Report - track.auroratrainingadvantage.com/go/1/3304efe33e9695fd665b06b625580045/25653/612d35144686fa423947229f28c3afba/716a5d9b93f1c13ca6473c7b9fa19141/25653

Report Overview

Submitted URL

track.auroratrainingadvantage.com/go/1/3304efe33e9695fd665b06b625580045/25653/612d35144686fa423947229f28c3afba/716a5d9b93f1c13ca6473c7b9fa19141/25653
IP

209.126.35.43

ASN

#11019 HAPROXY-TECHNOLOGIES
Submitted

2023-11-20T21:17:05Z

Access

public
Website Title

PTO Design and Management for Engaged, Happy Employees - Aurora Training Advantage
Final URL

auroratrainingadvantage.com/webinars/pto-options-a/
Tags

None
urlquery detections

MSOffice_Macro_HTTP_Payload_Download

Detections

urlquery

2
Network Intrusion Detection

0
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
region1.analytics.google.com (1)	unknown	2022-03-17 12:26:33	2023-11-19 20:13:04	863	458	216.239.34.36
www.google.com (3)	7	2015-05-10 13:11:19	2023-11-19 18:48:38	1834	37458	142.250.74.164
log.olark.com (1)	13244	2012-05-21 09:08:52	2023-11-20 05:24:07	854	213	34.96.127.16
cognito-identity.eu-west-1.amazonaws.com (2)	12726	2015-03-08 19:44:15	2023-11-20 07:51:12	1164	989	52.18.169.75
d2d7do8qaecbru.cloudfront.net (1)	unknown	2021-02-05 18:28:35	2023-11-20 09:21:45	547	12953	143.204.55.48
ls.smct.co (1)	unknown	2022-10-14 12:57:18	2023-11-20 02:58:50	525	2350	143.204.55.48
track.auroratrainingadvantage.com (1)	unknown	2023-08-01 23:33:36	2023-11-20 02:58:44	605	1014	209.126.35.43
cdn.jsdelivr.net (1)	439	2012-09-30 02:15:09	2023-11-19 18:12:10	433	65312	151.101.129.229
www.mczbf.com (2)	9496	2019-07-24 19:55:51	2023-11-20 08:45:55	961	18236	54.230.111.19
fonts.gstatic.com (10)	unknown	2014-09-09 02:40:21	2023-11-20 03:42:02	5632	200264	216.58.207.227
www.google.no (1)	25607	2016-04-05 21:50:59	2023-11-20 03:03:38	582	578	142.250.74.163
ws-mt1.pusher.com (2)	8253	2018-09-20 13:30:02	2023-11-20 09:14:43	1256	534	3.230.208.50
auroratrainingadvantage.com (11)	245067	2013-07-18 00:50:02	2023-11-20 02:58:45	12694	4872702	67.222.139.58
static.olark.com (11)	12270	2012-07-24 22:31:25	2023-11-20 05:24:05	5551	450076	192.229.233.34
smct.co (1)	26060	2015-10-20 10:16:35	2023-11-20 03:15:41	429	4926	54.154.115.40
js.smct.co (3)	346270	2020-09-24 22:38:26	2023-11-20 02:58:49	1288	95216	143.204.55.48
nrpc.olark.com (1)	24310	2017-01-30 09:04:06	2023-11-17 11:26:16	721	1439	34.96.127.16
api.olark.com (1)	13841	2012-09-01 03:39:04	2023-11-20 05:24:07	628	620	34.96.127.16
status.geotrust.com (2)	3662	2017-12-01 09:55:31	2023-11-19 18:28:34	666	1377	192.229.221.95
www.googletagmanager.com (1)	75	2013-05-22 04:07:37	2023-11-20 02:37:41	436	96702	142.250.74.72
storage.googleapis.com (4)	420	2012-08-06 08:33:30	2023-11-20 03:53:03	1904	89348	142.250.74.27
www.gstatic.com (5)	unknown	2016-07-26 11:37:06	2023-11-20 03:36:41	2427	603003	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (66)

URL IP Response Size

track.auroratrainingadvantage.com/go/1/3304efe33e9695fd665b06b625580045/25653/612d35144686fa423947229f28c3afba/716a5d9b93f1c13ca6473c7b9fa19141/25653

209.126.35.43

302 Found

URL User Request GET HTTP/2

track.auroratrainingadvantage.com/go/1/3304efe33e9695fd665b06b625580045/25653/612d35144686fa423947229f28c3afba/716a5d9b93f1c13ca6473c7b9fa19141/25653
IP

209.126.35.43:443
ASN

#11019 HAPROXY-TECHNOLOGIES

Certificate

IssuerSectigo Limited

Subjecttrack.auroratrainingadvantage.com

FingerprintB4:C4:83:58:EB:08:7D:3E:4E:3D:DF:3D:B4:6A:C3:9F:3C:EF:F8:A2

ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /go/1/3304efe33e9695fd665b06b625580045/25653/612d35144686fa423947229f28c3afba/716a5d9b93f1c13ca6473c7b9fa19141/25653 HTTP/1.1
Host: track.auroratrainingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 302 Found
date: Mon, 20 Nov 2023 21:16:38 GMT
server: Apache/2.4.57 (codeit)
set-cookie: JSESSIONIDTC1=1A6A5B3C5ACE0D91308048E4B464A1E6; Path=/; HttpOnly; httpOnly
cfid=3b42f688-fd47-4b77-90a2-b75eeac10c97;Path=/;Expires=Sun, 10-Dec-2023 22:54:42 UTC;HttpOnly; httpOnly
cftoken=0;Path=/;Expires=Sun, 10-Dec-2023 22:54:42 UTC;HttpOnly; httpOnly
CF_CLIENT_TTRACKAURORATRAININGADVANTAGECOM_LV=1700514998523;Path=/;Expires=Sun, 18-Feb-2024 21:16:38 UTC;HttpOnly; httpOnly
CF_CLIENT_TTRACKAURORATRAININGADVANTAGECOM_TC=1700514998523;Path=/;Expires=Sun, 18-Feb-2024 21:16:38 UTC;HttpOnly; httpOnly
CF_CLIENT_TTRACKAURORATRAININGADVANTAGECOM_HC=2;Path=/;Expires=Sun, 18-Feb-2024 21:16:38 UTC;HttpOnly; httpOnly
location: https://auroratrainingadvantage.com/webinars/pto-options-a/
content-type: text/html;charset=UTF-8
content-length: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

status.geotrust.com/

192.229.221.95

471

URL

status.geotrust.com/
IP

192.229.221.95:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

ec4f8a21418b0b6bfd1514cd39189281

f37a504cb8b269284390ced1f91669c433cffb6c

ec75c8dc085e940e421b2b7a347d28e305da1d54e682e3ae4008e67d796c9749

HTTP Headers

                                        POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 20 Nov 2023 21:16:39 GMT
Server: ECAcc (amb/6B48)
Content-Length: 471

cdn.jsdelivr.net/npm/add-to-calendar-button@2

151.101.129.229

200 OK

64543

URL GET HTTP/2

cdn.jsdelivr.net/npm/add-to-calendar-button@2
IP

151.101.129.229:443
ASN

#54113 FASTLY

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGlobalSign nv-sa

Subjectjsdelivr.net

Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09

ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

Magic

ASCII text, with very long lines (34129)

Size

64543
Hash

933272c236795f68647c05ff49068368

589f95460c7b5219c7b84772a9a064759a35944f

bd42acc052ccfce7aba6a3fa36364090a5e13241757dee2d15fb21f521030e73

HTTP Headers

                                        GET /npm/add-to-calendar-button@2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.4.3
x-jsd-version-type: version
etag: W/"47b48-WJ+VRgx7UhnHuEdyqaBkdZo1lE8"
content-encoding: br
accept-ranges: bytes
date: Mon, 20 Nov 2023 21:16:40 GMT
age: 33158
x-served-by: cache-fra-etou8220056-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 64543
X-Firefox-Spdy: h2

www.mczbf.com/tags/563181860044/tag.js

54.230.111.19

200 OK

17239

URL GET HTTP/1.1

www.mczbf.com/tags/563181860044/tag.js
IP

54.230.111.19:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subjectwww.mczbf.com

