URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Submission: On December 26 via manual from US — Scanned from US

Summary

This website contacted 35 IPs in 2 countries across 30 domains to perform 183 HTTP transactions. The main IP is 104.18.34.98, located in and belongs to CLOUDFLARENET, US. The main domain is resources.infosecinstitute.com. The Cisco Umbrella rank of the primary domain is 757298.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 24th 2023. Valid for: a year.
This is the only time resources.infosecinstitute.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 104.18.34.98 13335 (CLOUDFLAR...)
11 18.160.156.11 16509 (AMAZON-02)
9 104.18.130.236 13335 (CLOUDFLAR...)
1 13.107.246.40 8075 (MICROSOFT...)
1 23.32.169.89 16625 (AKAMAI-AS)
2 20.42.73.142 8075 (MICROSOFT...)
1 104.18.32.137 13335 (CLOUDFLAR...)
1 23.56.162.197 16625 (AKAMAI-AS)
1 23.14.152.64 16625 (AKAMAI-AS)
2 23.22.78.224 14618 (AMAZON-AES)
5 104.19.211.131 13335 (CLOUDFLAR...)
3 142.251.40.104 15169 (GOOGLE)
71 13.249.59.101 16509 (AMAZON-02)
1 13.249.21.30 16509 (AMAZON-02)
1 104.117.182.33 20940 (AKAMAI-ASN1)
6 172.64.150.44 13335 (CLOUDFLAR...)
6 104.16.137.15 13335 (CLOUDFLAR...)
1 18.160.156.16 16509 (AMAZON-02)
3 5 13.107.42.14 8068 (MICROSOFT...)
2 4 172.217.13.130 15169 (GOOGLE)
2 172.217.13.162 15169 (GOOGLE)
2 172.217.13.142 15169 (GOOGLE)
4 142.251.35.164 15169 (GOOGLE)
1 34.111.140.246 396982 (GOOGLE-CL...)
1 20.40.202.0 8075 (MICROSOFT...)
11 3.94.218.138 14618 (AMAZON-AES)
1 13.249.59.14 16509 (AMAZON-02)
2 54.230.160.114 16509 (AMAZON-02)
1 4 15.197.193.217 16509 (AMAZON-02)
1 1 69.173.151.100 ()
2 2 68.67.160.184 29990 (ASN-APPNEX)
3 3 3.225.218.10 14618 (AMAZON-AES)
1 184.25.127.80 20940 (AKAMAI-ASN1)
3 5 44.214.186.206 14618 (AMAZON-AES)
1 1 18.160.172.74 ()
1 1 99.86.102.123 ()
2 3 35.244.159.8 ()
2 44.212.113.100 14618 (AMAZON-AES)
1 146.75.34.208 ()
183 35
Apex Domain
Subdomains
Transfer
71 driftt.com
js.driftt.com — Cisco Umbrella Rank: 5827
854 KB
21 infosecinstitute.com
resources.infosecinstitute.com — Cisco Umbrella Rank: 757298
699 KB
12 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1001
akamai.tiqcdn.com — Cisco Umbrella Rank: 9731
47 KB
11 drift.com
bootstrap.api.drift.com — Cisco Umbrella Rank: 6652
metrics.api.drift.com — Cisco Umbrella Rank: 6556
event.api.drift.com — Cisco Umbrella Rank: 7169
targeting.api.drift.com — Cisco Umbrella Rank: 6868
flow.api.drift.com — Cisco Umbrella Rank: 11636
14 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 324
147 KB
8 clickagy.com
tags.clickagy.com — Cisco Umbrella Rank: 24410
aorta.clickagy.com — Cisco Umbrella Rank: 1768
hemsync.clickagy.com — Cisco Umbrella Rank: 19866
18 KB
6 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1355
insight.adsrvr.org — Cisco Umbrella Rank: 557 Failed
match.adsrvr.org — Cisco Umbrella Rank: 331
6 KB
6 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4490
5 KB
6 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 9404
6 KB
6 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5638
api.lightboxcdn.com — Cisco Umbrella Rank: 6835
169 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 629
5 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
779 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
3 openx.net
us-u.openx.net
860 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
877 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
243 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 774
a8392411042.cdn.optimizely.com — Cisco Umbrella Rank: 63443
logx.optimizely.com — Cisco Umbrella Rank: 1439
129 KB
2 agkn.com
aa.agkn.com
d.agkn.com
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
317 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
59 KB
2 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 2692
1 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786
281 B
1 imgix.net
driftt.imgix.net
10 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
663 B
1 rubiconproject.com
pixel.rubiconproject.com
916 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548
309 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1582
45 KB
183 30
Domain Requested by
71 js.driftt.com tags.tiqcdn.com
js.driftt.com
21 resources.infosecinstitute.com resources.infosecinstitute.com
11 tags.tiqcdn.com resources.infosecinstitute.com
tags.tiqcdn.com
9 cdn.cookielaw.org tags.tiqcdn.com
cdn.cookielaw.org
js.monitor.azure.com
6 ws.zoominfo.com js.monitor.azure.com
6 js.zi-scripts.com tags.tiqcdn.com
js.monitor.azure.com
5 aorta.clickagy.com 3 redirects js.monitor.azure.com
5 www.lightboxcdn.com tags.tiqcdn.com
resources.infosecinstitute.com
www.lightboxcdn.com
4 targeting.api.drift.com js.driftt.com
4 www.google.com
4 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
4 px.ads.linkedin.com 2 redirects js.monitor.azure.com
3 us-u.openx.net 2 redirects
3 ups.analytics.yahoo.com 3 redirects
3 match.adsrvr.org js.adsrvr.org
3 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
2 hemsync.clickagy.com js.monitor.azure.com
2 flow.api.drift.com js.driftt.com
2 event.api.drift.com js.driftt.com
2 ib.adnxs.com 2 redirects
2 js.adsrvr.org resources.infosecinstitute.com
match.adsrvr.org
2 bootstrap.api.drift.com js.driftt.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
2 collect.tealiumiq.com js.monitor.azure.com
2 dc.services.visualstudio.com js.monitor.azure.com
1 driftt.imgix.net
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 hb.yahoo.net js.adsrvr.org
1 pixel.rubiconproject.com 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 tags.clickagy.com resources.infosecinstitute.com
1 metrics.api.drift.com js.driftt.com
1 api.lightboxcdn.com www.lightboxcdn.com
1 logx.optimizely.com js.monitor.azure.com
1 www.linkedin.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 snap.licdn.com tags.tiqcdn.com
1 static.hotjar.com tags.tiqcdn.com
1 a8392411042.cdn.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com tags.tiqcdn.com
1 geolocation.onetrust.com js.monitor.azure.com
1 akamai.tiqcdn.com tags.tiqcdn.com
1 js.monitor.azure.com resources.infosecinstitute.com
183 45
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-24 -
2024-07-22
a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 03
2023-12-19 -
2024-12-13
a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-16 -
2024-11-16
a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 03
2023-11-18 -
2024-11-12
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-01 -
2024-09-04
a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018
2023-02-26 -
2024-02-28
a year crt.sh
*.tealiumiq.com
Amazon RSA 2048 M02
2023-07-26 -
2024-08-23
a year crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3
2023-10-09 -
2024-10-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
drift.com
Amazon RSA 2048 M02
2023-08-15 -
2024-09-11
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
zi-scripts.com
GTS CA 1P5
2023-12-02 -
2024-03-01
3 months crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3
2023-04-04 -
2024-04-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
logx.optimizely.com
GTS CA 1D4
2023-12-12 -
2024-03-11
3 months crt.sh
api.lightboxcdn.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-12-11 -
2024-06-11
6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-11-03 -
2024-05-03
6 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.clickagy.com
Amazon ECDSA 256 M02
2023-09-22 -
2024-10-20
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
hb.yahoo.net
R3
2023-12-18 -
2024-03-17
3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-07 -
2025-01-07
a year crt.sh

