Windows Analysis Report
https://people.planningcenteronline.com

Overview

General Information

Sample URL: https://people.planningcenteronline.com
Analysis ID: 1431783
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Found iframes
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Found iframes
Source: https://login.planningcenteronline.com/login/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/login/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/login/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/login/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: Iframe src: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: https://login.planningcenteronline.com/login/new?return=People%2F HTTP Parser: <input type="password" .../> found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: <input type="password" .../> found
Source: https://login.planningcenteronline.com/login/new?return=People%2F HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="author".. found
Source: https://login.planningcenteronline.com/login/new?return=People%2F HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/login/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="copyright".. found
Source: https://login.planningcenteronline.com/password_reset/new HTTP Parser: No <meta name="copyright".. found
Uses insecure TLS / SSL version for HTTPS connection
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49759 version: TLS 1.0
Source: unknown HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.5:49723 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.5:49726 version: TLS 1.2
Uses insecure TLS / SSL version for HTTPS connection
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49759 version: TLS 1.0
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: people.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /?return=People%2F HTTP/1.1Host: login.planningcenteronline.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /login/new?return=People%2F HTTP/1.1Host: login.planningcenteronline.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.OH6WsFiQIzChLGDyMPTLeiKYyehbX2JS8mCvl81MdMLKfba57ZLfRr5WSlVuqy69CwRl7Tal6O1K9GCGPfmLqA
Source: global traffic HTTP traffic detected: GET /assets/session_package-e27311e49866e5050dcf774ae3dd00fd632a56fd9cea5d0ed408497f9576e012.css HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /packs/js/runtime-461b1b74cc572f890c8f.js HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /packs/js/882-821b6997692328fd5b75.js HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /packs/js/login-a860e00a8fd55872cfa8.js HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /assets/@planningcenter/icons/sprites/general-45fb8eeff447e73ce56b2ccf04643bb3bf4672a4ed64f409e42f456a38874f8a.svg HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: imageReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /assets/pco/page_expired/manifest-c88201c22050a32daa4c0109df080c4d1076a43dad55e1d46fc8b5539095ef00.js HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.edge.sdk.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /assets/@planningcenter/icons/sprites/general-45fb8eeff447e73ce56b2ccf04643bb3bf4672a4ed64f409e42f456a38874f8a.svg HTTP/1.1Host: login.planningcenteronline.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /assets/favicon-16-a3db94c1250254a4ba2b4aad660bf6e021907f98e04752f25eac8c0d4a33ab05.png HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.planningcenteronline.com/login/new?return=People%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ
