aNYemdUf5Qr9j+oRJsDOjqvHP7tqihWlADjfay3d+A5Ky3xAUAAACFeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZURpZmZlcmVudE9yaWdpblN1YmZyYW1lRGlhbG9nU3VwcHJlc3Npb24iLCJleHBpcnkiOjE2Mzk1MjYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
mas-c.mautic.net/mtc.js
104.197.240.53404 Not Found 37 kB IP 104.197.240.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (36831)
Hash 82b20c82261871743d2dafad19681164
6ff03f5b5cf2002da3b9156b0107900ba2e057c2
1cad4d2304646e8e64759b796a7113247b754d6df85d26b0050399e1f62f5399
GET /mtc.js HTTP/1.1
Host: mas-c.mautic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/html; charset=utf-8
content-length: 37401
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1184.min.js
151.101.86.137200 OK 11 kB URL HTTP/2 js-agent.newrelic.com/nr-1184.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (27995), with no line terminators
Hash 43e0aec0456ae54841a52fe989abb1ec
d9e080d86beada72e9e42092bede868db3d4aee4
9d7ecd792af230cea192e0786491921415d809686321da7414b3df85d875de07
GET /nr-1184.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vlrWWMMcD6PaK/7pcEzhUYxgoEeM4G4LZ2WMo+rqGou4ZJrl4nmrnnynZYC7VcboXQFypj4DwM4=
x-amz-request-id: NH2XE4MW0QPBT68H
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
etag: "3d7f312be60d08a2568e311e4762f3af"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 20
x-timer: S1662438248.684631,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 10624
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 264804
expires: Sun, 27 Aug 2023 04:24:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pK7mXWXl2Gf42s0NcQr6ZvkCgW27dVC1HoIpUZLhPMzLmD3NCyFYu1vI8cYNF5KBxBOQNjrN6agEitIla01MVWtH5rSkoUw6JRIXpZbjXqW8eJsQQURjPiDu%2BghXA5c5MqoFcDh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74646ee818cf0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js
104.21.26.9200 OK 293 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js
IP 104.21.26.9:0
File type ASCII text, with very long lines (7496)
Size 293 kB (293320 bytes)
Hash aa9a6ff48f95d1f18c73fc7a4b939e9e
ffc30350718679e7cd07de925bf94a83fd525fbf
5ff82ed7fa53b83a317647f4942b36bb313b98376bfde036e15ce47324f57958
GET /latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1443415
etag: W/"e822d53e710d360db765376e1873e372"
last-modified: Thu, 01 Sep 2022 03:58:42 GMT
x-amz-id-2: FrjuXVwd1e+9GMZYRdksjgJsn2Et0uAGrKgKRbuNzwZ3DkbPkqSdE4XbJD0Bv334KB7ziN513fo=
x-amz-request-id: JEX3K38M52ZRN61H
x-amz-version-id: VfKcndbtSJ.nMTq7neTviROxPhDVKHZc
cache-control: max-age=2073600
cf-cache-status: HIT
age: 606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqQBSlVTeXXgbHZOmi31LiSlUr4umU4AxsHlKYl6CQUG%2BCkw3KAd9DdaDE1tzXkvrxfAuzB1E8gDrwAGujC7UT5SCpdiR4ViuG6xYtKqvOdbGQ7qTBHuvr9enJpBGZHrxKK65SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74646ee56db41bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ppmglobalservices.com/
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/static/111213/js/perf/stub.js
13.110.46.154200 OK 618 B URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/perf/stub.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (941)
Hash 69e62cfb5bb10c2d2a0102c93af0e244
64d472e28864096fd2f1657aae04c9a9975033f2
9e55a124b4c87483683e0c8f0d20c603f615a539baf1fea80e337d9d1a56e021
GET /static/111213/js/perf/stub.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 09:59:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 09:59:23 GMT
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1103084
Content-Length: 618
s3-us-west-2.amazonaws.com/jsstore/a/G5QHN4M/ge.js
52.218.182.120200 OK 29 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/jsstore/a/G5QHN4M/ge.js
IP 52.218.182.120:0
File type ASCII text, with very long lines (29064), with CRLF line terminators
Hash ae6d979a31685f90477e03632901e631
e5a80a3bb85cd6270be8bc911fe2ed8ebd69ee15
22d013ecb7e47b184912813886f791a5301d9af0d4877ac60702eef093afdd0c
GET /jsstore/a/G5QHN4M/ge.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: G93FmmRRsS07fZxq28poVzSbG/585NhlrzUufTtV+iU8wmxMsXEM1+Bqfwxe0IRkyjLwf6A7OkM=
x-amz-request-id: 50N921SDZ5F913WB
Date: Tue, 06 Sep 2022 04:24:08 GMT
Last-Modified: Fri, 25 Mar 2022 15:32:11 GMT
ETag: "ae6d979a31685f90477e03632901e631"
Cache-Control: max-age=2592000
Expires: Sun, 24 Apr 2022 15:32:09 GMT
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 29066
bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=541&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=256&fe=466&dc=458&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662438242025,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:15,%22rp%22:30,%22rpe%22:31,%22dl%22:39,%22di%22:416,%22ds%22:428,%22de%22:458,%22dc%22:465,%22l%22:466,%22le%22:469%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=541&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=256&fe=466&dc=458&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662438242025,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:15,%22rp%22:30,%22rpe%22:31,%22dl%22:39,%22di%22:416,%22ds%22:428,%22de%22:458,%22dc%22:465,%22l%22:466,%22le%22:469%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=541&ck=1&ref=https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867&be=256&fe=466&dc=458&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662438242025,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:15,%22rp%22:30,%22rpe%22:31,%22dl%22:39,%22di%22:416,%22ds%22:428,%22de%22:458,%22dc%22:465,%22l%22:466,%22le%22:469%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:07 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74646ee86e7eb50f-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=5626ceb8f8d7fd84; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
training-events-ppmglobal.secure.force.com/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1661799017000
13.110.46.154200 OK 19 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1661799017000
IP 13.110.46.154:0
File type ASCII text, with very long lines (1993)
Hash 8407386c97ff1880a9607e24b93dcddc
f8e3482e85c4fbd46c4b0e15167c136961bd23a6
aa5d22165c8fc70ac15b5efe9d588bb920ea1b305b964cc82c4b704bd35c1889
GET /faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1661799017000 HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:07 GMT
Set-Cookie: CookieConsentPolicy=0:1; path=/; expires=Wed, 06-Sep-2023 04:24:07 GMT; Max-Age=31536000
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Wed, 06-Sep-2023 04:24:07 GMT; Max-Age=31536000
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: private,max-age=3888000
Last-Modified: Wed, 31 Aug 2022 06:46:37 GMT
Content-Type: text/javascript
Expires: Fri, 21 Oct 2022 04:24:07 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19446
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1895
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f9df4d73-c0ff-45ef-bd69-3672337cf1ed; Expires=Wed, 06 Sep 2023 04:24:07 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:07 GMT
Last-Modified: Tue, 06 Sep 2022 02:36:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Tue, 06 Sep 2022 04:17:11 GMT
expires: Tue, 06 Sep 2022 06:17:11 GMT