This page contains 10 frames:

Primary Page: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Frame ID: 51F17181EE982A0CD6178FBBD8DF1AEC
Requests: 91 HTTP requests in this frame

Frame: https://a8392411042.cdn.optimizely.com/client_storage/a8392411042.html
Frame ID: B9318D548422AE31416F0AF1FA3F62C1
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Frame ID: CB529F968E8821786A3153B4327F6269
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Frame ID: 9259CF447DAC6C0C873851A61C24EB99
Requests: 38 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/lightbox.js?mb=1703612286535&lv=1
Frame ID: BE31ABED8224AA406A183B530B875338
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0
Frame ID: 536A740B5EF4A84FFE87422F1804BB64
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0
Frame ID: B4F00FDB3D30F4FFB214703147B9BCB5
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 920B598BECAE775E99F1042B79F5276B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4126428947753410958&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
Frame ID: C37D3B220095A52D15254AA6D5F3EE4F
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UUTBCU1Y5RTJ1R09RR0JiZWdfRmZmcEhacGVrbTNVVX5B&gdpr=0&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&dpid=55953
Frame ID: E671BAB1E9DFE262C20A2C214C31937F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Network traffic analysis for IR: Alternatives to Wireshark | InfosecBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

183
Requests

97 %
HTTPS

0 %
IPv6

30
Domains

45
Subdomains

35
IPs

2
Countries

2475 kB
Transfer

7942 kB
Size

49
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D448354%26time%3D1703612286296%26url%3Dhttps%253A%252F%252Fresources.infosecinstitute.com%252Ftopics%252Fincident-response-resources%252Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&cookiesTest=true&liSync=true
Request Chain 124
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/?random=899830718&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=fg-LZdflHLWdoPMP1fGn6AM&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p5eGhnMnhqU3VJNHRweTJDcUY4MnhRRzFIMG5ta2RrVnJ3Z0l2NGotWktramJyeDVNSi1yX28iEwjXnK6p0q2DAxW1DmgIHdX4CT0 HTTP 302
  • https://www.google.com/pagead/1p-conversion/580249777/?random=899830718&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p5eGhnMnhqU3VJNHRweTJDcUY4MnhRRzFIMG5ta2RrVnJ3Z0l2NGotWktramJyeDVNSi1yX28iEwjXnK6p0q2DAxW1DmgIHdX4CT0&is_vtc=1&ocp_id=fg-LZdflHLWdoPMP1fGn6AM&cid=CAQSGwAvHhf_rgS-yojImPLJU4bkHdcfp11lIulI8w&random=1862832405
Request Chain 125
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/?random=1158652596&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=fg-LZajoHLyToPMPrderwA4&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p6WWxyeXl4YkZ5ZUp0R1BELUFNT3lQcGZsdXhvaFYxNWxMZ04wRG5MRWV6WGhES00tU1ZiS1EiEwion66p0q2DAxW8CWgIHa3rCug HTTP 302
  • https://www.google.com/pagead/1p-conversion/580249777/?random=1158652596&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p6WWxyeXl4YkZ5ZUp0R1BELUFNT3lQcGZsdXhvaFYxNWxMZ04wRG5MRWV6WGhES00tU1ZiS1EiEwion66p0q2DAxW8CWgIHa3rCug&is_vtc=1&ocp_id=fg-LZajoHLyToPMPrderwA4&cid=CAQSGwAvHhf_0CiUb-RaPndHDdpBE0KBMr1WRQw13w&random=976280122
Request Chain 160
  • https://insight.adsrvr.org/track/up?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0
Request Chain 162
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 163
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D9e5455b0-54a5-4d8c-ad52-64ada0b9ab34 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4126428947753410958&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
Request Chain 164
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UUTBCU1Y5RTJ1R09RR0JiZWdfRmZmcEhacGVrbTNVVX5B&gdpr=0&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&dpid=55953
Request Chain 172
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=ZYsPf1lI2m7qnR4DDWZ3CHgw&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1703612287935&ip=5.181.234.134&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D214600604742007537040 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=214600604742007537040 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=b4d45653-f676-4ca1-903d-accf15cd3f97&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZYsPf7v5iEOKlqIIFBg9lIjy