Source: global traffic HTTP traffic detected: GET /assets/favicon-16-a3db94c1250254a4ba2b4aad660bf6e021907f98e04752f25eac8c0d4a33ab05.png HTTP/1.1Host: login.planningcenteronline.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAtxt5ENUiAAAA:2f5EpOwJ52vOkuGehvXsKP4vb95V+sLFv3CdbeFxglsIwUPLVyygC+mixFOaNKLNk63G6XihuH/+mYiZsd9Azin/wC8y85c/1RVJRUG5M9gdJ4GZgvwNUN2q3v0ViVfVnxgG0iBnwbmxH8ucM6w/UdjkLSjOQ5ScloHZQNG+W9tPD3KS9bSRbVIeoxJarcLBKPHLl29Csgezq/ysMACkd6tCghYnLHW64wxM5D0bQ4b7YZvH3oo+1Ojj2lzoNizx5NXQPYB+iOeBOf+JFrChTupZCZk0
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/verify HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /login/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY1MywiZXhwIjoxNzE1Mjc1MjUzLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.tkp2w2b0QSzgkIcuI5zIp-Ib02M1dPKsU8q4h23Myelj2LdDhWjAYs6RKaaburX4g9b_E2ZWFPsrJqEY1S8AzQ; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAZ5t4e342AAAA:z3K6BTMFoBj3LCS10kFZV92sLNaA3KRme1X35hPUwxgpT9sqAvhLwLNhXRAGToCCnNRwvG8Vhvi1z5zVMbjoUV6CLkiNACH072zX0NsTUveiMC0eg7KPxKBy8phj94ssatAgPWtcX3kOB2h/yQ0HGKnOn9k9OQJjCmcyvFfQ2DmvNo8oHoFdACsof2BpX5OhOS0UI6TdkZa5BjnRiycwR7pq9+LDRP5OM7zOxZgRTAGkFJmTwmXhq9MbC+HUD1+bpF1FNnOo1XrJve340Ts00iW19rcb
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /hub.html HTTP/1.1Host: pco-cross-storage.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /password_reset/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY2NSwiZXhwIjoxNzE1Mjc1MjY1LCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.iVnmy1oNTyyM1dqPJcw7ddynvRvZaMQaDpYGGFITOhTUfRG8-8_TxADG31wkB7PapC-boVqWxU15_B5pxBiYtQ; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAbHR5XN4YAAAA:tGXZ4GEtZ57ASTigk6KO2XLmnUBblibLjbfHZzTv9GxfqgYH35ZgoPTuTRoKm5Jhuywv3D5llP1fxx5og8LXDrJkPF6jD+vRV3ow1HMy2cNDPkUKv0YxL36wx8FXG088x7D137igUu1AJtbHfSlH33ee64uKV4tuw8UdmKMUMCjo58Zg8AF18/ip/OtYOQEh/dCUxMjSo+4nnh9YzfvlUkQ/8aGJ9R52AGywL+8Ooy2xlePB6rZlpd39pLFzbMmgIYf1lw8F1fybBldFAO+3NFygHqWX
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /login/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://login.planningcenteronline.com/password_reset/newAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY2OCwiZXhwIjoxNzE1Mjc1MjY4LCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.N_oIDHOB8EXm1adfpq8inqXpY4X7MIXcd-jAWndDD6hJN4iA_2CVWMAoO4YQl6d6KdFSF9cN5NHNX8_eEwsM0Q; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAe/940kUrAAAA:oCm58SG5oFpIwQWc+PAtG6jerqi8bj7vGmA9sfOcVIpuqrENIys6YMM6d+vK0TdGiPJK/CJhwvlKY4W5RtV78A/1GVv+k+Yleo39ZoOQTofeEhZxmO0DinXz5kDdXZNKvW08pieqXGeDecXDzj0ClrQPZjKw5hKdt2xQngjQQhoNqFkKJEzVrPPqCcm7GZ1EmTuahuH6Tfj2vEj95HF6S+LzbWXC6XXnDTAfz36Akqk7nzPef//+Ev687LjcD+wpweeZRefqpZOj6EJO1nrQN7vqOuH2If-None-Match: W/"cf13463be3eaab452590f50f03455305"
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /password_reset/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY3MSwiZXhwIjoxNzE1Mjc1MjcxLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.n7rj90NgS5P-QHICdhPmnGB43Y2yVdCcg1PVh-7ydk_Nxg9suLVf7Z_UiEkMbcPESWNcvyKX0TmghqOVUOY-VQ; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAt4x5jxQSAAAA:5sCcR5ghJuxXtCeLK+QfTz9qjEfd2YdXBHRwDOgBxgkyl1Vels9JbC7cdz2JqVLC5coSUBZoCU/4roUCDqaGv+oLCJF/VO6MxcxIz0ieetz1gj/0KnoBfwphsGVKvCxLK6FFySe5IdrYNRomE65JfI6zmbxbj+3mO61wwqlN1LW7iFuhUpxFKjrwAC2h0Q+tENtIlFnTex843qEA0j1k4JGP5xS201xnlW8vK7ylsJp9z0vVKZx0lEdHZ9SJaoTmzbUe1k6/LUPM4n4CY+aD4Bj8xlhVIf-None-Match: W/"4479a3118924747758e6325ba57df64e"