FingerprintDC:C7:F0:54:32:B8:50:7F:F5:75:DB:A6:A7:0F:D5:B2:8F:4E:10:76

ValiditySun, 21 May 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (53715)

Size

17239
Hash

515aceafdf566ef66256131cb1ef9f9e

f4b0463ae8671f0bbd211d2d0d829300863494e3

0e24b84e665d5408e2afae280663eb37766cbae6f53b30f9fb343e37d55d0839

HTTP Headers

                                        GET /tags/563181860044/tag.js HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 20 Nov 2023 21:08:37 GMT
X-Request-ID: f8dc8d3c-87e8-11ee-81f7-f78d7fe5460d
Cache-Control: max-age=1800
Server: nginx
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mZiveT2_IQua8C7kjpjNoXGlxEpw_zuSki5wtKYA8Zu_JmPcy4ZVVw==
Age: 483

www.googletagmanager.com/gtag/js?id=G-5NN7KQVF19

142.250.74.72

200 OK

96101

URL GET HTTP/2

www.googletagmanager.com/gtag/js?id=G-5NN7KQVF19
IP

142.250.74.72:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34

ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

Magic

ASCII text, with very long lines (7711)

Size

96101
Hash

70b156cb4eaee182ac287dc370bbdf66

69c03b185875a41bbccb6ce80f1759944810b580

1c46919e9f4c3e8246a763e6c6e1225b2e43e0748d8b05a2226524a307e2b066

HTTP Headers

                                        GET /gtag/js?id=G-5NN7KQVF19 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 21:16:40 GMT
expires: Mon, 20 Nov 2023 21:16:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96101
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

auroratrainingadvantage.com/assets/css/common/slide-out.css?id=e184359244c24010309d

67.222.139.58

200 OK

354

URL GET HTTP/2

auroratrainingadvantage.com/assets/css/common/slide-out.css?id=e184359244c24010309d
IP

67.222.139.58:443
ASN

#30277 DFW-DATACENTER

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectauroratrainingadvantage.com

Fingerprint1A:73:1F:40:60:41:42:FA:AE:3C:8C:32:92:80:05:1A:27:D8:2F:C4

ValidityFri, 09 Dec 2022 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (616)

Size

354
Hash

e184359244c24010309d8d146f02c907

1d64e2995f228962943189b34222de12651a1aac

6fc05efad911c2f7ba429e4a2a368a59a448191b41d65f1976fec33a6ba6815b

HTTP Headers

                                        GET /assets/css/common/slide-out.css?id=e184359244c24010309d HTTP/1.1
Host: auroratrainingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/webinars/pto-options-a/
Cookie: XSRF-TOKEN=eyJpdiI6Ilh0alJ2UmMwTDVzaDYxN3hNRElndVE9PSIsInZhbHVlIjoia1M1a20xbkVGM3dQK3pRYXNvZlQvUXdiL05nODdsSS9OWmx3dERnb1VxeHBpeTVPK25iRmVJZjl2WHdqQnpZUVk5SENtSVBSeXBFN1JVUTFaVFkxUXpYZThHY2F2RHI5TENJMk5IUzYyRjdIVVd1OHQwRzZUSEJMTHpOVkEvT2siLCJtYWMiOiI3Njg4YTRhNTYyYWMzYzVjNmEyYTk1OWJhMDQwMzg4N2E5Y2E1ZTljNjhlYzg0MjRjZGUwZTM3ZTQ1ODhlODJhIn0%3D; aurora_session=eyJpdiI6IkdEaHVHMVdoNHJRRXRpYTVmRjg4TVE9PSIsInZhbHVlIjoiZDBuOG01dmFOeFl0dnY5cjNPL3YrSk5UNUhiMEZRWkZYUkVDMGR5ZkhTd015c21LbmpjWFRLR1BZSG1ZanlhM1M2bktsdkt1cWszSGVZcnlzV0dKUlMwSm1EZnlTZ1VVZ05hYkcyRkJMRGZMOTVSOVJlTzBuT1ROdzJVY3R4bVAiLCJtYWMiOiI1YzZmNTRmNDg4ZGI4MWZlN2NmMWU1OTk4ODQwNzIzYjI5YTE2NjAwZmM3YzI2YzRhYzkxOTBkZjkzMmNjNGUzIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 21:16:40 GMT
content-type: text/css
content-length: 354
x-accel-version: 0.01
last-modified: Tue, 14 Nov 2023 14:46:04 GMT
etag: "269-60a1dd898f212-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=31536000, public
expires: Tue, 19 Nov 2024 21:16:40 GMT
pragma: public
x-powered-by: W3 Total Cache/0.9.4.1, PleskLin
X-Firefox-Spdy: h2

www.mczbf.com/563181860044/pageInfo

54.230.111.19

200 OK

URL POST HTTP/1.1

www.mczbf.com/563181860044/pageInfo
IP

54.230.111.19:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subjectwww.mczbf.com

FingerprintDC:C7:F0:54:32:B8:50:7F:F5:75:DB:A6:A7:0F:D5:B2:8F:4E:10:76

ValiditySun, 21 May 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT

Magic

PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data

Size

68
Hash

91e42db1c66c0b276abf6234dc50b2eb

c1986af3c26609b8b7d8933f99c51c1a89e9ea6b

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

                                        POST /563181860044/pageInfo HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auroratrainingadvantage.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 478
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Date: Mon, 20 Nov 2023 21:16:40 GMT
X-Request-ID: 18e0b350-87ea-11ee-b5f2-814a60786981
Access-Control-Allow-Origin: *
Cache-Control: no-store
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ok0YUYJeJEWDh8gg7VanwyAkTTBANxXBTcPTVU5z7seKlYqO-93j-g==

fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff

216.58.207.227

200 OK

20964

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 20964, version 1.1\012- data

Size

20964
Hash

107bc2e1387828d8595ef4452c3fc666

4e630a4f834886ab65248b9dfb679659d079a764

2944acfdff85dc6308cf8a2766b6efce9ec63fc8356fd5118a98001b936e50dc

HTTP Headers

                                        GET /s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:45:15 GMT
expires: Fri, 15 Nov 2024 23:45:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
content-type: font/woff
age: 336685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff

216.58.207.227

200 OK

20216

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 20216, version 1.1\012- data

Size

20216
Hash

cb721d9fb2f39c4c5fa9d75dd46ce78d

1ae6eab90118f90e61bd2a03fe7462b043756ccf

615494a93f61434c21c6a35e51b508950d66d7784b2f4deb10b7a904b4cca17c

HTTP Headers

                                        GET /s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:57:56 GMT
expires: Fri, 15 Nov 2024 04:57:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
content-type: font/woff
age: 404324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff

216.58.207.227

200 OK

20820

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 20820, version 1.1\012- data

Size

20820
Hash

4a6921bea933fcb93d9d2ef791efefc0

0961b80cebbfe6f90cf7d5356359c80827a44715

4f13413937d581dd5484c6110a56e054aebce392be27413247a9809264917886

HTTP Headers

                                        GET /s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 05:02:43 GMT
expires: Fri, 15 Nov 2024 05:02:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Aug 2014 18:08:10 GMT
content-type: font/woff
age: 404037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/shadowsintolight/v5/clhLqOv7MXn459PTh0gXYHW1xglZCgocDnD_teV2lMU.woff

216.58.207.227

200 OK

18544

URL GET HTTP/2

fonts.gstatic.com/s/shadowsintolight/v5/clhLqOv7MXn459PTh0gXYHW1xglZCgocDnD_teV2lMU.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 18544, version 1.1\012- data

Size

18544
Hash

603b54ac5da4c8ae8a6ac2090b76df70

313ad20951fe0b0d8670750f2c4d2283c887f9e5

e5160bdf4292c9f5789f4ccead3147abde34857aba60f4d54cd93fd27e903636

HTTP Headers

                                        GET /s/shadowsintolight/v5/clhLqOv7MXn459PTh0gXYHW1xglZCgocDnD_teV2lMU.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 13:08:27 GMT
expires: Tue, 19 Nov 2024 13:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 23 Jul 2014 22:01:04 GMT
content-type: font/woff
age: 29293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff

216.58.207.227

200 OK

20964

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 20964, version 1.1\012- data