183 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
160 KB
28 KB
Document
General
Full URL
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f62dc537802e0984e6575c6f393d3a7527b05a6afb6e19a92ee4c0d9360cb5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
83bb18608d5a4375-EWR
content-encoding
gzip
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:03 GMT
pragma
no-cache
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
server
cloudflare
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
utag.sync.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
6 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.sync.js
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e8bf72ed67263c009a4d989643932ba00bba16204fde2de39a04c39dbd21dcb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
SPpsDHjsxTvFZnlJtt4NIyR04w3bNO8V
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:52 GMT
last-modified
Thu, 14 Dec 2023 03:37:29 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
192
x-amz-server-side-encryption
AES256
etag
W/"a4d7e1d86394c307c4e20cc4fa2d1083"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
8_zktm0WOAfaMsQaNsyxoQtl3JxjBOqqrc30Fgp7xjqCy5IV1C3qng==
OpenSans-Regular.ttf
resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/
127 KB
127 KB
Font
General
Full URL
https://resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/OpenSans-Regular.ttf
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Origin
https://resources.infosecinstitute.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-length
129796
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:16 GMT
server
cloudflare
etag
"1da3289d703db04"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83bb1862c8394375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
OpenSans-SemiBold.ttf
resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/
127 KB
127 KB
Font
General
Full URL
https://resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/OpenSans-SemiBold.ttf
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89275a1c66640733265b5be89864b6daefef1cc3f275566dd8fd29bd66601a83
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Origin
https://resources.infosecinstitute.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-length
129716
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:16 GMT
server
cloudflare
etag
"1da3289d703dab4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83bb1862c83b4375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
OpenSans-Bold.ttf
resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/
127 KB
127 KB
Font
General
Full URL
https://resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/OpenSans-Bold.ttf
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Origin
https://resources.infosecinstitute.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-length
129784
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:16 GMT
server
cloudflare
etag
"1da3289d703daf8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83bb1862c83d4375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
RobotoSlab-Bold.ttf
resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/
124 KB
124 KB
Font
General
Full URL
https://resources.infosecinstitute.com/siteassets/Theme/Shared/fonts/RobotoSlab-Bold.ttf
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460deda0fa168952b37ffdf7855cab596863a9d6f8664e2bc565a1ff2cb0a67c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Origin
https://resources.infosecinstitute.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-length
126676
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:16 GMT
server
cloudflare
etag
"1da3289d703ced4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83bb1862c83e4375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
above-fold-general.css
resources.infosecinstitute.com/siteassets/_dist/css/resources/
119 KB
17 KB
Stylesheet
General
Full URL
https://resources.infosecinstitute.com/siteassets/_dist/css/resources/above-fold-general.css?v=1FNziep2zsEihnbIP4_UodJfNKSM6lyH0v5N_fVCzNQ
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4537389ea76cec1228676c83f8fd4a1d25f34a48cea5c87d2fe4dfdf542ccd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:58 GMT
server
cloudflare
etag
W/"1da3289f00b0d28"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
83bb186328c34375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
below-fold-general.css
resources.infosecinstitute.com/siteassets/_dist/css/resources/
116 KB
27 KB
Stylesheet
General
Full URL
https://resources.infosecinstitute.com/siteassets/_dist/css/resources/below-fold-general.css?v=dpKXyZgteVxXKV_mv9ue7BU1ehvLzhUFOrGuWTo1tvQ
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769297c9982d795c57295fe6bfdb9eec15357a1bcbce15053ab1ae593a35b6f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:58 GMT
server
cloudflare
etag
W/"1da3289f00b01b7"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
83bb186328c64375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
infosec-logo-2.svg
resources.infosecinstitute.com/contentassets/94a5dff166e14ccc9d31eacf2c22d8e8/
4 KB
3 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/94a5dff166e14ccc9d31eacf2c22d8e8/infosec-logo-2.svg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5a120b4597a5ea79a9a656c010966edecb6070947de58ed9e63fc9cd76ba59
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
cf-cache-status
HIT
age
8581
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Wed, 19 Jul 2023 20:56:57 GMT
server
cloudflare
etag
W/"1d9ba838e002250"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=34619
cf-ray
83bb186328c74375-EWR
expires
Wed, 27 Dec 2023 03:15:02 GMT
19b3dee1b724157e37799a0364da55a2.jpeg
resources.infosecinstitute.com/contentassets/52383275fd48485c80f60208867cd4aa/
4 KB
4 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/52383275fd48485c80f60208867cd4aa/19b3dee1b724157e37799a0364da55a2.jpeg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb9852124ce21cac09607322e5de94eb21436223339a71b951d076a1cf3983e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=2592000
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=6760
content-disposition
inline; filename="19b3dee1b724157e37799a0364da55a2.webp"
content-length
3700
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 12:32:56 GMT
server
cloudflare
etag
"1d9c0867843d668"
vary
Accept
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83bb186328c84375-EWR
expires
Wed, 27 Dec 2023 05:38:03 GMT
passwordprotecteddesktop-infosecblue-icon.png
resources.infosecinstitute.com/contentassets/3c2c951fbb5b4e60bafe653c3a5d20f6/
2 KB
2 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/3c2c951fbb5b4e60bafe653c3a5d20f6/passwordprotecteddesktop-infosecblue-icon.png
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99838d87a77c4581f0deda5f102b98031147a8e302aea99d41388d9da06f5ee6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
MISS
content-length
2003
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Thu, 20 Jul 2023 12:26:46 GMT
server
cloudflare
etag
"1d9bb0572d600d3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83bb1863b9804375-EWR
expires
Wed, 27 Dec 2023 05:38:03 GMT
infosec-skills_live-boot-camps_rgb-white.png
resources.infosecinstitute.com/contentassets/be26b6439d4243f7b15332900f984a71/
5 KB
7 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/be26b6439d4243f7b15332900f984a71/infosec-skills_live-boot-camps_rgb-white.png
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a37080e5cba18eb1cb69582de89b80d75973dabb0237518928153b28d4bc60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
content-security-policy
frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=2592000
cf-cache-status
HIT
age
4653
cf-polished
origFmt=png, origSize=6493
content-disposition
inline; filename="infosec-skills_live-boot-camps_rgb-white.webp"
content-length
5130
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 12:34:58 GMT
server
cloudflare
etag
"1d9bef46c281c5d"
vary
Accept
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=38547
accept-ranges
bytes
cf-ray
83bb18655bcc4375-EWR
expires
Wed, 27 Dec 2023 04:20:30 GMT
drew-robb-author-headshot.jpg
resources.infosecinstitute.com/contentassets/1c18f0391d6a437d9af08a85f45f5f86/
5 KB
5 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/1c18f0391d6a437d9af08a85f45f5f86/drew-robb-author-headshot.jpg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12948aabf17f9e974261ed8a13d665df82c6217ab96f534554934951c066c4d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
content-security-policy
frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=2592000
cf-cache-status
HIT
age
26499
cf-polished
qual=85, origFmt=jpeg, origSize=8936
content-disposition
inline; filename="drew-robb-author-headshot.webp"