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /login/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY3OSwiZXhwIjoxNzE1Mjc1Mjc5LCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.pfnee7kNFglbECNSjjaoRIUxFCoXn6T-o_SyBAsnc8pxznk1QAzNPwAcRgDunrXrXZhwdTSqPWw4MJ_HnnEvdw; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAu7l4jJk1AAAA:WDb8peGpo9NxRFIjOnvdEXzRL2PEnukONvPwMjPytHTq20Nhk2H+0wf5QTWjQqsrae42mg90lHcETFC/MdZ1wHPt7gJZiOw5nz3nbWyyTh2gGaEEoezfnqPSkHZGDhQg1pH9qk3ew95iRtkv6Gc/NwO+oKKuAtzM3hWOxpC6/JDP0CklVxqTFz7gjUba/V6yXDXxWz/6/l7vE9qc4/smx3p8tMCHot34NG90NIh7roLlA24BIRTzl7vUZt47L85ZR9aHAs/kLzGrmO8uPmFSCrfF8697If-None-Match: W/"06aac7978eb8889e0e267cb755c152b5"
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /password_reset/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTY5MCwiZXhwIjoxNzE1Mjc1MjkwLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.bCv8ZVLMQtZusMXsRGv_EyrDRcmRC-AFG23WeMZqdG4wLN8oW8xpL7A6L4fMg0VYUI7c9rkqzcw2VfMSrAYoVQ; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAuSR4/5alAAAA:78sRzbAc2zu8cZnx7vh+PTvP3lLCwCHQZqIzrp4CxLKCLQcceh7AECMoAsFuLLMQgM3LVfGK9NvO57/pOV3DG367UTmYzzPn7E07mWcJxhkDVI54lxNjT96gzaUpvp7nYH8/c5BpJ6nN/mGekdIraDIhlB49oDNdlEIUw58drN1Msd00zIxMZl0JQFcAYBDWtNuMT+OlyeR5Jt3V/e85Y5k2pW7rx0Xy6lIMDci9w8/eUMgn2lnEDxHw45ZJHQc2iYRA8eFDtBRd8g2S/e7wsosOBhSBIf-None-Match: W/"6a48529c1e779406b90ee7992dba620f"
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /login/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTcwMCwiZXhwIjoxNzE1Mjc1MzAwLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ._hgeEx6B1j80iwQuhCSnJkjRZgM7RBBS58kK6ZOsMgaU3YOKLL15GqyFUrj75wMj58rLiYYKeO4sdavnOomkLQ; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoAdex51B0cAAAA:kLJfm6NSV1C5xwdSGRspCWIbQ6v+sAUe5GKod9NSDPx7TmRvtQQ6r5rkZh2BayGVpISEVTcLCO/5UPgsjz8RPuf+oSlZOoDZhroyB/hg1ZpTdBcbIzeHQTCMX07VAhgDP5zDZJPtQZaiBZiHTHdyUPx48IAjkM/wySMMImhBXRAK0TxyL/rVpDs3Wc8vVpLAR4wy/ytfeA/qRmPqeOatEdUiCPfPwdxriIlySjknDnlv5gNLGA37qMx2ZUXqx2aDwcPlYCkquUy2peR3+2F4w5njV0YxIf-None-Match: W/"eaccf4bd077bbaa7f9d862b4e844a288"
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /password_reset/new HTTP/1.1Host: login.planningcenteronline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: planning_center_session=eyJhbGciOiJFUzI1NiJ9.eyJqdGkiOiJlYjE5ZDQ3YjZjNzcxMGFhNDg0NjhjNGE2MjRlOTI4YiIsImlhdCI6MTcxNDA2NTcxMiwiZXhwIjoxNzE1Mjc1MzEyLCJpc3MiOiIvcGNvL3Nlc3Npb24ifQ.g1DmursyB83n9QH31kV6mTYOc_xJ09XqpP1mJD0k8TnCrf8CjTp6DvmrR_CfohY1CvyFPjdK7VUS8nb2ggLr2A; aws-waf-token=6a943996-c29b-451e-b492-ca31df579f9c:EgoArnR4wEI5AAAA:8gKCT+/aFcWWChXoOBrlqRrqsHwx8nBFd5OmnZV3oNAMzIr8aTsY3HO3kEvrmTnN+73tjc5m9n4yXoJmTAXFy195x31plRJKQ0oxJobTtCDOqI+e4TudzsenYSw6rpbTJbRlUO4J7HRYhvHB0lm0Dsj99/emiQSE6UI4TV+o53Z94jc+Plr34wmdgsaZ4I4AIPP3CrQyGZrNljD8I9Wwpu4sJUDwcrmAaHpf+ttF1LeUJEREZecMhD1fbTmLj1iwnXbw2JUfkx63F0vikb90AeR9Q/ijIf-None-Match: W/"887574677e3580b131fdcb63d805c51a"
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/challenge.js HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Thu, 25 Apr 2024 17:20:55 +0000
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab5ddfb19446/33b184b1a0f1/telemetry HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic DNS traffic detected: DNS query: people.planningcenteronline.com
Source: global traffic DNS traffic detected: DNS query: login.planningcenteronline.com
Source: global traffic DNS traffic detected: DNS query: ab5ddfb19446.edge.sdk.awswaf.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: ab5ddfb19446.87d96309.us-east-2.token.awswaf.com
Source: global traffic DNS traffic detected: DNS query: pco-cross-storage.s3.amazonaws.com