Size

20964
Hash

107bc2e1387828d8595ef4452c3fc666

4e630a4f834886ab65248b9dfb679659d079a764

2944acfdff85dc6308cf8a2766b6efce9ec63fc8356fd5118a98001b936e50dc

HTTP Headers

                                        GET /s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:45:15 GMT
expires: Fri, 15 Nov 2024 23:45:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
content-type: font/woff
age: 336685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff

216.58.207.227

200 OK

20216

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 20216, version 1.1\012- data

Size

20216
Hash

cb721d9fb2f39c4c5fa9d75dd46ce78d

1ae6eab90118f90e61bd2a03fe7462b043756ccf

615494a93f61434c21c6a35e51b508950d66d7784b2f4deb10b7a904b4cca17c

HTTP Headers

                                        GET /s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:57:56 GMT
expires: Fri, 15 Nov 2024 04:57:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
content-type: font/woff
age: 404324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff

216.58.207.227

200 OK

20820

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 20820, version 1.1\012- data

Size

20820
Hash

4a6921bea933fcb93d9d2ef791efefc0

0961b80cebbfe6f90cf7d5356359c80827a44715

4f13413937d581dd5484c6110a56e054aebce392be27413247a9809264917886

HTTP Headers

                                        GET /s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 05:02:43 GMT
expires: Fri, 15 Nov 2024 05:02:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Aug 2014 18:08:10 GMT
content-type: font/woff
age: 404037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/shadowsintolight/v5/clhLqOv7MXn459PTh0gXYHW1xglZCgocDnD_teV2lMU.woff

216.58.207.227

200 OK

18544

URL GET HTTP/2

fonts.gstatic.com/s/shadowsintolight/v5/clhLqOv7MXn459PTh0gXYHW1xglZCgocDnD_teV2lMU.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 18544, version 1.1\012- data

Size

18544
Hash

603b54ac5da4c8ae8a6ac2090b76df70

313ad20951fe0b0d8670750f2c4d2283c887f9e5

e5160bdf4292c9f5789f4ccead3147abde34857aba60f4d54cd93fd27e903636

HTTP Headers

                                        GET /s/shadowsintolight/v5/clhLqOv7MXn459PTh0gXYHW1xglZCgocDnD_teV2lMU.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 13:08:27 GMT
expires: Tue, 19 Nov 2024 13:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 23 Jul 2014 22:01:04 GMT
content-type: font/woff
age: 29293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-5NN7KQVF19&gtm=45je3b81v9108181512&_p=1700515001850&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=711935689.1700515002&ul=en-us&sr=1280x1024&_s=1&sid=1700515002&sct=1&seg=0&dl=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-options-a%2F&dt=PTO%20Design%20and%20Management%20for%20Engaged%2C%20Happy%20Employees%20-%20Aurora%20Training%20Advantage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2531

216.239.34.36

204 No Content

URL POST HTTP/2

region1.analytics.google.com/g/collect?v=2&tid=G-5NN7KQVF19&gtm=45je3b81v9108181512&_p=1700515001850&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=711935689.1700515002&ul=en-us&sr=1280x1024&_s=1&sid=1700515002&sct=1&seg=0&dl=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-options-a%2F&dt=PTO%20Design%20and%20Management%20for%20Engaged%2C%20Happy%20Employees%20-%20Aurora%20Training%20Advantage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2531
IP

216.239.34.36:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34

ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        POST /g/collect?v=2&tid=G-5NN7KQVF19&gtm=45je3b81v9108181512&_p=1700515001850&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=711935689.1700515002&ul=en-us&sr=1280x1024&_s=1&sid=1700515002&sct=1&seg=0&dl=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-options-a%2F&dt=PTO%20Design%20and%20Management%20for%20Engaged%2C%20Happy%20Employees%20-%20Aurora%20Training%20Advantage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2531 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                        HTTP/2 204 No Content
access-control-allow-origin: https://auroratrainingadvantage.com
date: Mon, 20 Nov 2023 21:16:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

auroratrainingadvantage.com/assets/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

67.222.139.58

200 OK

78268

URL GET HTTP/2

auroratrainingadvantage.com/assets/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP

67.222.139.58:443
ASN

#30277 DFW-DATACENTER

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectauroratrainingadvantage.com

Fingerprint1A:73:1F:40:60:41:42:FA:AE:3C:8C:32:92:80:05:1A:27:D8:2F:C4

ValidityFri, 09 Dec 2022 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data

Size

78268
Hash

d824df7eb2e268626a2dd9a6a741ac4e

0ccb2c814a7e4ca12c4778821633809cb0361eaa

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

                                        GET /assets/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: auroratrainingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/assets/css/app-frontend.css?id=1c479f69da8d57cad5de
Cookie: XSRF-TOKEN=eyJpdiI6Ilh0alJ2UmMwTDVzaDYxN3hNRElndVE9PSIsInZhbHVlIjoia1M1a20xbkVGM3dQK3pRYXNvZlQvUXdiL05nODdsSS9OWmx3dERnb1VxeHBpeTVPK25iRmVJZjl2WHdqQnpZUVk5SENtSVBSeXBFN1JVUTFaVFkxUXpYZThHY2F2RHI5TENJMk5IUzYyRjdIVVd1OHQwRzZUSEJMTHpOVkEvT2siLCJtYWMiOiI3Njg4YTRhNTYyYWMzYzVjNmEyYTk1OWJhMDQwMzg4N2E5Y2E1ZTljNjhlYzg0MjRjZGUwZTM3ZTQ1ODhlODJhIn0%3D; aurora_session=eyJpdiI6IkdEaHVHMVdoNHJRRXRpYTVmRjg4TVE9PSIsInZhbHVlIjoiZDBuOG01dmFOeFl0dnY5cjNPL3YrSk5UNUhiMEZRWkZYUkVDMGR5ZkhTd015c21LbmpjWFRLR1BZSG1ZanlhM1M2bktsdkt1cWszSGVZcnlzV0dKUlMwSm1EZnlTZ1VVZ05hYkcyRkJMRGZMOTVSOVJlTzBuT1ROdzJVY3R4bVAiLCJtYWMiOiI1YzZmNTRmNDg4ZGI4MWZlN2NmMWU1OTk4ODQwNzIzYjI5YTE2NjAwZmM3YzI2YzRhYzkxOTBkZjkzMmNjNGUzIn0%3D; cjConsent=MHxZfDB8Tnww; _ga_5NN7KQVF19=GS1.1.1700515002.1.0.1700515002.60.0.0; _ga=GA1.1.711935689.1700515002
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 21:16:40 GMT
content-type: font/woff2
content-length: 78268
last-modified: Wed, 21 Dec 2022 13:02:37 GMT
etag: "63a303ed-131bc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

auroratrainingadvantage.com/assets/js/manifest.js?id=c4794917dffe04438adc

67.222.139.58

200 OK

6671

URL GET HTTP/2

auroratrainingadvantage.com/assets/js/manifest.js?id=c4794917dffe04438adc
IP

67.222.139.58:443
ASN

#30277 DFW-DATACENTER

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectauroratrainingadvantage.com

Fingerprint1A:73:1F:40:60:41:42:FA:AE:3C:8C:32:92:80:05:1A:27:D8:2F:C4

ValidityFri, 09 Dec 2022 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (13128)