content-length
4924
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Oct 2023 23:48:22 GMT
server
cloudflare
etag
"1d9f978c16285e8"
vary
Accept
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=16701
accept-ranges
bytes
cf-ray
83bb18657bec4375-EWR
expires
Tue, 26 Dec 2023 22:16:24 GMT
e1dea087fa2b27046728c6a4c202a018.jpeg
resources.infosecinstitute.com/contentassets/ef9d3cbe78a54f11bf8eaa8f39761d4e/
3 KB
4 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/ef9d3cbe78a54f11bf8eaa8f39761d4e/e1dea087fa2b27046728c6a4c202a018.jpeg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1043add6a45753f52fbef7e6fb6600c900a3dcb07eae758b9dd2f0cc8bf32886
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=2592000
cf-cache-status
HIT
age
11335
cf-polished
qual=85, origFmt=jpeg, origSize=6448
content-disposition
inline; filename="e1dea087fa2b27046728c6a4c202a018.webp"
content-length
3458
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Jul 2023 12:17:56 GMT
server
cloudflare
etag
"1d9bfbb3568eb30"
vary
Accept
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31865
accept-ranges
bytes
cf-ray
83bb18658c0b4375-EWR
expires
Wed, 27 Dec 2023 02:29:08 GMT
waqas.jpg
resources.infosecinstitute.com/contentassets/e8b2298ae72e41598f9a6573ae4cae56/
6 KB
7 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/e8b2298ae72e41598f9a6573ae4cae56/waqas.jpg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a635391c1602d5c89a0d83d80a10e848379b01b74b7a8a0b741a2a29e030beb2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
MISS
content-length
6606
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 18 Jul 2023 07:59:32 GMT
server
cloudflare
etag
"1d9b94dc90053ce"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83bb18659c104375-EWR
expires
Wed, 27 Dec 2023 05:38:03 GMT
c2f0187a7c45a9d1a19c4be6dc073172.jpeg
resources.infosecinstitute.com/contentassets/e5992bd3ae424cd884b076bd78f4d2a5/
6 KB
7 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/e5992bd3ae424cd884b076bd78f4d2a5/c2f0187a7c45a9d1a19c4be6dc073172.jpeg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871c69d5bdf76e1b3b109641b284365db6c8557e69f29a2cb20a64209128324c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
MISS
content-length
6521
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Thu, 27 Jul 2023 11:36:16 GMT
server
cloudflare
etag
"1d9c07e8db4e179"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
83bb1865ac2d4375-EWR
expires
Wed, 27 Dec 2023 05:38:03 GMT
infosec-logo-white-1.svg
resources.infosecinstitute.com/contentassets/94a5dff166e14ccc9d31eacf2c22d8e8/
4 KB
3 KB
Image
General
Full URL
https://resources.infosecinstitute.com/contentassets/94a5dff166e14ccc9d31eacf2c22d8e8/infosec-logo-white-1.svg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae98183fee563cf992e368640357801d7b0282b6f4c743b454a6eb695fa12ea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
cf-cache-status
HIT
age
8581
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Wed, 19 Jul 2023 20:55:56 GMT
server
cloudflare
etag
W/"1d9ba8369a446d0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=34619
cf-ray
83bb1865ac304375-EWR
expires
Wed, 27 Dec 2023 03:15:02 GMT
Vendor-Jquery.js
resources.infosecinstitute.com/siteassets/_dist/js/
85 KB
30 KB
Script
General
Full URL
https://resources.infosecinstitute.com/siteassets/_dist/js/Vendor-Jquery.js?v=dW7fCs39_jx9WtBtS5R9ntWaNfD8rSGbjt2rCK2nk7Y
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756edf0acdfdfe3c7d5ad06d4b947d9ed59a35f0fcad219b8eddab08ada793b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
REVALIDATED
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:45:08 GMT
server
cloudflare
etag
W/"1da3289f601e15e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83bb1863f9df4375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
Vendor-Others.js
resources.infosecinstitute.com/siteassets/_dist/js/
78 KB
24 KB
Script
General
Full URL
https://resources.infosecinstitute.com/siteassets/_dist/js/Vendor-Others.js?v=0r-Hx1kD-BfMU6btYJ_56I-TqtS-zvY7ckAgnxGimqI
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2bf87c75903f817cc53a6ed609ff9e88f93aad4becef63b7240209f11a29aa2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
REVALIDATED
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:45:08 GMT
server
cloudflare
etag
W/"1da3289f60185bc"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83bb18644a694375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
Global.js
resources.infosecinstitute.com/siteassets/_dist/js/
54 KB
18 KB
Script
General
Full URL
https://resources.infosecinstitute.com/siteassets/_dist/js/Global.js?v=zcpTCt4v0K-Q-F5PHmA0rB1r7RYZSu1ajjJ7anhH7wY
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdca530ade2fd0af90f85e4f1e6034ac1d6bed16194aed5a8e327b6a7847ef06
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
REVALIDATED
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:45:08 GMT
server
cloudflare
etag
W/"1da3289f6006494"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83bb18649ad84375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
Navigation.js
resources.infosecinstitute.com/siteassets/_dist/js/
31 KB
7 KB
Script
General
Full URL
https://resources.infosecinstitute.com/siteassets/_dist/js/Navigation.js?v=zZePwvszOt8oN82ZRtmeooQKa0NTHKMzTV1N-rDmkZg
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd978fc2fb333adf2837cd9946d99ea2840a6b43531ca3334d5d4dfab0e69198
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
cf-cache-status
REVALIDATED
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Tue, 19 Dec 2023 14:44:52 GMT
server
cloudflare
etag
W/"1da3289ec7737d4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83bb1864db3d4375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
find.js
resources.infosecinstitute.com/Util/Find/epi-util/
6 KB
3 KB
Script
General
Full URL
https://resources.infosecinstitute.com/Util/Find/epi-util/find.js
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.ed2go.com qa-www.ed2go.com careertraining.ed2go.com qa-careertraining.ed2go.com careertraining.georgiasouthern.edu cpe-online.kennesaw.edu ed2go.degree.astate.edu careertraining.certifi.mercy.edu ed2go.online.se.edu careertraining.alasu.edu careertraining.nwmissouri.edu careertraining.csusm.edu careertraining.unm.edu careertraining.valdosta.edu careertraining.lindenwood.edu careertraining.osuokc.edu careertraining.utep.edu careertraining.wpi.edu careertraining.ju.edu onlinetraining.hagerstowncc.edu careertraining.eicc.edu careertraining.schoolcraft.edu careertraining.utm.edu careertraining.nhti.edu careertraining.uis.edu careertraining.cmich.edu careertraining.sdsu.edu careertraining.southeastmn.edu careertraining.vwu.edu careertraining.octech.edu upskilling.mitchell.edu careertraining.fgcu.edu ce.fox.uwosh.edu careertraining.bhcc.edu careertraining.nccu.edu careertraining.uh.edu careertraining.memphis.edu careertraining.baylor.edu careertraining.sunysccc.edu careertraining.pccc.edu careertraining.ncmich.edu careertraining.moval.edu ce.fdl.uwosh.edu careertraining.eku.edu careertraining.cfcc.edu careertraining.hgtc.edu careertraining.stcc.edu careertraining.uca.edu careerbuilding.culver.edu workforcetraining.tamucc.edu careertraining.msstate.edu careertraining.ed2go.lsue.edu careertraining.findlay.edu careertraining.keene.edu careertraining.hvcc.edu careertraining.uncp.edu careertraining.occc.edu careertraining.ccny.cuny.edu onlinecareertraining.ualr.edu careertraining.mtc.edu careertraining.fiu.edu careertraining.st-aug.edu ed2gotraining.coconino.edu careertraining.lsus.edu careertraining.csuci.edu careertraining.worwic.edu careertraining.usca.edu careertraining.kbcc.cuny.edu onlinecareertraining.vinu.edu corporatetraining.cf.edu careertraining.blueridgectc.edu careertraining.bhc.edu careertraining.uww.edu onlinecareertraining.waketech.edu careertraining.vermontstate.edu careertraining.fdltcc.edu ed2go.ashland.kctcs.edu ed2go.herzing.edu; upgrade-insecure-requests;
cf-cache-status
HIT
age
4653
content-encoding
gzip
x-xss-protection
1; mode=block
request-context
appId=cid-v1:12416fc2-9765-4494-b701-a7b09395914a
last-modified
Mon, 27 Mar 2023 10:50:08 GMT
server
cloudflare
etag
W/"1d96099e57427ec"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83bb1865ac324375-EWR
expires
Tue, 26 Dec 2023 21:38:03 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5rel+BW+cbOCNkEJ4C4NBQ==
age
32784
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:55 GMT
server
cloudflare
etag
0x8DC026A943751A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb18679c374379-EWR
utag.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
81 KB
24 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ca63c0eb66d42a8cecac698e4a63bcc27630f459dd9cd86af046a5434e5522