Source: unknown HTTP traffic detected: POST /ab5ddfb19446/33b184b1a0f1/verify HTTP/1.1Host: ab5ddfb19446.87d96309.us-east-2.token.awswaf.comConnection: keep-aliveContent-Length: 8699sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://login.planningcenteronline.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.planningcenteronline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://ab5ddfb19446.edge.sdk.awswaf.com/ab5ddfb19446/33b184b1a0f1/challenge.js
Source: chromecache_89.2.dr String found in binary or memory: https://docs.aws.amazon.com/waf/latest/developerguide/waf-javascript-sdk.html
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-128-862107eee4ccdf92e70a3410da4b3c48b82a256f89
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-144-f16df30018752c62b40bd115dfe8243b39d03354c0
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-16-a3db94c1250254a4ba2b4aad660bf6e021907f98e04
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-180-7cb6934e4aeb93b235f7ad24a74a5954391191914a
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-196-01f5c09b64cd6c1b3ce814135f810e5e16466c6707
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-228-607737e94a057cef8ee8eb1843e70fc4b6c2bc32b5
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-57-9126e33705cd9c9a32ff5800bead92dbbb182871fd7
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-76-898249b7983141caf8c7e8ec324fbdaca4da0c13990
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/favicon-96-21a56ea72172d8aefb55e0b38fef153fa6b38cfb356
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/pco/page_expired/manifest-c88201c22050a32daa4c0109df08
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/planning_center_1200px-2117eac95c17636782f0621c47c2621
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/assets/session_package-e27311e49866e5050dcf774ae3dd00fd632a56
Source: chromecache_86.2.dr, chromecache_95.2.dr String found in binary or memory: https://login.planningcenteronline.com/login
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/packs/js/882-821b6997692328fd5b75.js
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/packs/js/login-a860e00a8fd55872cfa8.js
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://login.planningcenteronline.com/packs/js/runtime-461b1b74cc572f890c8f.js
Source: chromecache_99.2.dr String found in binary or memory: https://pco-cross-storage-dev.s3.amazonaws.com/hub.html
Source: chromecache_99.2.dr String found in binary or memory: https://pco-cross-storage-staging.s3.amazonaws.com/hub.html
Source: chromecache_99.2.dr String found in binary or memory: https://pco-cross-storage.s3.amazonaws.com/hub.html
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://planning.center/privacy/
Source: chromecache_86.2.dr, chromecache_95.2.dr, chromecache_91.2.dr String found in binary or memory: https://planning.center/terms/
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.5:49723 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: classification engine Classification label: clean1.win@24/38@22/10
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2200,i,5783934558795399267,4721298403190009966,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://people.planningcenteronline.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2200,i,5783934558795399267,4721298403190009966,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1431783 URL: https://people.planningcent... Startdate: 25/04/2024 Architecture: WINDOWS Score: 1 5 chrome.exe 9 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.5, 443, 49703, 49709 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 www.google.com 108.177.122.147, 443, 49721, 49821 GOOGLEUS United States 10->17 19 people.planningcenteronline.com 108.139.15.59, 443, 49709, 49710 AMAZON-02US United States 10->19 21 8 other IPs or domains 10->21