Size

6671
Hash

c4794917dffe04438adc1b6e5333578e

7d63c80b7051af3dc753b9a57cba5994a292f048

434f0dee9ed21049ce0af8ff4dde20b254c3d832bc6e8e07166d83a419942796

HTTP Headers

                                        GET /assets/js/manifest.js?id=c4794917dffe04438adc HTTP/1.1
Host: auroratrainingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/webinars/pto-options-a/
Cookie: XSRF-TOKEN=eyJpdiI6Ilh0alJ2UmMwTDVzaDYxN3hNRElndVE9PSIsInZhbHVlIjoia1M1a20xbkVGM3dQK3pRYXNvZlQvUXdiL05nODdsSS9OWmx3dERnb1VxeHBpeTVPK25iRmVJZjl2WHdqQnpZUVk5SENtSVBSeXBFN1JVUTFaVFkxUXpYZThHY2F2RHI5TENJMk5IUzYyRjdIVVd1OHQwRzZUSEJMTHpOVkEvT2siLCJtYWMiOiI3Njg4YTRhNTYyYWMzYzVjNmEyYTk1OWJhMDQwMzg4N2E5Y2E1ZTljNjhlYzg0MjRjZGUwZTM3ZTQ1ODhlODJhIn0%3D; aurora_session=eyJpdiI6IkdEaHVHMVdoNHJRRXRpYTVmRjg4TVE9PSIsInZhbHVlIjoiZDBuOG01dmFOeFl0dnY5cjNPL3YrSk5UNUhiMEZRWkZYUkVDMGR5ZkhTd015c21LbmpjWFRLR1BZSG1ZanlhM1M2bktsdkt1cWszSGVZcnlzV0dKUlMwSm1EZnlTZ1VVZ05hYkcyRkJMRGZMOTVSOVJlTzBuT1ROdzJVY3R4bVAiLCJtYWMiOiI1YzZmNTRmNDg4ZGI4MWZlN2NmMWU1OTk4ODQwNzIzYjI5YTE2NjAwZmM3YzI2YzRhYzkxOTBkZjkzMmNjNGUzIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 21:16:40 GMT
content-type: application/x-javascript
last-modified: Tue, 14 Nov 2023 14:46:04 GMT
cache-control: max-age=31536000, public
expires: Tue, 19 Nov 2024 21:16:40 GMT
etag: W/"6553882c-3b3b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

storage.googleapis.com/cdn-aurora/assets/img/logo_home.png

142.250.74.27

200 OK

16250

URL GET HTTP/2

storage.googleapis.com/cdn-aurora/assets/img/logo_home.png
IP

142.250.74.27:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subjectstorage.googleapis.com

Fingerprint4D:66:EA:1A:AB:86:BB:C2:E9:29:62:76:DE:45:0D:60:53:70:6F:1F

ValidityMon, 23 Oct 2023 11:28:29 GMT - Mon, 15 Jan 2024 11:28:28 GMT

Magic

PNG image data, 180 x 50, 8-bit/color RGBA, non-interlaced\012- data

Size

16250
Hash

1b14a7fc4c8000817b62de2001fb814e

2c77526e223d5505541a6aac63234aab4d68ba8a

f5c3649a3fc5dbe34054d26ab61da3cecb3e2520e7f7f0aa08120bd5d8499fb0

HTTP Headers

                                        GET /cdn-aurora/assets/img/logo_home.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrLfxxoBz3EcmIDBvq0jJu8sUQY60FutC1cpIV4hY00GAulI0Dr4RAYG-BO4TCKjTA8z-c
x-goog-generation: 1689769388663579
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16250
x-goog-hash: crc32c=XdlrvQ==, md5=GxSn/EyAAIF7Yt4gAfuBTg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 16250
server: UploadServer
date: Mon, 20 Nov 2023 20:23:37 GMT
expires: Mon, 20 Nov 2023 21:23:37 GMT
cache-control: public, max-age=3600
age: 3185
last-modified: Wed, 19 Jul 2023 12:23:08 GMT
etag: "1b14a7fc4c8000817b62de2001fb814e"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

storage.googleapis.com/prod-aurora/assets/avatars/71426_1679411984.jpg

142.250.74.27

200 OK

29499

URL GET HTTP/2

storage.googleapis.com/prod-aurora/assets/avatars/71426_1679411984.jpg
IP

142.250.74.27:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subjectstorage.googleapis.com

Fingerprint4D:66:EA:1A:AB:86:BB:C2:E9:29:62:76:DE:45:0D:60:53:70:6F:1F

ValidityMon, 23 Oct 2023 11:28:29 GMT - Mon, 15 Jan 2024 11:28:28 GMT

Magic

JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 200x200, components 3\012- data

Size

29499
Hash

cc2511aa6746cc86f8f948ad1de7a845

806b1e6549577b1ead147b5114805b2b90428f74

1b7193b59ea9a7bfaca410200c8bc065d23447dfbbcb0e9b4cbfa1f3c0965033

HTTP Headers

                                        GET /prod-aurora/assets/avatars/71426_1679411984.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrBWtLX3Fsz6mquGtQ3ZSB7CbXFDAGzJ-tP1dkL5kXqAMa0w0epPldF8Txq5Cgx1G4yXzA
x-goog-generation: 1691818826678225
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 29499
x-goog-hash: crc32c=64TtkQ==, md5=zCURqmdGzIb4+UitHeeoRQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 29499
server: UploadServer
date: Mon, 20 Nov 2023 21:08:40 GMT
expires: Mon, 20 Nov 2023 22:08:40 GMT
cache-control: public, max-age=3600
age: 482
last-modified: Sat, 12 Aug 2023 05:40:26 GMT
etag: "cc2511aa6746cc86f8f948ad1de7a845"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

storage.googleapis.com/cdn-aurora/assets/ads/all-inclusive_banner_200x125.jpg

142.250.74.27

200 OK

30769

URL GET HTTP/2

storage.googleapis.com/cdn-aurora/assets/ads/all-inclusive_banner_200x125.jpg
IP

142.250.74.27:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subjectstorage.googleapis.com

Fingerprint4D:66:EA:1A:AB:86:BB:C2:E9:29:62:76:DE:45:0D:60:53:70:6F:1F

ValidityMon, 23 Oct 2023 11:28:29 GMT - Mon, 15 Jan 2024 11:28:28 GMT

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x125, components 3\012- data

Size

30769
Hash

88273494c051d2c277a70d760770b454

7f0ceca70e810f9dbfb31283791222fa9fd0de78

a0893a8373a087b79ff4a8e4a25c93502052d14891968476511cf0df81fd6cd3

HTTP Headers

                                        GET /cdn-aurora/assets/ads/all-inclusive_banner_200x125.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpBYlgYsUqEeAieE3pDsnkgI7AUVxlT3kF22ctOq1EEkUvkcPYigGqPxUPHSSrqjqkDYUM
x-goog-generation: 1680716692124451
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 30769
x-goog-hash: crc32c=t0nm9Q==, md5=iCc0lMBR0sJ3pw12B3C0VA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 30769
server: UploadServer
date: Mon, 20 Nov 2023 20:23:37 GMT
expires: Mon, 20 Nov 2023 21:23:37 GMT
cache-control: public, max-age=3600
age: 3185
last-modified: Wed, 05 Apr 2023 17:44:52 GMT
etag: "88273494c051d2c277a70d760770b454"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

storage.googleapis.com/cdn-aurora/assets/img/social-sprites.png

142.250.74.27

200 OK

9869

URL GET HTTP/2

storage.googleapis.com/cdn-aurora/assets/img/social-sprites.png
IP

142.250.74.27:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subjectstorage.googleapis.com

Fingerprint4D:66:EA:1A:AB:86:BB:C2:E9:29:62:76:DE:45:0D:60:53:70:6F:1F

ValidityMon, 23 Oct 2023 11:28:29 GMT - Mon, 15 Jan 2024 11:28:28 GMT

Magic

PNG image data, 30 x 1950, 8-bit colormap, non-interlaced\012- data

Size

9869
Hash

cc257f2ccc5fc1d3b811f39bbf5b4fb2

028839bd5deb94650333a3b3e7b9bb3c249a6b49

507f730d6cff3161527237d889c576b1d30285be923ad540e315d32a43da102c

HTTP Headers

                                        GET /cdn-aurora/assets/img/social-sprites.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
x-guploader-uploadid: ABPtcPqqIkCEDQwMko1SjeytF9OO4GqRE53iU4nnMBE3nViF4E7UiZqnRzLBfhZkCfl0oec6N1I
x-goog-generation: 1689769428705416
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9869
x-goog-hash: crc32c=yuOi/A==, md5=zCV/LMxfwdO4EfObv1tPsg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 9869
server: UploadServer
date: Mon, 20 Nov 2023 20:23:37 GMT
expires: Mon, 20 Nov 2023 21:23:37 GMT
cache-control: public, max-age=3600
age: 3185
last-modified: Wed, 19 Jul 2023 12:23:48 GMT
etag: "cc257f2ccc5fc1d3b811f39bbf5b4fb2"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5NN7KQVF19&cid=711935689.1700515002&gtm=45je3b81v9108181512&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=449779898

142.250.74.163

200 OK

URL GET HTTP/2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5NN7KQVF19&cid=711935689.1700515002&gtm=45je3b81v9108181512&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=449779898
IP