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
h70aXd482YGRI0x8T7p7vWkuLVd.nix_
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:52 GMT
last-modified
Thu, 14 Dec 2023 03:37:28 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
192
x-amz-server-side-encryption
AES256
etag
W/"26757c01440064c0250f73d096770478"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
G2MmaqIOx-QhzzABf0OKK77nvgNzvVS2fjEvxnBUgd3Q8FEwaQ-uFQ==
ai.2.gbl.min.js
js.monitor.azure.com/scripts/b/
120 KB
45 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5280e48d0af1b1c69f407e4fe2c4982200ad6cce2da6fce2fc6d6c5b0711bbeb

Request headers

Referer
https://resources.infosecinstitute.com/
Origin
https://resources.infosecinstitute.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:03 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 16:13:08 GMT
content-md5
ddqkH0E+9rZVa3iakU0Nug==
x-ms-meta-aijssdkver
2.8.16
etag
0x8DBB9F47AC970CE
x-azure-ref
0fA+LZQAAAACK0FDYnl9yRoKYrHWO6bbsRVdSMzBFREdFMDUwNQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
fb54e29f-401e-005e-5421-3859a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.16.gbl.min.js
truncated
/
264 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f1f81f4701c3af408ffd164e21e2da0a2316f962d6817f86a98ea0d502d3830

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1014 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01bd64df9f72702424a2e124be3e4e04efc0376be4fe2360173ea40861c0e843

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
392 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a8c1500a9833d15fa6d145aabce3c2062e4045fa8fa2d7db378e0e7bd41a138

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
883 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39dafb85fef063b1779be71345083a08489bc842632074a7042919d618c203ee

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
562 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04bf6e56587cbcaf3bd22e150369f625c7b1915fb3f553f307fbf8cbd2daa111

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
location.js
akamai.tiqcdn.com/location/
18 B
795 B
XHR
General
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.169.89 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-169-89.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 17:38:03 GMT
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-EdgeScape-Location
Cache-Control
max-age=1296000
X-EdgeScape-Location
country_code=US,region_code=NY,city=NEWYORK,areacode=212,zip=10001-10014+10016-10041+10043-10045+10055+10060+10065+10069+10075+10080-10081+10087+10090+10095+10101-10126+10128-10133+10138+10150-10179+10185+10199-10200+10203+10211-10213+10242+10249+10256-10261+10265+10268-10282+10285-10286+10292,bandwidth=5000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18
Expires
Wed, 10 Jan 2024 17:38:03 GMT
utag.90.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
2 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.90.js?utv=ut4.49.202209221830
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
611af45a9a6a8f42eca468d52ea8760f42c217cc7e1375a5591f9cfeeb0c8149