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
13.249.39.45
 ab5ddfb19446.87d96309.us-east-2.token.awswaf.com United States
16509 AMAZON-02US false
13.249.39.67
 unknown United States
16509 AMAZON-02US false
16.182.40.97
 s3-w.us-east-1.amazonaws.com United States
unknown unknown false
18.155.1.25
 login.planningcenteronline.com United States
16509 AMAZON-02US false
18.155.1.14
 ab5ddfb19446.edge.sdk.awswaf.com United States
16509 AMAZON-02US false
239.255.255.250
 unknown Reserved
unknown unknown false
18.155.1.13
 unknown United States
16509 AMAZON-02US false
108.139.15.59
 people.planningcenteronline.com United States
16509 AMAZON-02US false
108.177.122.147
 www.google.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.5

Contacted Domains

Name IP Active
s3-w.us-east-1.amazonaws.com 16.182.40.97 true
ab5ddfb19446.edge.sdk.awswaf.com 18.155.1.14 true
ab5ddfb19446.87d96309.us-east-2.token.awswaf.com 13.249.39.45 true
login.planningcenteronline.com 18.155.1.25 true
www.google.com 108.177.122.147 true
people.planningcenteronline.com 108.139.15.59 true
fp2e7a.wpc.phicdn.net 192.229.211.108 true
pco-cross-storage.s3.amazonaws.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://login.planningcenteronline.com/packs/js/882-821b6997692328fd5b75.js false
    		high
    https://login.planningcenteronline.com/packs/js/login-a860e00a8fd55872cfa8.js false
      		high
      https://login.planningcenteronline.com/assets/session_package-e27311e49866e5050dcf774ae3dd00fd632a56fd9cea5d0ed408497f9576e012.css false
        		high
        https://pco-cross-storage.s3.amazonaws.com/hub.html false
          		high
          https://login.planningcenteronline.com/assets/@planningcenter/icons/sprites/general-45fb8eeff447e73ce56b2ccf04643bb3bf4672a4ed64f409e42f456a38874f8a.svg false
            		high
            https://login.planningcenteronline.com/packs/js/runtime-461b1b74cc572f890c8f.js false
              		high
              https://login.planningcenteronline.com/?return=People%2F false
                		high
                https://ab5ddfb19446.edge.sdk.awswaf.com/ab5ddfb19446/33b184b1a0f1/challenge.js false
                • Avira URL Cloud: safe
                		 unknown
                https://login.planningcenteronline.com/login/new?return=People%2F false
                  		high
                  https://login.planningcenteronline.com/login/new false
                    		high
                    https://ab5ddfb19446.87d96309.us-east-2.token.awswaf.com/ab5ddfb19446/33b184b1a0f1/challenge.js false
                    • Avira URL Cloud: safe
                    		 unknown
                    https://people.planningcenteronline.com/ false
                      		high
                      https://ab5ddfb19446.87d96309.us-east-2.token.awswaf.com/ab5ddfb19446/33b184b1a0f1/verify false
                      • Avira URL Cloud: safe
                      		 unknown
                      https://login.planningcenteronline.com/assets/favicon-16-a3db94c1250254a4ba2b4aad660bf6e021907f98e04752f25eac8c0d4a33ab05.png false
                        		high
                        https://login.planningcenteronline.com/password_reset/new false
                          		high
                          https://ab5ddfb19446.87d96309.us-east-2.token.awswaf.com/ab5ddfb19446/33b184b1a0f1/telemetry false
                          • Avira URL Cloud: safe
                          		 unknown