142.250.74.163:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.google.no

Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32

ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

Magic

GIF image data, version 89a, 1 x 1\012- data

Size

42
Hash

d89746888da2d9510b64a9f031eaecd5

d5fceb6532643d0d84ffe09c40c481ecdf59e15a

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

                                        GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5NN7KQVF19&cid=711935689.1700515002&gtm=45je3b81v9108181512&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=449779898 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 21:16:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.3

200 OK

190682

URL GET HTTP/3

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP

142.250.74.3:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

ASCII text, with very long lines (563)

Size

190682
Hash

23b9dd721490a4062ba8d01454ef6ba9

efdbb7331585411f7d397dacbf51fd3e95f3031d

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

                                        GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 21535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

auroratrainingadvantage.com/assets/js/vendor.js?id=6cf97cb6ccbee190e313

67.222.139.58

200 OK

4362135

URL GET HTTP/2

auroratrainingadvantage.com/assets/js/vendor.js?id=6cf97cb6ccbee190e313
IP

67.222.139.58:443
ASN

#30277 DFW-DATACENTER

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectauroratrainingadvantage.com

Fingerprint1A:73:1F:40:60:41:42:FA:AE:3C:8C:32:92:80:05:1A:27:D8:2F:C4

ValidityFri, 09 Dec 2022 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (65470)

Size

4362135
Hash

6cf97cb6ccbee190e3132d847df4c7ad

84a1a05214e437dd037ca216694c1ae9c4844033

dab7cb98dc96bd1489a3e891b898b4c77360214fa37180717343f388e3723749

Detections

Analyzer	Verdict	Alert
urlquery		MSOffice_Macro_HTTP_Payload_Download

HTTP Headers

                                        GET /assets/js/vendor.js?id=6cf97cb6ccbee190e313 HTTP/1.1
Host: auroratrainingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/webinars/pto-options-a/
Cookie: XSRF-TOKEN=eyJpdiI6Ilh0alJ2UmMwTDVzaDYxN3hNRElndVE9PSIsInZhbHVlIjoia1M1a20xbkVGM3dQK3pRYXNvZlQvUXdiL05nODdsSS9OWmx3dERnb1VxeHBpeTVPK25iRmVJZjl2WHdqQnpZUVk5SENtSVBSeXBFN1JVUTFaVFkxUXpYZThHY2F2RHI5TENJMk5IUzYyRjdIVVd1OHQwRzZUSEJMTHpOVkEvT2siLCJtYWMiOiI3Njg4YTRhNTYyYWMzYzVjNmEyYTk1OWJhMDQwMzg4N2E5Y2E1ZTljNjhlYzg0MjRjZGUwZTM3ZTQ1ODhlODJhIn0%3D; aurora_session=eyJpdiI6IkdEaHVHMVdoNHJRRXRpYTVmRjg4TVE9PSIsInZhbHVlIjoiZDBuOG01dmFOeFl0dnY5cjNPL3YrSk5UNUhiMEZRWkZYUkVDMGR5ZkhTd015c21LbmpjWFRLR1BZSG1ZanlhM1M2bktsdkt1cWszSGVZcnlzV0dKUlMwSm1EZnlTZ1VVZ05hYkcyRkJMRGZMOTVSOVJlTzBuT1ROdzJVY3R4bVAiLCJtYWMiOiI1YzZmNTRmNDg4ZGI4MWZlN2NmMWU1OTk4ODQwNzIzYjI5YTE2NjAwZmM3YzI2YzRhYzkxOTBkZjkzMmNjNGUzIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 21:16:40 GMT
content-type: application/x-javascript
last-modified: Tue, 14 Nov 2023 14:46:04 GMT
cache-control: max-age=31536000, public
expires: Tue, 19 Nov 2024 21:16:40 GMT
etag: W/"6553882c-1078837"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

static.olark.com/jsclient/loader.js

192.229.233.34

200 OK

3120

URL GET HTTP/2

static.olark.com/jsclient/loader.js
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (8743), with no line terminators

Size

3120
Hash

c2c65f4c68f82e7e01757569ff8f6bb6

4cd1d48db910506f82bf66286ecf0030cfdcf8fd

afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

HTTP Headers

                                        GET /jsclient/loader.js HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 8588
cache-control: max-age=10800
content-type: application/javascript; charset=utf-8
date: Mon, 20 Nov 2023 21:16:43 GMT
etag: W/"65383bfa-2227"
expires: Tue, 21 Nov 2023 00:16:43 GMT
last-modified: Tue, 24 Oct 2023 21:49:46 GMT
server: ECS (ska/F706)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 3120
X-Firefox-Spdy: h2

static.olark.com/jsclient/app.js

192.229.233.34

200 OK

18635

URL GET HTTP/2

static.olark.com/jsclient/app.js
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (32002)

Size

18635
Hash

cc4026f22550088c31b98e27aeadda13

93f92f78266c422665cf2347776314cde19a2cab

adb6c4350fe3e2e0102cff13fe1ecfd6e888e800429c62a9f77980554d626525

HTTP Headers

                                        GET /jsclient/app.js HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 8658
cache-control: max-age=10800
content-type: application/javascript; charset=utf-8
date: Mon, 20 Nov 2023 21:16:43 GMT
etag: "65383c0b-db29"
expires: Tue, 21 Nov 2023 00:16:43 GMT
last-modified: Tue, 24 Oct 2023 21:50:03 GMT
server: ECS (ska/F706)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 18635
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o

142.250.74.164

200 OK

34603

URL GET HTTP/3

www.google.com/recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o
IP

142.250.74.164:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subject*.google.com

Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95

ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

Magic

gzip compressed data\012- data

Size

34603
Hash

ea027712fe19968fb6e6b2f8e6408839

0c97567f0278a192714c396aacb0eb3b97136772

ad92659876b3f8ef0b3717be3cd328dd7eda74c313718c264170986088aa68b9

HTTP Headers

                                        GET /recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Nov 2023 21:16:43 GMT
content-security-policy: script-src 'nonce-hRuxhV8iucyZpuV-4Jdr7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.3

200 OK

24606

URL GET HTTP/3

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP

142.250.74.3:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

ASCII text, with very long lines (56398), with no line terminators

Size

24606
Hash

eb4bc511f79f7a1573b45f5775b3a99b

d910fb51ad7316aa54f055079374574698e74b35

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

                                        GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 19:10:43 GMT
expires: Fri, 15 Nov 2024 19:10:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 353160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.3

200 OK

190682

URL GET HTTP/3

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP

142.250.74.3:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

ASCII text, with very long lines (563)

Size

190682
Hash

23b9dd721490a4062ba8d01454ef6ba9

efdbb7331585411f7d397dacbf51fd3e95f3031d

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

                                        GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 21536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.olark.com/jsclient-bucket6/application2.js?v=1698184023911

192.229.233.34

200 OK

319116

URL GET HTTP/2

static.olark.com/jsclient-bucket6/application2.js?v=1698184023911
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (32010)

Size

319116
Hash

c963287133d1e5c9866f393a54e2ce5a

d7453297fe91649e08a9f18ab3020eab74a2c3b0

acf3504499c9a3c6264e53c0d1c06eb65561e14529fabe8a19df21efe6304a7f

HTTP Headers

                                        GET /jsclient-bucket6/application2.js?v=1698184023911 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 84198
cache-control: max-age=86400
content-type: application/javascript; charset=utf-8
date: Mon, 20 Nov 2023 21:16:43 GMT
etag: W/"65383bf5-1213f2"
expires: Tue, 21 Nov 2023 21:16:43 GMT
last-modified: Tue, 24 Oct 2023 21:49:41 GMT
p3p: CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
server: ECS (ska/F71E)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 319116
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15344

URL GET HTTP/3

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data

Size

15344
Hash

5d4aeb4e5f5ef754e307d7ffaef688bd

06db651cdf354c64a7383ea9c77024ef4fb4cef8

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

                                        GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:26:09 GMT
expires: Fri, 15 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 337834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