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
chPF9L35q2JNhqZCsgf6kZwujh8q7eqN
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:52 GMT
last-modified
Thu, 14 Dec 2023 03:37:28 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
192
x-amz-server-side-encryption
AES256
etag
W/"6265b07ce2f0b2b0cf9dbeef3b9edb0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
XVtcMfHydyc0wmOmIWHK_cBjVDGtUa13cOO2UsnpgrTYq0_uQ2WthA==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
429 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=infosec/marketing/202312140336&cb=1703612283952
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Tue, 26 Dec 2023 17:36:27 GMT
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P1
age
97
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
816JbPlaN5-5l56J6xrqeif_AKZ9PH9SQ8txWUdhgOhkFVU0o4h6Jg==
b3784718-47df-4dbe-8d99-b186c683650a.json
cdn.cookielaw.org/consent/b3784718-47df-4dbe-8d99-b186c683650a/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/b3784718-47df-4dbe-8d99-b186c683650a/b3784718-47df-4dbe-8d99-b186c683650a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1685140b10e70ea8c251a18ad45bc411d862999f08d12102ed5ca46382a70ba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
24415
content-md5
mI1pixvUT5A0JhuMdaVG8Q==
content-length
1618
x-ms-lease-status
unlocked
last-modified
Thu, 09 Feb 2023 16:39:29 GMT
server
cloudflare
etag
0x8DB0ABC371B8102
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
61816848-201e-0081-1799-229959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb1869a88d4328-EWR
expires
Wed, 27 Dec 2023 17:38:04 GMT
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.142 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://resources.infosecinstitute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 26 Dec 2023 17:38:03 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/
96 B
281 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.142 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5de970e5ec9a321d31334b78d76b3a23f95cf3091b0a10da08c13240364e1b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
BE922EDD-D62C-412A-BF19-3C0A32A0FCB7
strict-transport-security
max-age=31536000
date
Tue, 26 Dec 2023 17:38:03 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
71 B
309 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
83bb186cb88a2ebb-LAX
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/
372 KB
89 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
23541
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7531ee9b-301e-0079-330a-15c5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb186d39ab4379-EWR
en.json
cdn.cookielaw.org/consent/b3784718-47df-4dbe-8d99-b186c683650a/2c7f0259-6cea-4378-926f-6933e606f556/
58 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/b3784718-47df-4dbe-8d99-b186c683650a/2c7f0259-6cea-4378-926f-6933e606f556/en.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a50275cba1b55746cc94791bdadd516219a9b4e1f0637ab554695bab7d88b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
79054
content-md5
ZL6b8ASO64G7ypBVQiZqdQ==
content-length
14273
x-ms-lease-status
unlocked
last-modified
Thu, 09 Feb 2023 16:39:33 GMT
server
cloudflare
etag
0x8DB0ABC398FF964
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b09d1de-901e-0012-2260-144253000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb186d6d3d4328-EWR
expires
Wed, 27 Dec 2023 17:38:05 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
83913
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c957289e-001e-003f-1a53-23f120000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb186dad944328-EWR
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/
63 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PpYet/3D+UMQBHrd1SR49w==
age
83912
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13981
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:58 GMT
server
cloudflare
etag
0x8DA87805B3CBC97
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
798043c7-601e-0090-7056-2303ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb186dad974328-EWR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
24416
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
536835cf-501e-00ab-1eb9-a50ff4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83bb186dad9b4328-EWR
Infosec_RGB_RGB.png
cdn.cookielaw.org/logos/e7eb72e0-2361-4ad5-b548-28e7aa0d5be8/9331ade3-7f73-4719-9e19-626d13d37d15/d6948af6-c175-4146-8659-a2621df40d4f/
10 KB
11 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/e7eb72e0-2361-4ad5-b548-28e7aa0d5be8/9331ade3-7f73-4719-9e19-626d13d37d15/d6948af6-c175-4146-8659-a2621df40d4f/Infosec_RGB_RGB.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5366f38a3d74c798938e7cd239ffa7f6652358def0e755ad278e1a77ed0414eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sWAn0vbrDvDlMBHQO92Rug==
age
11704
content-length
10596
x-ms-lease-status
unlocked
last-modified
Thu, 05 May 2022 21:22:47 GMT
server
cloudflare
etag
0x8DA2EDD66AAF0A1
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
90828bee-301e-00d6-24e1-5a933c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb186dfa644379-EWR
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
38908
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a220a8b7-a01e-006b-498a-34be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83bb186dfa664379-EWR
22182221699.js
cdn.optimizely.com/js/
1 MB
126 KB
Script
General
Full URL
https://cdn.optimizely.com/js/22182221699.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.197 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-197.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
804b74f696f68fa1a78138939b3bfc6f56651ba839c1276dc74d212116200144
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
pXF_LZCO3Vedl_hKgzfy3a.RQJepbSYc
content-encoding
gzip
date
Tue, 26 Dec 2023 17:38:05 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
CRB0P39JGTD8CAA7
x-amz-server-side-encryption
AES256
x-amz-meta-revision
2553
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.56.162.197";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1703612285445_398664813_2663241440_806_1469_3_6_146";dur=1
content-length
128439
x-amz-id-2
ewqFtrKB0Yl1pG2/Qi55Drwle0kGmb2QuU9q4hFAchIQgeq+mIWw/WIynHb8/BrAnjFoje3M8nM=
last-modified
Wed, 13 Dec 2023 22:34:22 GMT
server
AmazonS3
etag
"9e7188625f88283bfa74262e189e9b6e"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
a8392411042.html
a8392411042.cdn.optimizely.com/client_storage/ Frame B931
7 KB
2 KB
Document
General
Full URL
https://a8392411042.cdn.optimizely.com/client_storage/a8392411042.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/22182221699.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.14.152.64 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
25814e341f76851e5d1cb703f4c810a516867e55e72881fad1c5576f833b6470
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://resources.infosecinstitute.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1484
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:05 GMT
etag
"3015db5de8bcf692babbc8094de49259"
last-modified
Fri, 22 Dec 2023 16:29:05 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="23.14.152.64";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1703612285636_3088676316_345857719_28_19919_3_8_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
mHmfeWgGRZeWC4v9WFY4Cb1f+E7bAJ1KzV7M6FolDPZsIVhRjeFzxWKOYvpyroKrN+kMSBb8OT4=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
C0TGBJCGGEFSGAXM
x-amz-server-side-encryption
AES256
x-amz-version-id
incHvBtjJr5haz1UATt9JoTY_UtaeWAu
utag.105.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
13 KB
4 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.105.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fad64454276f86870c8a46c389736cab01667489ed41967022139b34774f7dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kRnEeE72QVBmpJfCSvs7i.DkDBjbJDTs
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:38:07 GMT
last-modified
Thu, 14 Dec 2023 03:37:26 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
x-amz-server-side-encryption
AES256
etag
W/"86313c69b44b8f1a446d6271885d3080"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
zcgF9OQBv6ZIWyHeF4gi28MvhjvxOM_HX31L03W3aES4I0oR331RYg==
utag.45.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
11 KB
4 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.45.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80477471d44a007664ffb93c2e8623b580ab3ed95103ea56021770e2d33839ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Pu37AMeertCHy.pBaKigYqlbYxbTRZ73
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:53 GMT
last-modified
Thu, 14 Dec 2023 03:37:28 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
193
x-amz-server-side-encryption
AES256
etag
W/"52662dc2ee918e02917eafbf71b10058"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
PYX3Pflht3P8EbF5qKpVT666AStYdOx_JUHT6fWXMplvDuCXQ0d_4w==
i.gif
collect.tealiumiq.com/infosec/main/2/
43 B
762 B
XHR
General
Full URL
https://collect.tealiumiq.com/infosec/main/2/i.gif
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.78.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-78-224.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary7zDacRx1DnBnzVHA