cache-control: public, max-age=7200
age: 416
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.adroll.com/j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js
143.204.55.31200 OK 21 kB URL HTTP/1.1 s.adroll.com/j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js
IP 143.204.55.31:0
File type ASCII text, with very long lines (1326)
Hash a1001b6f1d52c9b98902cc4e3c6f454a
6b3e26892166fffc9445b6206e7bc7ea36d17310
81ed1df3323988484f2be04bcdf51010d29b5e979373ebce52260a2299d66c4e
GET /j/TBR3BF6B4NEBHIKT3P47PS/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 00:04:40 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: BO35H.j5UyLmfwmrnHzMwjE44N4YPw1U
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 06 Sep 2022 04:24:07 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"c757176a58c6cb73028a1918d4f6e6ef"
Vary: Accept-Encoding
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
Age: 3101
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZLv51pLnwXkPZcH4x-2dj3pY54rQAk6TFvjz2mYUO08q08t-lyTrKg==
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 4QSKoc5LgOGTb3mWKKNRt+av0b661n16VqQVuRwePawYhsg2NeN6ag8cw4lLVq27FGJC0+AjQDBy+dmd+sSfBg==
priority: u=3,i
content-length: 26752
x-fb-trip-id: 1904183273
date: Tue, 06 Sep 2022 04:24:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:07 GMT
Last-Modified: Tue, 06 Sep 2022 02:36:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
s.adroll.com/j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js
143.204.55.31302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/TBR3BF6B4NEBHIKT3P47PS/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Tue, 06 Sep 2022 02:25:06 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
Age: 7141
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N20AvzvaFV5s2C_l48AmzfvKBSq6hAgZrT44eZuqDlrCLvhUvzjsDw==
training-events-ppmglobal.secure.force.com/jslibrary/1635874030238/sfdc/VFState.js
13.110.46.154200 OK 1.9 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1635874030238/sfdc/VFState.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (590)
Hash 652f9a53e09ac202380919533b44eec1
f7a6b87a5fd5b1498317abd9fd2da7998cc2a201
eac208e5bc50c56c8fddf3dfe3f79dbf5fbd7d1e7170e0584a7040166a77f0a7
GET /jslibrary/1635874030238/sfdc/VFState.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 12:49:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 12:49:39 GMT
Last-Modified: Mon, 22 Aug 2022 20:37:26 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1092868
Content-Length: 1853
s.adroll.com/j/exp/index.js
143.204.55.31200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.31:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ppmglobalservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:10:45 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 54CR.I9BC9Znk_eUBi_4NwuScKvxGyTv
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Sep 2022 00:59:48 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
Age: 12478
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ZyztCaAqkZQFXnuo2bGkVPGqiR0oLHegcBiYIVzRJ_dwv6XYN-1mA==
www.ppmglobalservices.com/favicon.ico
199.34.228.77200 OK 4.3 kB URL HTTP/1.1 www.ppmglobalservices.com/favicon.ico
IP 199.34.228.77:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 8171617226e7143f20fd955660f1f4f4
96e7d9549d571c0eeb8af1f4186f277ac8d7492c
1a41db3d990eb2232e5a74b0435a2a4d2e64142e28ab941ce89168f916a8c23f
GET /favicon.ico HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 04:24:07 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Wed, 01 May 2019 18:52:04 GMT
x-rgw-object-type: Normal
ETag: "8171617226e7143f20fd955660f1f4f4"
x-amz-request-id: tx000000000000001f92dff-006284bd59-b9fbc29-sfo1
X-Storage-Bucket: z1a41
X-Storage-Object: 1a41db3d990eb2232e5a74b0435a2a4d2e64142e28ab941ce89168f916a8c23f
X-Host: blu13.sf2p.intern.weebly.net
Accept-Ranges: bytes
training-events-ppmglobal.secure.force.com/static/111213/js/functions.js
13.110.46.154200 OK 10 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/functions.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (552)
Hash c8c8e554f33b49d8c581c753b8bd151b
a6daa1b5dd2f28c50d52e9663fa350dcc70bb76a
0568552f2c5ea4e22ac09091b649d121f9a5ee4692f0925bd64f11cf925be566
GET /static/111213/js/functions.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 07:00:09 GMT
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1113839
Content-Length: 10369
training-events-ppmglobal.secure.force.com/static/111213/desktop/desktopAjax.js
13.110.46.154200 OK 2.3 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/desktop/desktopAjax.js
IP 13.110.46.154:0
File type HTML document, ASCII text
Hash ef6cac8c3704d4267605b4c8780bf312
881b35e9852f35f0e591e177fac5fae964f85ef8
ceed73c693aeb31f9a7c4467cf9b421158ed2e2915d1095d47b0c84ede838554
GET /static/111213/desktop/desktopAjax.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 11:32:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 11:32:43 GMT
Last-Modified: Wed, 25 Jan 2012 20:29:10 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1097485
Content-Length: 2269
training-events-ppmglobal.secure.force.com/static/111213/js/picklist4.js
13.110.46.154200 OK 3.2 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/static/111213/js/picklist4.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (516)
Hash 5d1d12b4967630cb4089b4480aba4de2
1bbe30a962a3d3916ed6ca68203d874cca145b7a
a41fc932f74efb3e85d01e7dbf25360e48185266e4410e81a3de1bfc18deec2b
GET /static/111213/js/picklist4.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 06:05:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 06:05:59 GMT
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1117089
Content-Length: 3221
www.ppmglobalservices.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.77200 OK 348 B URL HTTP/1.1 www.ppmglobalservices.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.77:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.ppmglobalservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
Cookie: language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:07 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn22.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=61
Connection: Keep-Alive
Content-Type: application/json
public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
104.21.26.9200 OK 44 kB URL HTTP/2 public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
IP 104.21.26.9:0
File type Web Open Font Format, TrueType, length 31148, version 1.0\012- data
Hash 406c403f78c74e5ef822e229be4dc81f
7be8ac5cc38af2ab64273a4fd4ddaaad1cf66932
9618134bf8950f1a4856a7c6d7d97a5254a642ab50229744d085aa9ab78905e5
GET /fonts/gordita/gordita-regular-webfont-woff.woff HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: application/font-woff
x-amz-id-2: 95MUxLnCbIkss2kA/sLeKT8+0bdlFMCPvmC7RPdOn7SvMYvPB6nvjEu+0c5e3j5tF3BW5GIvYN4=
x-amz-request-id: MCMBQYEM5T8KRTGT
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 31 May 2021 12:44:51 GMT
x-amz-version-id: hx7AXNg7K1e1RTazyN_0DpBGtio5OElw
etag: W/"951cf61fb8b08593af1d6466359e32fe"
cache-control: max-age=2073600
cf-cache-status: HIT