15552

URL GET HTTP/3

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data

Size

15552
Hash

285467176f7fe6bb6a9c6873b3dad2cc

ea04e4ff5142ddd69307c183def721a160e0a64e

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

                                        GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:18 GMT
expires: Fri, 15 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 338005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

status.geotrust.com/

192.229.221.95

471

URL

status.geotrust.com/
IP

192.229.221.95:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

949615dbb1e22b78ab7800a8ba4d01b9

ab3918d947e3aea032d685024910cb151d84d5f5

fd8667285133db62866b5820e775ba0dd3633ade471570474d94c411b770ec30

HTTP Headers

                                        POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6300
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 20 Nov 2023 21:16:43 GMT
Last-Modified: Mon, 20 Nov 2023 19:31:43 GMT
Server: ECAcc (amb/6B66)
X-Cache: HIT
Content-Length: 471

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.3

200 OK

2228

URL GET HTTP/3

www.gstatic.com/recaptcha/api2/logo_48.png
IP

142.250.74.3:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1&co=aHR0cHM6Ly9hdXJvcmF0cmFpbmluZ2FkdmFudGFnZS5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9i9tp6ex2d2o
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data

Size

2228
Hash

ef9941290c50cd3866e2ba6b793f010d

4736508c795667dcea21f8d864233031223b7832

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

                                        GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Nov 2023 21:37:43 GMT
expires: Wed, 22 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 430740
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.3

200 OK

190682

URL GET HTTP/3

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP

142.250.74.3:443
ASN

#15169 GOOGLE

Requested by

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

ASCII text, with very long lines (563)

Size

190682
Hash

23b9dd721490a4062ba8d01454ef6ba9

efdbb7331585411f7d397dacbf51fd3e95f3031d

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

                                        GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 21536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ws-mt1.pusher.com/app/5bd7e719e03df29fc1ea?protocol=7&client=js&version=7.0.4&flash=false

3.230.208.50

URL

ws-mt1.pusher.com/app/5bd7e719e03df29fc1ea?protocol=7&client=js&version=7.0.4&flash=false
IP

3.230.208.50:0
ASN

#14618 AMAZON-AES

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /app/5bd7e719e03df29fc1ea?protocol=7&client=js&version=7.0.4&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://auroratrainingadvantage.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0kNpT3mq538ILL2FN7pJog==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Date: Mon, 20 Nov 2023 21:16:43 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GXi8aoJD4QpRvcWcFMZfLYOxtgk=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover

smct.co/tm/?t=auroratrainingadvantage.com

54.154.115.40

200 OK

4617

URL GET HTTP/2

smct.co/tm/?t=auroratrainingadvantage.com
IP

54.154.115.40:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subjectsmct.co

FingerprintA6:D0:49:9F:C9:19:A5:DF:CC:3C:2E:6F:62:2F:DC:8A:F2:19:65:85

ValiditySat, 18 Mar 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (9216)

Size

4617
Hash

fbafb7ad0e45b6f3e30a1907131dee5e

f71d64d2ed82abc1925bf8e717cb28063f593841

4f7ad2635dcafc6cb3593f2572ebb72b06079df1e635bce243a14dcb00daefd6

HTTP Headers

                                        GET /tm/?t=auroratrainingadvantage.com HTTP/1.1
Host: smct.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Mon, 20 Nov 2023 21:16:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 4617
server: Apache/2.4.57 (Ubuntu)
expires: Mon, 20 Nov 2023 21:31:44 GMT
pragma: cache
cache-control: max-age=900
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

static.olark.com/a/assets/v0/site/9203-205-10-9942.js?cb=1700515005271

192.229.233.34

200 OK

12227

URL GET HTTP/2

static.olark.com/a/assets/v0/site/9203-205-10-9942.js?cb=1700515005271
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

data

Size

12227
Hash

7639dfa915ebc35a79a16f6b554b42ca

6103ae782eb0f07f09ffcb4f987a8c07a93885ff

5404134e06e9871eb2f64a49204b082255b5d181c7ecb01a3b18c7db7dce1af5

HTTP Headers

                                        GET /a/assets/v0/site/9203-205-10-9942.js?cb=1700515005271 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
access-control-allow-origin: *
cache-control: no-cache
content-type: application/javascript
date: Mon, 20 Nov 2023 21:16:43 GMT
etag: 9d202aa6eeed78d4802778d234d43d0e
server: TwistedWeb/21.2.0
via: 1.1 google
X-Firefox-Spdy: h2

static.olark.com/jsclient-bucket6/storage.html?v=1698184023911

192.229.233.34

157

URL

static.olark.com/jsclient-bucket6/storage.html?v=1698184023911
IP

192.229.233.34:0
ASN

#15133 EDGECAST

Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text

Size

157
Hash

0a9ac8742dbee1c3a25de4f77d957604

cff8d1cf74e296386c4ca66d9cd6ee2c3a2446fe

f400379d0049fe54b787ed04b2e9faa4b10405917f63fffa4598dc12ef617468

HTTP Headers

                                        GET /jsclient-bucket6/storage.html?v=1698184023911 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 84201
cache-control: max-age=86400
content-type: text/html; charset=utf-8
date: Mon, 20 Nov 2023 21:16:44 GMT
etag: "65383c05-b4"
expires: Tue, 21 Nov 2023 21:16:44 GMT
last-modified: Tue, 24 Oct 2023 21:49:57 GMT
p3p: CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
server: ECS (ska/F70D)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 157
X-Firefox-Spdy: h2

static.olark.com/jsclient-bucket6/storage.js?v=1698184023911

192.229.233.34

200 OK

28656

URL GET HTTP/2

static.olark.com/jsclient-bucket6/storage.js?v=1698184023911
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://static.olark.com/jsclient-bucket6/storage.html?v=1698184023911#TK585686587817186
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (32019)

Size

28656
Hash

019cb5de92bc44487414cf2df570eb1f

648ebf82bd015bc530f5be00db24589ef325c466

caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111

HTTP Headers

                                        GET /jsclient-bucket6/storage.js?v=1698184023911 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.olark.com/jsclient-bucket6/storage.html?v=1698184023911
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 84198
cache-control: max-age=86400
content-type: application/javascript; charset=utf-8
date: Mon, 20 Nov 2023 21:16:44 GMT
etag: W/"65383c05-15d17"
expires: Tue, 21 Nov 2023 21:16:44 GMT
last-modified: Tue, 24 Oct 2023 21:49:57 GMT
p3p: CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
server: ECS (ska/F70C)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 28656
X-Firefox-Spdy: h2

js.smct.co/csp/csp.js

143.204.55.48

200 OK

URL HEAD HTTP/2

js.smct.co/csp/csp.js
IP

143.204.55.48:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subject*.intent.ly

Fingerprint7E:B8:11:70:90:C0:96:FD:C1:9E:08:08:CD:8B:8A:CA:AE:74:21:B3

ValidityTue, 11 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        HEAD /csp/csp.js HTTP/1.1
Host: js.smct.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sun, 19 Nov 2023 00:13:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
last-modified: Wed, 23 Oct 2019 09:31:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=2592000
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FGuMKIx-ipSenIaWpD4T1p7Oo75ZjwZNWttmn7zaFiySjMq5vcLp7w==
age: 162185
X-Firefox-Spdy: h2

static.olark.com/jsclient/sounds/olark-chimes.ogg

192.229.233.34

206 Partial Content

10805

URL GET HTTP/2

static.olark.com/jsclient/sounds/olark-chimes.ogg
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

Ogg data, Vorbis audio, stereo, 44100 Hz, ~112000 bps\012- data

Size

10805
Hash

c2f30966cecc84904886555e1c5b549c

4c7000255dcaa26b50cf7f02c0251a566842a2ed

b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae

HTTP Headers

                                        GET /jsclient/sounds/olark-chimes.ogg HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 206 Partial Content
accept-ranges: bytes
access-control-allow-origin: *
age: 2329313
cache-control: max-age=31536000
content-range: bytes 0-10804/10805
content-type: audio/ogg
date: Mon, 20 Nov 2023 21:16:44 GMT
etag: "65383bfa-2a35"
expires: Tue, 19 Nov 2024 21:16:44 GMT
last-modified: Tue, 24 Oct 2023 21:49:46 GMT
server: ECS (ska/F70F)
via: 1.1 google
x-cache: HIT
content-length: 10805
X-Firefox-Spdy: h2

static.olark.com/jsclient/styles/cryptic-capybara/theme.css

192.229.233.34

200 OK

20075

URL GET HTTP/2

static.olark.com/jsclient/styles/cryptic-capybara/theme.css
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (51505)