Response headers

date
Tue, 26 Dec 2023 17:38:05 GMT
x-serverid
uconnect_i-0da4b6d92166c8307
x-tid
018ca7347bfe000592417b8c954303074008406c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
infosec:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
018ca7347bfe000592417b8c954303074008406c00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://resources.infosecinstitute.com
x-ulver
eea0e3e72333670598197c274b6e00dfd7c24755-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
a59c71cf-962c-44a8-9b3b-89ab9f6011d6
expires
Tue, 26 Dec 2023 17:38:05 GMT
utag.88.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.88.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42735be445ea056fc0d8baff2761d5daa2f2c9a5195666f16a3ec05bf350537a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
LH5_VQrTjkAIHqaNlc5cWQKCcxtNC3FW
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:53 GMT
last-modified
Thu, 14 Dec 2023 03:37:27 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
193
x-amz-server-side-encryption
AES256
etag
W/"b4cad8a2ce32751ebc6b4b989ee3a194"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
pBc6A6pZNsuVoNU1axG1vOIG7HiZ2vR9ojanwrTWKeXLrO3r8pIgZw==
lightbox_inline.js
www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/
2 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/lightbox_inline.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.211.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76eab55dfc3dc8b37c1ffa5ce1dd2b27988de1a79a04fb40a04bfd61ad876bb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1dbCtW+F8e5JCPhhoEzAxQ==
age
104
cf-polished
origSize=2532
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 19:46:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
aaa256ee-d01e-0000-2246-341830000000
x-ms-version
2009-09-19
cf-ray
83bb18752cde0f85-EWR
utag.96.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.96.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55e7ae1219fcc3e1497bb2dd7dbefc07af7e1ace50be15b882481dc3289d9d36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ff1xDdo3tltQG3jjp79RLCYbhcWrsGlx
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:53 GMT
last-modified
Thu, 14 Dec 2023 03:37:28 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
193
x-amz-server-side-encryption
AES256
etag
W/"9a4baa4325a229252da2c98ef5fcec63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ZGT2DYiIYGLem5mQ3qx_FJBcbo8PJpanlzVdKvJfQRF0mQDDmDcEMQ==
utag.104.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.104.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c88f93967e5fad4365cc96be3c1e7f8c055a366d2b4c573961aae6f40b608ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
f0o255_p_DHAkUdB6iRhjmJ23H7Ndqzd
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:53 GMT
last-modified
Thu, 14 Dec 2023 03:37:27 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
193
x-amz-server-side-encryption
AES256
etag
W/"7f543b0242c599fca427e443de0c9113"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
DrDKYSmxj_qPAqGOHeIQHJgWL9rBfp50Cpsvx1ENovsDZyiU1WvdUw==
utag.117.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
12 KB
5 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.117.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a077ceba154ecbb340e92c8bc74a644df7d73947b63d39a82d6b693d790f3e26

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
v2iaHkL0M3haqk3Yb16neOEoVLvE0xD2
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:53 GMT
last-modified
Thu, 14 Dec 2023 03:37:27 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
193
x-amz-server-side-encryption
AES256
etag
W/"55315f216de8c262bae68e5fb17455c6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
xAvS4e6Ixad58satk3nnDndtQusd7Z_pntgaH2IDqN0cn5WKlwVVCg==
utag.125.js
tags.tiqcdn.com/utag/infosec/marketing/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.125.js?utv=ut4.49.202312140336
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-11.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
137ce248f06a0007a61ea956fc0255d2bb6c304a7c26e6e39dabdbedfb30f523

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
zj8BzP5cF44e2DiSUe5rJquItUs5gOBE
content-encoding
br
via
1.1 f31b50b817654a1216e0d0c0a9e1f6f0.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 17:34:53 GMT
last-modified
Thu, 14 Dec 2023 03:37:28 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-P1
age
193
x-amz-server-side-encryption
AES256
etag
W/"8b8fc6b9761691472ead43c6715e1280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
4wLzCRSN6C61WWqeWWqmGXcc48_ENKhs3RjSoIJYIy87BuWG2aZxrA==
js
www.googletagmanager.com/gtag/
194 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-580249777
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a9a1d6b73282dd08968916010625d9a6557f9fa370026eaf4e7522a9f12357f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72387
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 17:38:06 GMT
pmmnrsi6trh6.js
js.driftt.com/include/1703612400000/
220 KB
62 KB
Script
General
Full URL
https://js.driftt.com/include/1703612400000/pmmnrsi6trh6.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.88.js?utv=ut4.49.202312140336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7aed369f1e52c9d8067bbf8d207008116f5ff180011edcf6c947559c4fc53f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
H70cymZ50WeY_NluU45Uyar4VHReWatl
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 26 Dec 2023 17:38:06 GMT
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
25
last-modified
Tue, 19 Dec 2023 18:34:48 GMT
server
istio-envoy
etag
W/"4a143fdda73dbe20c846f59e78815e87"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aSl_5yD2aDBe597pE-bJ5C30ffyRBUPGFnLLQjXpsAIZ7ZqZbleanw==
hotjar-866561.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-866561.js?sv=
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-30.iah50.r.cloudfront.net
Software
/
Resource Hash
b6e48881c761140c4d0d6a34f06ec94093a8ee88f2f16f1f5babea62892f41a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 17:38:06 GMT
via
1.1 d46ce076a982464ef839aecddf72a812.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C1
age
32
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/ab3e238728ac7e2d9dcda04a206ad618
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
Yb8sDYm5LHZ4_6Df_RePz041ZSlx12p4JCx9GZEv9i5w2q6RwqRL2w==
insight.min.js
snap.licdn.com/li.lms-analytics/
42 KB
15 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=36114
accept-ranges
bytes
content-length
15541
zi-tag.js
js.zi-scripts.com/
8 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.125.js?utv=ut4.49.202312140336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
x-amz-version-id
lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Dec 2023 12:17:02 GMT
server
cloudflare
via
1.1 ae4e162eb9c0a598fcb6475e70daa530.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"15c02cdee0df6c26ba3d8c62d912c66c"
age
33899
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cf-ray
83bb18737f4bc42c-EWR
x-amz-cf-id
vqOX3bARqnF7wyYbQ9jTY7u9gykAOdrcbqShi9kgx1N66siqxuAFiw==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://resources.infosecinstitute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
Qj9bvhImPHcESyQ=
cf-cache-status
DYNAMIC
cf-ray
83bb1873a875429e-EWR
date
Tue, 26 Dec 2023 17:38:06 GMT
server
cloudflare
vary
Access-Control-Request-Headers
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
x-amz-cf-id
6toBS1BDRw8A3cWSqMYZOhI5dDVpcMqSE8D_WBZlq10mFheoUj9E3w==
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
x-powered-by
Express
getSubscriptions
js.zi-scripts.com/unified/v1/master/
150 B
408 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a7514b8e684e6f630f202b8dae1b2b0f68b401a4f4fe94bf26b7f47384ab202e