age: 606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55cLTyFTwm0J15ucoOizCpZLYVSUMa8iK9HLRii2mUQzDTgudIDInLRLm7kyuwWnOEGPA%2Bi24WiyPKwuCw0xQ2WhZOK0%2Fo2YjVPdxvmr3TBmkFGzxZzuRn0plVTfhZjiq%2BnlU38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74646ee5bd290b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/jslibrary/1647410350238/sfdc/NetworkTracking.js
13.110.46.154200 OK 1.3 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1647410350238/sfdc/NetworkTracking.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (533)
Hash 53524e4c0d4ae578ea646bacc49df12b
2dddf14e84f4e0daa05c451ce146f0a0a1d73eb4
fdee9a8d50bbebb9a2f47c20436ed3ec1b8416855105482d38ae095c9ff5eb79
GET /jslibrary/1647410350238/sfdc/NetworkTracking.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 07:00:09 GMT
Last-Modified: Fri, 19 Aug 2022 20:26:06 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1113839
Content-Length: 1340
public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js
104.21.26.9200 OK 139 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js
IP 104.21.26.9:0
File type ASCII text, with very long lines (3731)
Size 139 kB (138986 bytes)
Hash f33e2bcf11c3fa6b50051140b29afaff
b43f26b1ccdf1bca7dc69d2d73cfd0fa3b22ce81
96eaecf77006912b941a06b7684f99cb0b1bc1819cc0a49468a8a4c9708fdcc3
GET /latest/assets/packs/apps/popup-f33e99cf847514d727de.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=851396
etag: W/"ee82673a7e322032869f0ffc2fc04181"
last-modified: Thu, 01 Sep 2022 03:58:38 GMT
x-amz-id-2: LoDyI4+1h+Zasn7aJKIHIbMFZzo5XfzA7+BwoNRoQV72B4Ej1CoYi+/sqz5RcjObmudbGFB7aps=
x-amz-request-id: HGVP722SCYBSMERS
x-amz-version-id: YrU1NsHh6T9wJQiLY2b7sIlGTYfAz08U
cache-control: max-age=2073600
cf-cache-status: HIT
age: 6799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdeDAIMdRpOJ%2FZ9Citj3pEX3HahpxF1o5AGpYlo9tNp5iBkG7hXkA7XREXw2SJLaWqVHzeSftcpYzanJwW0LJWoGmpTTngZbkYVlnHfzuzKUp1b3ORQKBJAh4xcccmrnjXVZqC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74646ee59dd21bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js
13.110.46.154200 OK 31 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (65451)
Hash 424baaec3551eb61100052d80b326e7d
30a6ef5f5c4a8120089b64deca13514480d45de2
8b9be681b6e18d28e9b43d571dd4d28c71d59b600cd69779ff3b7684012caaba
GET /resource/1561532081000/Eventbrite_Resources/vendor/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 07:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 07:00:09 GMT
Content-Type: application/x-javascript
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30719
Age: 1113839
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 49503a82090eeac40f0e24c940c04010
646727cb0c9b5400b0b778e125db6217a05c4505
91aa4ea3972b490e3c08d010ac96def351dac89c5c2630af3880383223eff835
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:08 GMT
Last-Modified: Tue, 06 Sep 2022 04:15:17 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NCjaUHIfmRFVl-i5fOWfAEHD7iBXAfyWVWvW2TZwGSozXP7XWxGHJA==
Age: 531
www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
104.22.50.245200 OK 114 kB URL HTTP/2 www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
IP 104.22.50.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22595)
Size 114 kB (113959 bytes)
Hash dd64e600b23d2e8830815d867397adc6
ade9fc556955fb69e5b0e8127bfb67414fabc60a
49660c6df5dd856193358e11a7b3ab4dd2a7c508a9da8de68f2dd3689f1f9993
GET /exit-popup/u/weebly_exit-popup_409384088895357867 HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/html; charset=utf-8
link: <https://public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps-view-2f72928b2e616c3dcc4b.js>; rel=preload; as=script; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/popup-f33e99cf847514d727de.js>; rel=preload; as=script; nopush
cache-control: max-age=1800, public
vary: Accept-Encoding
x-request-id: 928a20cb-e108-4e9a-acdd-416b37da1ccf
x-runtime: 0.045986
via: 1.1 vegur
cf-cache-status: HIT
age: 39564
server: cloudflare
cf-ray: 74646ee4e9d1b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
d.adroll.com/consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html&_s=e1251399b32c0b0aede23f1011f2fd79&_b=2
34.243.140.211200 OK 447 B URL HTTP/2 d.adroll.com/consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html&_s=e1251399b32c0b0aede23f1011f2fd79&_b=2
IP 34.243.140.211:0
File type ASCII text, with very long lines (447), with no line terminators
Hash 90b2c51b9f4e29511a6d089c9fbf7e20
f0cfcb953191ab02557d2abba60e17348844236c
7ae507ac2f10c3bd0efd72c337a941e8b80515e8e0b122614e15d2ce0f073acd
GET /consent/check/TBR3BF6B4NEBHIKT3P47PS?arrfrr=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html&_s=e1251399b32c0b0aede23f1011f2fd79&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:08 GMT
content-type: application/javascript
content-length: 447
server: nginx/1.20.0
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/base_styles.css
13.110.46.154200 OK 64 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/resource/1561532081000/Eventbrite_Resources/css/base_styles.css
IP 13.110.46.154:0
File type ASCII text, with very long lines (39520)
Hash f8c9603199872560f1dedba99ad42f8f
d9d958813a9db67d5f98d6d37c30392cf5a507b3
a21e92f588f81b64c69838953ed9357ef260c2e2a608b45cb13cf247b1aea1ca
GET /resource/1561532081000/Eventbrite_Resources/css/base_styles.css HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 12:49:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=3888000,immutable
Expires: Sat, 08 Oct 2022 12:49:39 GMT
Content-Type: text/css
P3P: CP="CUR OTR STA"
Last-Modified: Wed, 26 Jun 2019 06:54:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1092869
Content-Length: 64131
public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
104.21.26.9200 OK 40 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
IP 104.21.26.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 246002f088a6e92c3528da7ddc678f9c
7cddc9256416f6956a8a9e4d762a2c0b67fdf959
841f07ea6eec28cb666062abf43ea8091c5e16f99f67fd345656b0010d70d020
GET /latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=460092
etag: W/"2cbef8bacb84cdf787933b228259ff66"
last-modified: Thu, 01 Sep 2022 03:58:45 GMT
x-amz-id-2: qxS5P9nVRloAMtY1/Std2bGuR4hJhngLzDJZE+ZqrfK6/O7Xzo8eoRGQkMFBcOuzuYC/JNtV1oY=
x-amz-request-id: JEXFR41C22J62QTC
x-amz-version-id: aj8fAoKkazrla.jf97zf5WM0XDyxJjz9
cache-control: max-age=2073600
cf-cache-status: HIT
age: 6402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJwHQQl77DvzNKQGBP0mHoj5mew7GdfeWmQ74qE%2Bhxwnq%2Bi4ppzbebZ857I53tzV2py%2BCmW%2FCDQDjGpsSgcJ1hXCI6bIC2t9Vz6dyX2%2FoGpBJlTN1FM%2Bs5hTKDK4xJmI2IAIfHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74646ee55daa1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
training-events-ppmglobal.secure.force.com/jslibrary/1646649014238/sfdc/main.js
13.110.46.154200 OK 233 kB URL HTTP/1.1 training-events-ppmglobal.secure.force.com/jslibrary/1646649014238/sfdc/main.js
IP 13.110.46.154:0
File type ASCII text, with very long lines (21863)
Size 233 kB (233064 bytes)
Hash 8bc630822d628b108382efd4003363e0
a48754f108027290a303a89fb7c7a21ce5b0ef33
e0b4e1b67bf1fdd517f5d25756133a267daf32e68fcdd6bba9089126b0027935