Size

20075
Hash

d2ceb55583b52a80f649e1bc9fffe59d

e6b448fbbf70c674fef5ba121e1a424b5e1451b7

447a94eef5a61f75e946390461a0a482d37929c304c8d17e163340a288be358a

HTTP Headers

                                        GET /jsclient/styles/cryptic-capybara/theme.css HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 84328
cache-control: max-age=86400
content-type: text/css
date: Mon, 20 Nov 2023 21:16:44 GMT
etag: W/"65383bfa-29e0b"
expires: Tue, 21 Nov 2023 21:16:44 GMT
last-modified: Tue, 24 Oct 2023 21:49:46 GMT
p3p: CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
server: ECS (ska/F709)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 20075
X-Firefox-Spdy: h2

static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2

192.229.233.34

200 OK

16180

URL GET HTTP/2

static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 16180, version 1.0\012- data

Size

16180
Hash

43750a193b8ff0b4e929323a72d79301

f48633de72e52238e246cdb1920a0f1686b74701

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

HTTP Headers

                                        GET /jsclient/fonts/noto-sans-v11-latin-700.woff2 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://static.olark.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 2330739
cache-control: max-age=31536000
content-type: application/octet-stream
date: Mon, 20 Nov 2023 21:16:45 GMT
etag: "65383bfa-3f34"
expires: Tue, 19 Nov 2024 21:16:45 GMT
last-modified: Tue, 24 Oct 2023 21:49:46 GMT
server: ECS (ska/F70F)
via: 1.1 google
x-cache: HIT
content-length: 16180
X-Firefox-Spdy: h2

static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2

192.229.233.34

200 OK

16056

URL GET HTTP/2

static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 16056, version 1.0\012- data

Size

16056
Hash

175853ded2a4e2249d37c46ca0ca33c5

2c0811523c15070ed822cd89aede5dcb77060fc3

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

HTTP Headers

                                        GET /jsclient/fonts/noto-sans-v11-latin-regular.woff2 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://static.olark.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 2330739
cache-control: max-age=31536000
content-type: application/octet-stream
date: Mon, 20 Nov 2023 21:16:45 GMT
etag: "65383bfa-3eb8"
expires: Tue, 19 Nov 2024 21:16:45 GMT
last-modified: Tue, 24 Oct 2023 21:49:46 GMT
server: ECS (ska/F71B)
via: 1.1 google
x-cache: HIT
content-length: 16056
X-Firefox-Spdy: h2

log.olark.com/jslog/log.png?version=-bucket6&location=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-o&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab8388004755592459&conversation_id=yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1&visitor_id=XaP4YhO4wWrvN9QP2W9pK0P1SB1AoAOB&site_id=9203-205-10-9942&bucket=bucket6&level=count&timestamp=1700515006703&properties=%7B%7D&recent_logs=%5B%5D

34.96.127.16

200 OK

URL GET HTTP/3

log.olark.com/jslog/log.png?version=-bucket6&location=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-o&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab8388004755592459&conversation_id=yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1&visitor_id=XaP4YhO4wWrvN9QP2W9pK0P1SB1AoAOB&site_id=9203-205-10-9942&bucket=bucket6&level=count&timestamp=1700515006703&properties=%7B%7D&recent_logs=%5B%5D
IP

34.96.127.16:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subject*.olark.com

Fingerprint4D:B7:72:33:9D:B0:9F:54:9A:1E:7D:5E:88:AF:29:A4:BE:1E:85:74

ValidityTue, 24 Oct 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT

Magic

ASCII text, with no line terminators

Size

2
Hash

e0aa021e21dddbd6d8cecec71e9cf564

9ce3bd4224c8c1780db56b4125ecf3f24bf748b7

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

                                        GET /jslog/log.png?version=-bucket6&location=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-o&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab8388004755592459&conversation_id=yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1&visitor_id=XaP4YhO4wWrvN9QP2W9pK0P1SB1AoAOB&site_id=9203-205-10-9942&bucket=bucket6&level=count&timestamp=1700515006703&properties=%7B%7D&recent_logs=%5B%5D HTTP/1.1
Host: log.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
server: nginx
date: Mon, 20 Nov 2023 21:16:45 GMT
content-type: text/plain
content-length: 2
cache-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cognito-identity.eu-west-1.amazonaws.com/

52.18.169.75

200 OK

URL OPTIONS HTTP/2

cognito-identity.eu-west-1.amazonaws.com/
IP

52.18.169.75:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subjectcognito-identity.eu-west-1.amazonaws.com

Fingerprint27:8A:D4:04:62:DD:2B:3A:4B:4A:54:6B:99:82:5D:74:53:A4:96:30

ValidityMon, 08 May 2023 00:00:00 GMT - Wed, 05 Jun 2024 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        OPTIONS / HTTP/1.1
Host: cognito-identity.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-amz-target
Referer: https://auroratrainingadvantage.com/
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Mon, 20 Nov 2023 21:16:45 GMT
content-length: 0
x-amzn-requestid: ebcf191c-79d5-46d0-92e9-9a3580d32628
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
X-Firefox-Spdy: h2

cognito-identity.eu-west-1.amazonaws.com/

52.18.169.75

200 OK

URL OPTIONS HTTP/2

cognito-identity.eu-west-1.amazonaws.com/
IP

52.18.169.75:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subjectcognito-identity.eu-west-1.amazonaws.com

Fingerprint27:8A:D4:04:62:DD:2B:3A:4B:4A:54:6B:99:82:5D:74:53:A4:96:30

ValidityMon, 08 May 2023 00:00:00 GMT - Wed, 05 Jun 2024 23:59:59 GMT

Magic

JSON data\012- , ASCII text, with no line terminators

Size

63
Hash

7f5206dd7eb7855a380885b449a22550

03b2a2bfdea4eaba3028adb1c860d3dffb162c8d

d8458051a883ae62ff66c2ab04507c33f3569dd383525ed462da2160973c01b6

HTTP Headers

                                        POST / HTTP/1.1
Host: cognito-identity.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-amz-json-1.1
X-AMZ-TARGET: AWSCognitoIdentityService.GetId
Content-Length: 67
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 400 Bad Request
date: Mon, 20 Nov 2023 21:16:45 GMT
content-type: application/x-amz-json-1.1
content-length: 63
x-amzn-requestid: 6c55d9ac-b836-495e-b50b-901bf512ffd6
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-errortype: TooManyRequestsException:
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-errormessage: Rate exceeded
X-Firefox-Spdy: h2

d2d7do8qaecbru.cloudfront.net/live/lse1.1.html

143.204.55.48

200 OK

12446

URL GET HTTP/2

d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
IP

143.204.55.48:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subject*.cloudfront.net

FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52

ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

Magic

gzip compressed data, from Unix\012- data

Size

12446
Hash

124505559d7ac8c002122b4350d5f3de

38e62f378f386b996ba1a5d1aff85cc7bf1c62c1

235df7426a6cba4f543ee2119617f3beb8122f1318790036ec51f1df2838d447

HTTP Headers

                                        GET /live/lse1.1.html HTTP/1.1
Host: d2d7do8qaecbru.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 06 Nov 2019 12:06:42 GMT
x-amz-version-id: 3RRTSIWom4dpK6VxcP0BNx5_6oQ0Pvyu
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 21:16:45 GMT
etag: W/"1de5ff62ceb05bb85f2813d8103b063a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Iu-dfN6L_9Qxd9nPAj_rTTyLq5f8-Wr-8xFwt8MXQOaeSf0HeQJ5ig==
X-Firefox-Spdy: h2

nrpc.olark.com/nrpc/c?c=create&s=9203-205-10-9942&v=XaP4YhO4wWrvN9QP2W9pK0P1SB1AoAOB&i=yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1&g=ALL&q=precache043312701118735464&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-options-a%2F&r=&ca=false&ru=false&ae=

34.96.127.16

200 OK

957

URL GET HTTP/2

nrpc.olark.com/nrpc/c?c=create&s=9203-205-10-9942&v=XaP4YhO4wWrvN9QP2W9pK0P1SB1AoAOB&i=yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1&g=ALL&q=precache043312701118735464&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-options-a%2F&r=&ca=false&ru=false&ae=
IP