GET /jslibrary/1646649014238/sfdc/main.js HTTP/1.1
Host: training-events-ppmglobal.secure.force.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://training-events-ppmglobal.secure.force.com/EventPage?eventId=a0V4z00000NKfdn
Connection: keep-alive
Cookie: BrowserId_sec=v3_Vjy2bEe2BHu_3v5Hhfg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 24 Aug 2022 11:32:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Thu, 22 Dec 2022 11:32:43 GMT
Last-Modified: Mon, 22 Aug 2022 20:37:28 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 1097485
Content-Length: 233064
www.facebook.com/tr/
31.13.72.36200 OK 0 B IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tr/ HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------84812279725073550442646867687
Content-Length: 4802
Origin: https://www.ppmglobalservices.com
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://www.ppmglobalservices.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 06 Sep 2022 04:24:08 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 02:41:12 GMT
expires: Tue, 06 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 6176
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2dece5feb8b544d6b9cdfc62a9a9664c
6e595402d61c7f3cb5cb52de248baabfd2b4a18f
e2b4e26ae8c716b658d93c656dfd5f31d033f3db1b21cc1540e4e35f574cbbff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 04:24:09 GMT
Last-Modified: Tue, 06 Sep 2022 03:53:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
js.driftt.com/core/assets/js/22.fd21eb42.chunk.js
54.230.111.73200 OK 36 kB URL HTTP/2 js.driftt.com/core/assets/js/22.fd21eb42.chunk.js
IP 54.230.111.73:0
Hash 9f4145da5817eaf62fb81cce8d61e5c7
c3541f2d689e2869d02b166c6ae0daf5f9483f2c
84528138c72b1d72cb29de06b634e0946766c9ea588f3a47338cafd1ed3a96bd
GET /core/assets/js/22.fd21eb42.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:05 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"cbf1bca421271b2567e00a478296192b"
x-amz-server-side-encryption: AES256
x-amz-version-id: rhriNS8WygjGEv2GTbSa16tsLJlBsIO5
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CvXbfZYsjYLRSzF45AV8w7mH3C6POSKct_ZyfG_TZBrEDVqQ3-gUaw==
age: 5548144
X-Firefox-Spdy: h2
pi.pardot.com/pd.js
3.215.172.219200 OK 1.9 kB IP 3.215.172.219:0
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training-events-ppmglobal.secure.force.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 04:24:09 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Thu, 01 Sep 2022 05:21:46 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Thu, 05 Sep 2024 04:24:09 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js
54.230.111.73200 OK 10 kB URL HTTP/2 js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js
IP 54.230.111.73:0
Hash 221ed971684848171fe463d6d77558b4
2e981fec55bac80d382ee90dd170b27e0e0fc48c
72878f63ccd2a2986eb656e86460822c94ae1397895821bba0cf2473f3480869
GET /core/assets/js/26.2d4cdbd1.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 31 Aug 2022 18:23:27 GMT
server: nginx
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
x-amz-server-side-encryption: AES256
x-amz-version-id: siv4sYmLp3BEOV5kWKjSS9V7tHMZAkGl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HoVBwXbw3M976G36KESHmx6f7QEwuEqbGF0XWslBDJJaePwbRvDCUw==
age: 468042
X-Firefox-Spdy: h2
js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
54.230.111.73200 OK 594 B URL HTTP/2 js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
IP 54.230.111.73:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1551), with no line terminators
Hash a397972de990701b946fb573d747e0b0
c204fe95f4f66c867c8b1fd1173f3bdc67d6b171
43c534b8d7d94ea5bcdcf2a00d63230e7041594f6ae0b8487f599b2cf3a5d1c9
GET /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792 HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 06 Sep 2022 04:24:09 GMT
cache-control: no-cache
etag: W/"fee11af2184d7af2cbe07132a525513a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PNCKUi6-Z_ZIdq-n0gspxQcOyq3SPb27SoqLpfMTW7IMQIfGlwucmg==
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
54.230.111.73200 OK 7.5 kB URL HTTP/2 js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (21749), with no line terminators
Hash 3c4020fa35e79e8b914b213b5c5e4563
78066c42a2db305c291d8a792f0e3d61663688a4
be825eec289ad1cc6cdaa4cd1cc7ca8aa828a9b87c5ded238bc7ab9899b12e9e
GET /core/assets/js/0.0b2ebd4a.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 22 Jun 2022 23:25:32 GMT
server: nginx
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
x-amz-server-side-encryption: AES256
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ms4smop-uWY15PgQIA64Vm--9qvFijx4ikxsMieo6p9rim5i4W7Rvw==
age: 6497917
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:09 GMT
Last-Modified: Tue, 06 Sep 2022 02:45:17 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y9hkQQB02EXH-aUXB1CmgvNcTF7YuN9bG1ETpGqspgpmYXOOBOD71g==
Age: 5932
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:09 GMT
Last-Modified: Tue, 06 Sep 2022 02:38:14 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sLF1VzKIthPqZa9OPQTuEJHi4667NXVfNJJbrmGnRI8uEuXxZwbZ-Q==
Age: 6355
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:09 GMT
Last-Modified: Tue, 06 Sep 2022 02:46:35 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kY_GdNQyS9t5nrc6rpZKIBXzQ1ZZuva8JpOsR4iHM-hGuIAZt99bgQ==
Age: 5854
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bb3f2777dc8ac36dcaaa4d06ade30824
24ac583bd8e6c5afce2fdd962732ecc274082d10
923acd57927b65f88020d48c47dbd14a6b41f54242b32bc687d9b04c4f75d276
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:09 GMT
Last-Modified: Tue, 06 Sep 2022 02:49:46 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oPZokqjP_qqVp5uqvhlYw7n8DN10R5oE0911cSh2enFnAt4MCO4amQ==
Age: 5663
js.driftt.com/core/assets/js/34.3cbd9261.chunk.js
54.230.111.73200 OK 3.2 kB URL HTTP/2 js.driftt.com/core/assets/js/34.3cbd9261.chunk.js
IP 54.230.111.73:0
Hash 2f9dd3a0736b427aead13efa210bf701
6609b6e25b9233fe7f49702659c2cf25e3656854
bd04c6c6d7ef86f10cdc54a44acbca7eacd3d1d2ea9d72f3f944e124d20368b3
GET /core/assets/js/34.3cbd9261.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:23 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
etag: W/"748f87dc8e48bdf52edce2868c5c428c"
x-amz-server-side-encryption: AES256
x-amz-version-id: 9WcUo8FUpPIrUIsoQRc2Y_xjFIjq3R62
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xB6eXjYyAkxvE-9FI1y5hBgPCbMREZ723KYVu1vq9VzruUyNv_NW2Q==
age: 918226
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/3.00aa1009.chunk.js
54.230.111.73200 OK 15 kB URL HTTP/2 js.driftt.com/core/assets/js/3.00aa1009.chunk.js
IP 54.230.111.73:0
Hash 202f0bd488523170f389a1ae3322c9b7
ef05332f6220863f65dd5f372c1f183331512465
def4cb5826ff3148bd339df55791fec889264d5bc4bf62ee1e61a35db5cc68fe
GET /core/assets/js/3.00aa1009.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 14 Jul 2022 19:21:46 GMT
server: nginx
last-modified: Wed, 13 Jul 2022 19:05:10 GMT
etag: W/"b6e857285e106c4d697971a13a9e5f01"
x-amz-server-side-encryption: AES256
x-amz-version-id: 999X6Dy8tQUXzeDhHGPsLNw5NdqaiqrR
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J33ZdSbwtB8DfT68Oy8MXBaWcIxWu-nrY6gG9PcnoOxgY80btyt62g==
age: 4611743
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/widget/init/v2
50.16.7.188200 OK 25 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/widget/init/v2
IP 50.16.7.188:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61228f8f544358e9ea1f463f01b5853c
582766f30c82dc2df6938c8e16455fa5e329afb1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
POST /monitoring/metrics/widget/init/v2 HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Content-Length: 138
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 8333f36585aaccde
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 40
server: istio-envoy
X-Firefox-Spdy: h2
bootstrap.api.drift.com/widget_bootstrap/ping
50.16.7.188200 OK 147 B URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap/ping
IP 50.16.7.188:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a28f2cbe6ba36a782f8e5c7d785fb924
a15136222a4239c808c598fa7d30f88c8b186b50
4162cf94175e84f376e183a8879ec511711ffbf7ccd5cb2621ea01f35102c1c0
POST /widget_bootstrap/ping HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 171
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 51d03c8c5b803e52
vary: Accept-Encoding
content-length: 147
x-envoy-upstream-service-time: 10
server: istio-envoy
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c68fb8cb60f99a8629260ea2b1cb467e
8af2f856cd0f4abf6c4791c515a433b259ef951b
7734379030d657ebc3d316cec9caa6e9af59028b2e38cc812de66a3479b712b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 04:24:10 GMT
Last-Modified: Tue, 06 Sep 2022 03:37:50 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OU9L_ojIu-52Nwkb9kRIyACkBxL9r8zVFjkPWsZ25-1_kpBGYasO_g==
Age: 2780
bootstrap.api.drift.com/widget_bootstrap
50.16.7.188200 OK 4.5 kB URL HTTP/2 bootstrap.api.drift.com/widget_bootstrap
IP 50.16.7.188:0
File type ASCII text, with very long lines (11648), with no line terminators
Hash 7d54caf7b891e221ae6adb83ffad7513
33e064b2578fd6b2935764afadaa7781e85b63f1
344c972d97646c9048baa2d77c73d74b06c40e4c79a390890468bbe60a0f3376
POST /widget_bootstrap HTTP/1.1
Host: bootstrap.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 606
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 1348d4d0b1425515
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 243
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
54.230.111.73200 OK 7.9 kB URL HTTP/2 js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
IP 54.230.111.73:0
Hash c9222b313121abf5df72f304e5024462
7b761210632a6c4f1b2578a12113f5593327e556
3b6c74ad8f40f6ab55d35a5110b6bb169a245813c8471fcf5b544a9f2639f7d1
GET /core/assets/js/21.b8c41db9.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 22 Jul 2022 00:55:28 GMT
server: nginx
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
x-amz-server-side-encryption: AES256
x-amz-version-id: f.0PmvFwFO6wHvpJ0r6JG1gTthOACCRK
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X-o_wl-sxrDmzcZFueh66Oo2PgjmMQeI8iVasaRVM0kH84zmKHPC2w==
age: 3986921
X-Firefox-Spdy: h2
p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%2522de75a136-183c-47f3-83b8-491705d5f024%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20(Advanced%20Resource%20%26%20Cost%20Mgt.)%20Training%20Class%3A%20October%2027-28%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
52.25.226.66302 Found 55 B URL HTTP/2 p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%2522de75a136-183c-47f3-83b8-491705d5f024%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20(Advanced%20Resource%20%26%20Cost%20Mgt.)%20Training%20Class%3A%20October%2027-28%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html
IP 52.25.226.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8ff7652691b4107b1c5ac5bd92df74d5
ef8dd565b903fa1b938a792a27a18807d5fe87bf
15f4cb3a367392b60ac263509fbd262ad49a58b5cc2682367db0100c0414fc8d
GET /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%2522de75a136-183c-47f3-83b8-491705d5f024%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20(Advanced%20Resource%20%26%20Cost%20Mgt.)%20Training%20Class%3A%20October%2027-28%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html HTTP/1.1
Host: p.alocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Sep 2022 04:24:10 GMT
content-type: image/GIF
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
set-cookie: uuid=5e5c0068-9add-4c39-8620-cd70155f9ca9; domain=.alocdn.com; path=/; expires=Wed, 06 Sep 2023 04:24:10 GMT; secure; SameSite=None
location: /c/vn3d8u2u/a/etarget/p.gif?label=G5QHN4M-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fg5qhn4m%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.1%2522%252C%2522guid%2522%253A%2522de75a136-183c-47f3-83b8-491705d5f024%2522%257D&title=2-Day%20Primavera%20P6%20Professional%20%28Advanced%20Resource%20%26%20Cost%20Mgt.%29%20Training%20Class%3A%20October%2027-28%2C%202022%20-%20PPM%20Global&url=https%3A%2F%2Fwww.ppmglobalservices.com%2F2-day-primavera-p6-professional-advanced-resource--cost-mgt-training-class-october-27-28-2022.html&tdc=1
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/runtime~main.bef95df7.js
54.230.111.73200 OK 8.7 kB URL HTTP/2 js.driftt.com/core/assets/js/runtime~main.bef95df7.js
IP 54.230.111.73:0
Hash 28dff195f8efcebde48b97236ae15c1b
048e7f6b0e18ca67d93b47a1f7a8c27520a8607d
897563a9de06afa2f2cb8f84c6da5e68ff46e3050d4b171a8e0c8cbd1d13c81e
GET /core/assets/js/runtime~main.bef95df7.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 31 Aug 2022 18:23:26 GMT
server: nginx
last-modified: Wed, 31 Aug 2022 18:10:12 GMT
etag: W/"e086f8acd2530042828444b37a1d77f9"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5Bb2GA_q6cpdGdsbvIylHuOc7jJBWoOg
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sau3EWdkQDlglhL7X63KYpCt2PobBNUnqr3YKMmZI3SMgMHfcnL7iA==
age: 468043
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js
54.230.111.73200 OK 22 kB URL HTTP/2 js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js
IP 54.230.111.73:0
Hash 5d16b8589314d48f031ee49cf7a8c8a4
c0403a6bc8a1ae95f8227480c0fae1188093a6a2
530371884e9d2692e09e0207b358911ca23b560a103dd2e59188676ab93da3c8
GET /core/assets/js/main~493df0b3.ac3a9470.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:04 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:58 GMT
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
x-amz-server-side-encryption: AES256
x-amz-version-id: hiapbHKSV4DShQCB29I8q9ZEQ_orBvh8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fBU5Brut4exQ6SC8CD0Ii2YvNVqFhIsdlfiCh7CAzSNHbhnWON9g4w==
age: 5548145
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/37.9da17c94.chunk.js
54.230.111.73200 OK 4.1 kB URL HTTP/2 js.driftt.com/core/assets/js/37.9da17c94.chunk.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (12626), with no line terminators
Hash f9f53fb55162e7ac4566716177c0cf7f
5c4d0d4807b8438d2155a3ac1ef7b96525fec83d
57561419cdb4dc3ff5bfa3925f162c8d5e43eba974981d49824ba461caff8f71
GET /core/assets/js/37.9da17c94.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Jun 2022 19:59:50 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
x-amz-server-side-encryption: AES256