34.96.127.16:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subject*.olark.com

Fingerprint4D:B7:72:33:9D:B0:9F:54:9A:1E:7D:5E:88:AF:29:A4:BE:1E:85:74

ValidityTue, 24 Oct 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT

Magic

troff or preprocessor input, ASCII text, with very long lines (1061), with no line terminators

Size

957
Hash

38afded794219f60696481fa2ba28344

7456a59615287652c6495302492de8316a2e8861

045f4bfb7341ef3125284700ed28995051ad0c5498b1db334f2c0a6c01517e94

HTTP Headers

                                        GET /nrpc/c?c=create&s=9203-205-10-9942&v=XaP4YhO4wWrvN9QP2W9pK0P1SB1AoAOB&i=yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1&g=ALL&q=precache043312701118735464&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fauroratrainingadvantage.com%2Fwebinars%2Fpto-options-a%2F&r=&ca=false&ru=false&ae= HTTP/1.1
Host: nrpc.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://auroratrainingadvantage.com
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: TwistedWeb/21.2.0
date: Mon, 20 Nov 2023 21:16:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 20 Nov 2023 21:16:43 UTC
cache-control: post-check=0, pre-check=0
x-rpc: nrpc-http-55757f686-wtdjj
pragma: no-cache
access-control-allow-origin: *
content-type: text/javascript; charset=UTF-8
content-disposition: inline; filename="rpc.txt"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ws-mt1.pusher.com/app/5bd7e719e03df29fc1ea?protocol=7&client=js&version=7.0.4&flash=false

3.230.208.50

101 Switching Protocols

URL GET HTTP/1.1

ws-mt1.pusher.com/app/5bd7e719e03df29fc1ea?protocol=7&client=js&version=7.0.4&flash=false
IP

3.230.208.50:443
ASN

#14618 AMAZON-AES

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subjectpusher.com

Fingerprint7F:21:03:8F:D0:81:ED:06:33:D6:8D:83:17:DA:79:19:72:2E:BF:39

ValiditySun, 25 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /app/5bd7e719e03df29fc1ea?protocol=7&client=js&version=7.0.4&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://auroratrainingadvantage.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0kNpT3mq538ILL2FN7pJog==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Date: Mon, 20 Nov 2023 21:16:43 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GXi8aoJD4QpRvcWcFMZfLYOxtgk=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover

static.olark.com/jsclient-bucket6/storage.html?v=1698184023911

192.229.233.34

200 OK

180

URL GET HTTP/2

static.olark.com/jsclient-bucket6/storage.html?v=1698184023911
IP

192.229.233.34:443
ASN

#15133 EDGECAST

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subjectstatic.olark.com

Fingerprint65:D3:1A:A2:37:41:0C:20:D3:1D:AD:6A:7D:C5:78:C4:75:8B:79:12

ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators

Size

180
Hash

4989111e3d617917c6926fc5ecc4a70a

3f0cb5a623730b59f36705ba5310c640551b5612

6a5577176944bbea4fc03c92c296a892b4533562831a14bcd6113a3e3a0a58e5

HTTP Headers

                                        GET /jsclient-bucket6/storage.html?v=1698184023911 HTTP/1.1
Host: static.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 84201
cache-control: max-age=86400
content-type: text/html; charset=utf-8
date: Mon, 20 Nov 2023 21:16:44 GMT
etag: "65383c05-b4"
expires: Tue, 21 Nov 2023 21:16:44 GMT
last-modified: Tue, 24 Oct 2023 21:49:57 GMT
p3p: CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
server: ECS (ska/F70D)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 157
X-Firefox-Spdy: h2

js.smct.co/e/events-1.6.0.min.js

143.204.55.48

200 OK

28313

URL GET HTTP/2

js.smct.co/e/events-1.6.0.min.js
IP

143.204.55.48:443
ASN

#16509 AMAZON-02

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerAmazon

Subject*.intent.ly

Fingerprint7E:B8:11:70:90:C0:96:FD:C1:9E:08:08:CD:8B:8A:CA:AE:74:21:B3

ValidityTue, 11 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (28268)

Size

28313
Hash

a1075fa3d276bd62722dbc87d77a8e62

df1dcc54f2d8c6406225d16dcff3fe546e2cdb76

cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e

HTTP Headers

                                        GET /e/events-1.6.0.min.js HTTP/1.1
Host: js.smct.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 22 Mar 2021 13:16:37 GMT
x-amz-version-id: 86Alo3RvPHIXLLAe0m5WQhsYLYOyKnIX
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 18:45:41 GMT
etag: W/"a1075fa3d276bd62722dbc87d77a8e62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SegRKJvDpUTFRvhnTVhyjRZm5HLcIdAtCU1V1CHUIY_QmBcVfySNTQ==
age: 9188
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1

142.250.74.164

200 OK

884

URL GET HTTP/2

www.google.com/recaptcha/api.js?render=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1
IP

142.250.74.164:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerGoogle Trust Services LLC

Subjectwww.google.com

FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1

ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

Magic

ASCII text, with very long lines (884), with no line terminators

Size

884
Hash

9e51cf756a58d084defc52dd4ca46eb3

427f890b5084201a6e9ebef3169c4ae96932af6b

406e1a63387c5644b750f2f524ca7793ca7cf1f0a584e6239dd1c8ef87f5357a

HTTP Headers

                                        GET /recaptcha/api.js?render=6LebJjsgAAAAALYLqb4Bs7ZXjbI3jZfB5Y9Y8DZ1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 20 Nov 2023 21:16:40 GMT
date: Mon, 20 Nov 2023 21:16:40 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.olark.com/2.0/sites/9203-205-10-9942/visits?_callback=_olark_callback_0e5fbc42_9d3d_4b73_ad51_2fc324756587&_method=POST&_data=%7B%22conversation_id%22%3A%22yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1%22%2C%22cache%22%3A%220.523885671616747%22%7D

34.96.127.16

200 OK

112

URL GET HTTP/3

api.olark.com/2.0/sites/9203-205-10-9942/visits?_callback=_olark_callback_0e5fbc42_9d3d_4b73_ad51_2fc324756587&_method=POST&_data=%7B%22conversation_id%22%3A%22yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1%22%2C%22cache%22%3A%220.523885671616747%22%7D
IP

34.96.127.16:443
ASN

#15169 GOOGLE

Requested by

https://auroratrainingadvantage.com/webinars/pto-options-a/
Certificate

IssuerDigiCert Inc

Subject*.olark.com

Fingerprint4D:B7:72:33:9D:B0:9F:54:9A:1E:7D:5E:88:AF:29:A4:BE:1E:85:74

ValidityTue, 24 Oct 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT

Magic

ASCII text, with no line terminators

Size

112
Hash

22c2bfa7d929341847bac9240e53737e

78f139a0153d035627d25ca764ef6f3f3d06ed2b

b10d7011ed655c3ce5bd56d2bbb6f56125e9c28728b9677e591b3540a289682c

HTTP Headers

                                        GET /2.0/sites/9203-205-10-9942/visits?_callback=_olark_callback_0e5fbc42_9d3d_4b73_ad51_2fc324756587&_method=POST&_data=%7B%22conversation_id%22%3A%22yFxhJgZmcNnY8HQA2W9pK0PSo1BOKBA1%22%2C%22cache%22%3A%220.523885671616747%22%7D HTTP/1.1
Host: api.olark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auroratrainingadvantage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/3 200 OK
access-control-allow-headers: X-Access-Token, X-CSRF-Token, Content-Type, Authorization
x-robots-tag: noindex
content-disposition: inline; filename="api.txt"
access-control-max-age: 432000
server: NotARealServer/1.33.7
cache-control: no-store
date: Mon, 20 Nov 2023 21:16:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

auroratrainingadvantage.com/favicon.ico

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (46)

#1 JS:Script (size: 1360)

Introduced by

Inline HTML

Observations

Hash

#2 JS:Script (size: 143)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#3 JS:Script (size: 1014)

Introduced by

Inline HTML

Observations

Hash

#4 JS:Script (size: 1184754)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#5 JS:Script (size: 65185)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#6 JS:Script (size: 884)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#7 JS:Script (size: 443)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#8 JS:Script (size: 28313)

URL

IP