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S_hfXeg25jZVVxdn2b7OsmT5OgfKlVRSoKdYoxhTpRhwp84A9OY_RQ==
age: 7633459
X-Firefox-Spdy: h2
presence.api.drift.com/ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUyMzIzOTc1MC00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUyMzIzOTc1MGQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgBqmAoRgwE.bsB4WTITZxAIIopr7Y6r3npgp-_5el5T8EDipxdA7RM&remote_ip=3.226.111.211&vsn=2.0.0
35.174.210.7101 Switching Protocols 0 B URL HTTP/1.1 presence.api.drift.com/ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUyMzIzOTc1MC00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUyMzIzOTc1MGQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgBqmAoRgwE.bsB4WTITZxAIIopr7Y6r3npgp-_5el5T8EDipxdA7RM&remote_ip=3.226.111.211&vsn=2.0.0
IP 35.174.210.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/websocket?session_token=SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFDEzMTQwMS0xNTUyMzIzOTc1MC00ZAAGb3JnX2lkbQAAAAYxMzE0MDFkAAlzY29wZV9zZXRtAAAABGxlYWRkAAd1c2VyX2lkbQAAAAsxNTUyMzIzOTc1MGQACXVzZXJfdHlwZWQABGxlYWRkAAZzaWduZWRuBgBqmAoRgwE.bsB4WTITZxAIIopr7Y6r3npgp-_5el5T8EDipxdA7RM&remote_ip=3.226.111.211&vsn=2.0.0 HTTP/1.1
Host: presence.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://js.driftt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JoflEuThq1O8do+w2ETW3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
cache-control: max-age=0, private, must-revalidate
connection: Upgrade
date: Tue, 06 Sep 2022 04:24:11 GMT
sec-websocket-accept: WZ0eP3rzNZJOKqYJa93BK/MzLDg=
server: Cowboy
upgrade: websocket
flow.api.drift.com/flows/render_initial_v3
50.16.7.188200 OK 13 B URL HTTP/2 flow.api.drift.com/flows/render_initial_v3
IP 50.16.7.188:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /flows/render_initial_v3 HTTP/1.1
Host: flow.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:11 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftfdd8e9c4612baff5b52d6ece6ac
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
flow.api.drift.com/flows/render_initial_v3
50.16.7.188200 OK 2.0 kB URL HTTP/2 flow.api.drift.com/flows/render_initial_v3
IP 50.16.7.188:0
File type JSON data\012- , ASCII text, with very long lines (4670), with no line terminators
Hash 872eb8ffde917b8246f1460ba01486e9
595d5fb945403d5ac3410d7c6416d4cf535d9f6d
74729e505c465bda4d0eed2d0b2c016c3afd25a64cd97537d33aba75eb6ae5f8
POST /flows/render_initial_v3 HTTP/1.1
Host: flow.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUyMzIzOTc1MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk3NDI1MCwiaWF0IjoxNjYyNDM4MjUwfQ.kl9Jy86rGUxCiAIRWcwXhXrGM5YYll66bn_A05Z07Plb0eHJJJS4nc-ACCjiRZIvVc489TjMWlFK0o4FhpZ8Jg
Content-Length: 564
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:11 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: b4d8ef61b4c68a6
vary: Accept-Encoding
content-encoding: gzip
content-length: 2034
x-envoy-upstream-service-time: 51
server: istio-envoy
X-Firefox-Spdy: h2
targeting.api.drift.com/impressions/widget
50.16.7.188200 OK 13 B URL HTTP/2 targeting.api.drift.com/impressions/widget
IP 50.16.7.188:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /impressions/widget HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift97d7a7949ec9384f87fa928663d
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/41.e483d03f.chunk.css
54.230.111.73200 OK 900 B URL HTTP/2 js.driftt.com/core/assets/css/41.e483d03f.chunk.css
IP 54.230.111.73:0
File type ASCII text, with very long lines (900), with no line terminators
Hash 0bd11a8facc0a9d41713c64ed1ba1289
23d92b5b9138666f5c33517d53451a6e2e8ec30a
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
GET /core/assets/css/41.e483d03f.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 900
date: Thu, 09 Jun 2022 19:59:53 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
x-amz-server-side-encryption: AES256
x-amz-version-id: mwravLhifH3zWz1LqFO8ki0npGazXQGv
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nIMqTw8QtSkAVg5-WFECauZNG7rASVvajJLYRROgUBu8Vd3PnOyZpw==
age: 7633459
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/41.c2d27989.chunk.js
54.230.111.73200 OK 303 B URL HTTP/2 js.driftt.com/core/assets/js/41.c2d27989.chunk.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (303), with no line terminators
Hash 46fb25b61455826d8b73185de5673b04
d15a3a86f02f00138438a94e617081380cd58ac1
70164ba4c1b7194f4cc46e423aa055d29e3d927b7e9abe6fecd156dd0270da76
GET /core/assets/js/41.c2d27989.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 303
date: Sun, 12 Jun 2022 06:13:20 GMT
server: nginx
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
etag: "46fb25b61455826d8b73185de5673b04"
x-amz-server-side-encryption: AES256
x-amz-version-id: 21f0wwUZtQS7fqJj7nCeaBcMtRG8zF2Z
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X9SQKKTiVrPxXz6IhI7036LlJCVx1Xp0xIhKClC0MpFUFjkr1Gph3g==
age: 7423852
X-Firefox-Spdy: h2
js.driftt.com/conductor/assets/4.3b34b074.chunk.js
54.230.111.73200 OK 158 B URL HTTP/2 js.driftt.com/conductor/assets/4.3b34b074.chunk.js
IP 54.230.111.73:0
File type ASCII text, with no line terminators
Hash 04cb478629934587f65fb92a62238885
4521636fa7b2b5bcfcedaddcf104519ed0629a60
574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e
GET /conductor/assets/4.3b34b074.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 158
date: Thu, 09 Jun 2022 20:00:04 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:21 GMT
etag: "04cb478629934587f65fb92a62238885"
x-amz-server-side-encryption: AES256
x-amz-version-id: nQFxs7iBS66EIffXR7YCiFHZOMBxbEWK
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5NHN4YA42kWsMBas8yYJjzkXoz5Nx5P3rbnfu6cQ-jqF9aph0XlCZw==
age: 7633448
X-Firefox-Spdy: h2
js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3
54.230.111.73206 Partial Content 7.8 kB URL HTTP/2 js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3
IP 54.230.111.73:0
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 5f7c6014cf73831f91963a668b71fbb9
c49eafebb17d0ae937eaa47e8f81392a8e271b69
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
GET /conductor/assets/media/notification.5f7c6014.mp3 HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 7755
date: Fri, 20 May 2022 04:40:28 GMT
server: nginx
last-modified: Wed, 18 May 2022 17:52:15 GMT
etag: "5f7c6014cf73831f91963a668b71fbb9"
x-amz-server-side-encryption: AES256
x-amz-version-id: wV32vUIfShKu7wTOM.13Fb46XZ95E34K
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-range: bytes 0-7754/7755
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r8e9m6nfUF94Qy7svr6R5XN1AaiRlJ4P7KJ5Y_FR_WYLvnGhVl3JYg==
age: 9416624
X-Firefox-Spdy: h2
targeting.api.drift.com/impressions/widget
50.16.7.188204 No Content 0 B URL HTTP/2 targeting.api.drift.com/impressions/widget
IP 50.16.7.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /impressions/widget HTTP/1.1
Host: targeting.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUyMzIzOTc1MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk3NDI1MCwiaWF0IjoxNjYyNDM4MjUwfQ.kl9Jy86rGUxCiAIRWcwXhXrGM5YYll66bn_A05Z07Plb0eHJJJS4nc-ACCjiRZIvVc489TjMWlFK0o4FhpZ8Jg
Content-Length: 707
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 04:24:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: 2fa43e3767f11f6d
x-envoy-upstream-service-time: 23
server: istio-envoy
X-Firefox-Spdy: h2
driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8
151.101.86.208200 OK 64 kB URL HTTP/2 driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8
IP 151.101.86.208:0
File type PNG image data, 198 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash 7dff6f4c8033fdc68b6f3907f24bc5b5
8597d602982b6a443fed37a793b1abb1a01585d7
0b7be0f8aae5516aacbec1003ad74f70abe6753178d8baa35b50158455763a94
GET /https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F262852%252Fd17eb39f93492484ac2304f70d6d2931pvzi42yu295p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D1989442f5c84bdc2221dfa0788532474?fit=max&fm=png&h=200&w=200&s=49159416869b9f4209238d4cb8dbbcd8 HTTP/1.1
Host: driftt.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 15:26:15 GMT
cache-control: public, max-age=315360000
server: imgix
x-imgix-id: b9695e59ae1524e2c5a1fc77187a566e3f736bbd
x-imgix-render-farm: 01.1
date: Tue, 06 Sep 2022 04:24:12 GMT
age: 1169877
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10076-SJC, cache-bma1629-BMA
x-cache: HIT, MISS
content-length: 64323
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/event2/bulk
50.16.7.188200 OK 13 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/event2/bulk
IP 50.16.7.188:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /monitoring/metrics/event2/bulk HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift73ae4334dd9807e6664e7d9068f
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
metrics.api.drift.com/monitoring/metrics/event2/bulk
50.16.7.188200 OK 25 B URL HTTP/2 metrics.api.drift.com/monitoring/metrics/event2/bulk
IP 50.16.7.188:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61228f8f544358e9ea1f463f01b5853c
582766f30c82dc2df6938c8e16455fa5e329afb1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
POST /monitoring/metrics/event2/bulk HTTP/1.1
Host: metrics.api.drift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTUyMzIzOTc1MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMTQwMSIsImV4cCI6MTY5Mzk3NDI1MCwiaWF0IjoxNjYyNDM4MjUwfQ.kl9Jy86rGUxCiAIRWcwXhXrGM5YYll66bn_A05Z07Plb0eHJJJS4nc-ACCjiRZIvVc489TjMWlFK0o4FhpZ8Jg
Content-Length: 747
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
requestid: 7f1e3b7d95941176
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 13
server: istio-envoy
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
104.21.26.9200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
IP 104.21.26.9:0
GET /latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=97779
etag: W/"8569d08b93b65be6f73bca7e48e87a62"
last-modified: Thu, 01 Sep 2022 03:58:45 GMT
x-amz-id-2: yDCQICvlfw4STe+c4Sag4iLPKh3kOygEEUUGblnTNA+lORCIMMdsOiV8G7dkISpVntFmUJESm/o=
x-amz-request-id: JEXB42GMV33KW9BZ
x-amz-version-id: _R6iCM.mJZnl7dJcxLE_Si6lPTW3nGop
cache-control: max-age=2073600
cf-cache-status: HIT
age: 5985
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjT8W9F4xQkFJ2%2BZx52XrlnUS3aqF%2BPXMhD%2BS3a20PqZDP%2BxSUOn63%2FEVUKYHpAzke%2F9P2WsFBv%2BUi5ljvtA6VMpjZkPf6uuVrzTbxgv%2FeeflZpsG40BXBsth0%2Bxm3s4exBYokc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74646ee55dac1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/17.6ccd0f69.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/17.6ccd0f69.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/17.6ccd0f69.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
etag: W/"a581fbb27874f93f15c3fe3784f2391a"
x-amz-server-side-encryption: AES256
x-amz-version-id: A6__olwCDz1FD.1X9WiQXDg59ZPZqaUK
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5JURMUv762p_RGL4HrlE8lZsW4yv2hFqHJYJl8liugzymMixl2sT9Q==
age: 918227
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1654648342&
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1654648342&
IP 151.101.85.46:0
GET /js/lang/en/stl.js?buildTime=1654648342& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:42:23 GMT
etag: "6303ea2f-2c44e"
expires: Tue, 06 Sep 2022 08:13:58 GMT
cache-control: max-age=1209600
x-host: blu127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 1195807
x-served-by: cache-sjc10024-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1662438246.958155,VS0,VE3
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2
js.driftt.com/include/1662438300000/37carub7tx2z.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/include/1662438300000/37carub7tx2z.js
IP 54.230.111.73:0
GET /include/1662438300000/37carub7tx2z.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 06 Sep 2022 04:24:06 GMT
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:54 GMT
etag: W/"bc71b7869279b01fc51fdc51af940b5e"
x-amz-server-side-encryption: AES256
x-amz-version-id: U0sriocF4WN07Hm2ZGmHfXq6eJt2Gqm6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qflO2edni0xUPjMzieHsyhGI36gWOpex18-M0ojmd80S6051wK8oJw==
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/25.8f107198.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/25.8f107198.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/25.8f107198.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 03 Jul 2022 23:15:05 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"e2511c69e5bdc03467952abaccdb5383"
x-amz-server-side-encryption: AES256
x-amz-version-id: WcCqQoAG3H9hj_QsryoONfIqJXy6i_Vu
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O77MzENjGvjx9EsJOUKSg4HLjfYITT9sBkJ-SUVipFPIvCKJ2KUEow==
age: 5548144
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css
IP 54.230.111.73:0
GET /core/assets/css/34.11d2b6a7.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Sat, 02 Jul 2022 23:19:59 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:54 GMT
etag: W/"87532c4db85f1429fa6d759bc3332f36"
x-amz-server-side-encryption: AES256
x-amz-version-id: _3ypchvV2Y1htZw1RZMu3A33yhTTURn1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I7sDMSn6wFOcfR_GyCFsf5BJqRUNhh180pNIPiUPj-OlAtbpCfXL9g==
age: 5634250
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/52.b6e19470.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/52.b6e19470.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/52.b6e19470.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 15 Aug 2022 14:58:15 GMT
server: nginx
last-modified: Mon, 15 Aug 2022 14:54:41 GMT
etag: W/"bad20cb6447399d927f280df2d62ca0c"
x-amz-server-side-encryption: AES256
x-amz-version-id: RsSkBCjzvBw3GerIVkk_9htbmnC6yc51
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fMu70GlX5Q6l9mtNYhAHE0TGQxPeWalFniuUyWU3nRwgdRVriqLmFw==
age: 1862756
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Actor&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 04:24:06 GMT
date: Tue, 06 Sep 2022 04:24:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css
104.21.26.9200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css
IP 104.21.26.9:0
GET /latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=609722
etag: W/"54c182ec679dc8155d25a158016e0b18"
last-modified: Thu, 01 Sep 2022 03:58:42 GMT
x-amz-id-2: DHtC7Pi2S/Roz0SrmSMCeG8qBEJSG5asaIBFAjI5rScInwPhNwGHifYdeEQU0SGfTNDGrRf1uBc=
x-amz-request-id: HGVP9PM4NVTE88H2
x-amz-version-id: 2KlFZD36h2q_8WbPli9gZD.eoBMjGIKn
cache-control: max-age=2073600
cf-cache-status: HIT
age: 5892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1fFiGaeAiHnLjNs6XBtXX05BxXdPM0N6LQnL6%2BN0y57t0ZpSMxAQbIOpslcEeu1RvyPZMu%2B%2FVpfrXimFkYJjWRnlGXoB553%2BHg4Rz6PxrObJB%2FsDeMKIqEXUfIJZI5w7%2BFWOyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74646ee58dc11bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/27.9bf46b67.chunk.css
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/css/27.9bf46b67.chunk.css
IP 54.230.111.73:0
GET /core/assets/css/27.9bf46b67.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 12 Aug 2022 18:08:02 GMT
server: nginx
last-modified: Fri, 12 Aug 2022 17:25:54 GMT
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
x-amz-server-side-encryption: AES256
x-amz-version-id: OwtYu1UfCDk9O65HArj6B6mV7fLBXaFN
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: slTRyD1C_0xRZZuAX_r40RZme0OC1geYVmJ82Tn7Sh6Z6sI6TtCmQg==
age: 2110567
X-Firefox-Spdy: h2
www.powr.io/cached/30868889.json
104.22.50.245404 Not Found 0 B URL HTTP/2 www.powr.io/cached/30868889.json
IP 104.22.50.245:0
GET /cached/30868889.json HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: iFOFU21aev1xmOBMySAjLdqjD8Ors28OGAfwAEk1yNDZ7dT69EmG0L42_vshVBp69LO9qbTrKuLV2miytYTccA
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.powr.io/exit-popup/u/weebly_exit-popup_409384088895357867
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: application/json
cache-control: max-age=300, public
vary: Accept-Encoding
x-request-id: 1fe14506-4056-46eb-a25d-c1fd949a50bf
x-runtime: 0.020703
via: 1.1 vegur
cf-cache-status: HIT
age: 39563
server: cloudflare
cf-ray: 74646ee7bc1bb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/9.535a3a94.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/9.535a3a94.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/9.535a3a94.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:17 GMT
etag: W/"073dafbb4b9bd1b881e6475386b712ee"
x-amz-server-side-encryption: AES256
x-amz-version-id: oCovUdRwAlg.GGR_hVxwJrKIYj.O.YqJ
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xmba-9yoyDh2OaUweKfZch1I8DLWnrig6X60_TCyGw9Eg0k16fYQGQ==
age: 918227
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/19.c6476f9e.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/19.c6476f9e.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/19.c6476f9e.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
etag: W/"577a5b4c4d4e15fe510f6e9d62882f27"
x-amz-server-side-encryption: AES256
x-amz-version-id: iwfAR0XWOD35qtGdWcZt_c4r2xii5fG_
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uqzZ-3Z1nyzsXWtcOgtJ7a55lEjcua3btRPKKeeLMSR2F_A-1B4HrQ==
age: 918227
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 04:24:06 GMT
date: Tue, 06 Sep 2022 04:24:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/8.611ead2e.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/8.611ead2e.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/8.611ead2e.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Jun 2022 19:59:49 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
x-amz-server-side-encryption: AES256
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QLcI42u9Rk0P01fMgzw6aQKwmWfBpoA8T5Ow5mBNgrAQ4ZxEaOFN4A==
age: 7633460
X-Firefox-Spdy: h2
kit.fontawesome.com/14579ba48d.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/14579ba48d.js
IP 104.18.23.52:0
GET /14579ba48d.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fuu_NKRKzsFcWtfaTAAi
cf-cache-status: HIT
age: 50
server: cloudflare
cf-ray: 74646ee5ba5c0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/31.a2b3c0b5.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/31.a2b3c0b5.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/31.a2b3c0b5.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662438240792
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 26 Aug 2022 13:20:23 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
etag: W/"7d8bb443a5de3257f895de8bf92ff127"
x-amz-server-side-encryption: AES256
x-amz-version-id: E6NeJTbwpOMQ0eNbyU6FVfN0HWCLyHlQ
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f0veAbJ_mlihrALJ8D72RK7nLAGBs8yPf-F9UFYkVQcSG5x3V9MMSQ==
age: 918226
X-Firefox-Spdy: h2
js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
IP 54.230.111.73:0
GET /core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 06 Sep 2022 04:24:09 GMT
cache-control: no-cache
etag: W/"fee11af2184d7af2cbe07132a525513a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rJRvwtX8fkc23G1pU1PrHiUx4DyKHg6enk4KW-WEe3tM6nEaq2FJCQ==
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1654648342
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1654648342
IP 151.101.85.46:0
GET /js/site/main.js?buildTime=1654648342 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmglobalservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 20:43:39 GMT
etag: "6303ea7b-74804"
expires: Tue, 06 Sep 2022 08:16:12 GMT
cache-control: max-age=1209600
x-host: blu49.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 04:24:05 GMT
age: 1195674
x-served-by: cache-sjc10051-SJC, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 830
x-timer: S1662438246.954052,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2
js.driftt.com/core/assets/js/39.0cc86423.chunk.js
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/js/39.0cc86423.chunk.js
IP 54.230.111.73:0
GET /core/assets/js/39.0cc86423.chunk.js HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 21 Jul 2022 05:13:08 GMT
server: nginx
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
x-amz-server-side-encryption: AES256
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X8h9AMSkQVPzbExNNEFEfPIGoRhiFbZo6DSfGb64yvQ-xKC9nz5WHA==
age: 4057861
X-Firefox-Spdy: h2
js.driftt.com/core/assets/css/9.f50eb0b3.chunk.css
54.230.111.73200 OK 0 B URL HTTP/2 js.driftt.com/core/assets/css/9.f50eb0b3.chunk.css
IP 54.230.111.73:0
GET /core/assets/css/9.f50eb0b3.chunk.css HTTP/1.1
Host: js.driftt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=37carub7tx2z®ion=US&forceShow=false&skipCampaigns=false&sessionId=e2aa94c1-f248-4aa4-a05a-b1c56f5fc3e6&sessionStarted=1662438243.803&campaignRefreshToken=24de62ea-511f-40fd-a6bd-ad910b5852be&hideController=false&pageLoadStartTime=1662438240792&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 26 Aug 2022 13:20:22 GMT
server: nginx
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
etag: W/"e6efd75f849f72222df348ff402e8026"
x-amz-server-side-encryption: AES256
x-amz-version-id: cfUNfNdGGDHKWON2NXR5AFmNvq8uIDRB
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UAgDby5K31ORBjNUlvAYrROW3noyE73YAcuRJo-xlLEVjCKN8AWVsA==
age: 918227
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 04:24:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 11/04/2021 22:40:16
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.0
cdn-requestid: a0669b23f8a3a4d2d54e12d18ef5c3e0
cdn-cache: HIT
cf-cache-status: HIT
age: 14656158
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74646ee5ba41b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2