Request headers

visited_url
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer 637aad59011679924935
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
JFK50-P6
x-powered-by
Express
etag
W/"96-VYg2lxH3rQQgQ8I7QGnX+Y5h5RY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
83bb18743928429e-EWR
x-amz-cf-id
Alfmk58Og1k_kolIfKl5ZbVJhFxxXArfjm_Ia8svjvbizxiSchZN7g==
apigw-requestid
Qj9bwiRGPHcEPQg=
/
ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/
4 KB
3 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/?iszitag=true
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b26aeb2a0d07581a0ab73c938eef94bd251aa3a8c27eb04f48d340818ab2fe98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

visited-url
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
_vtok
NS4xODEuMjM0LjEzNA==
_zitok
11a07e2a3eda9998144d1703612286
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
83bb18796cc242cf-EWR
/
ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://resources.infosecinstitute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://resources.infosecinstitute.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83bb1876fa8443c8-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:06 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
modules.618aa075c4d9b6424e07.js
script.hotjar.com/
220 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-866561.js?sv=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-16.iah50.r.cloudfront.net
Software
/
Resource Hash
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3b855a6ae22a2464ebe493a34f4daff4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P1
age
458880
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55689
last-modified
Thu, 21 Dec 2023 10:09:33 GMT
etag
"6ed2c6300d63320c76677ced187741fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
EpK8mmCXbCyVMlJYP2tijpehHRDOWQq7s16lcU4k4gWbSD4AEozuhg==
core
js.driftt.com/ Frame CB52
2 KB
1 KB
Document
General
Full URL
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1703612400000/pmmnrsi6trh6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
301a063a370f398276a8f59b8532bf95e84ece4894bd8c4c9c4e2f73523dd6e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://resources.infosecinstitute.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:06 GMT
etag
W/"3f76bf50bf8709fd7a874445c25ed85b"
last-modified
Tue, 19 Dec 2023 18:34:39 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-id
iSk-YhZhuxEkD5BMB4XMuzXSjekaxY_KAnKaHeKGj1BoKnrpHFmXIQ==
x-amz-cf-pop
IAH50-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
M3lX73ojWeAAZSgVOSF8vUEicE7ONEgc
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
22
chat
js.driftt.com/core/ Frame 9259
2 KB
1 KB
Document
General
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1703612400000/pmmnrsi6trh6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
301a063a370f398276a8f59b8532bf95e84ece4894bd8c4c9c4e2f73523dd6e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://resources.infosecinstitute.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:06 GMT
etag
W/"3f76bf50bf8709fd7a874445c25ed85b"
last-modified
Tue, 19 Dec 2023 18:34:39 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-id
Zz6C70aycyjNNOnKJ4U1i7ZkpyjxLXR9qSh6T2AOJsE26s3gUlg2rw==
x-amz-cf-pop
IAH50-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
M3lX73ojWeAAZSgVOSF8vUEicE7ONEgc
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
16
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-i...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-i...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D448354%26time%3D1703612286296%26url%3Dhttps%253A%252F%252Fresources.infosecinstit...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-i...
0
399 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&cookiesTest=true&liSync=true
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F706ED1B58DF427F92374A3A786DDE2D Ref B: EWR30EDGE0420 Ref C: 2023-12-26T17:38:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNbSUvxIkTTmAdWuC9Zg==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 17:38:06 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYNbSUu/q5UTtMPd6B+1w==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9679E4DBF3CA4113A60B0DD572D24AEB Ref B: EWR30EDGE0420 Ref C: 2023-12-26T17:38:06Z
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=448354&time=1703612286296&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/?random=1703612286349&cv=11&fst=1703612286349&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580249777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f0a10d1cd21817f826d74aefb01d41203e1d861b2956c134a74245a7ad3961b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/580249777/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/580249777/?random=1703612286362&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580249777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
96a8074c8bac6e55368a496b30c5dae59489f8990c52e8ea3222063b48e8cc82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1654
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
244 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LBHGZWKZX1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580249777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
403ad15d318ea9e8c3899d870c5d8b9e2b68329157d6f45a23bf1b4564c8bba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Dec 2023 17:38:06 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/?random=1703612286420&cv=11&fst=1703612286420&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580249777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7e5b7d4e969be5afe8899e8025320588498ab5e2f8da66c7c1c4bf04e4b903e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/580249777/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/580249777/?random=1703612286424&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580249777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ffb4638a501a9acecad70fe6341dc0b71a10a73fcad2327ee8d721b260e92c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.gif
collect.tealiumiq.com/infosec/main/2/
43 B
761 B
XHR
General
Full URL
https://collect.tealiumiq.com/infosec/main/2/i.gif
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.78.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-78-224.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary0BNtZnCbnOI3p3hf

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
x-serverid
uconnect_i-0ad01698203deb981
x-tid
018ca7347bfe000592417b8c954303074008406c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
infosec:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
018ca7347bfe000592417b8c954303074008406c00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://resources.infosecinstitute.com
x-ulver
eea0e3e72333670598197c274b6e00dfd7c24755-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
59d7112c-ff70-4fa6-941e-222873dc8f73
expires
Tue, 26 Dec 2023 17:38:06 GMT
zi-tag.js
js.zi-scripts.com/
8 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/infosec/marketing/prod/utag.125.js?utv=ut4.49.202312140336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
x-amz-version-id
lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Dec 2023 12:17:02 GMT
server
cloudflare
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"15c02cdee0df6c26ba3d8c62d912c66c"
age
33899
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cf-ray
83bb18763a6fc42c-EWR
x-amz-cf-id
wMYH1HJYdoZJBHnrJpXIoqPLTBJe5y4EsHN07P6iJS6JhK_-esVVoA==
runtime~main.7656baa8.js
js.driftt.com/core/assets/js/ Frame CB52
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
33c819c3b54af12f66086f15e44faa620f97a57dd27c503c1dc2af4c2c1154a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
YRg3fr55Sau951Oh.Q.cCUy.j_RMZhYy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
72
last-modified
Tue, 19 Dec 2023 16:15:25 GMT
server
istio-envoy
etag
W/"54ae90df168987dea0e780b5a9585491"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rgBcJJQZQHjELUIJMnCJ4OvNWwuuVUa6f9CR-1Jl-eCTGcwWr80piA==
9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
35 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:54:28 GMT
x-amz-version-id
j9wMK55lq0iLj26rdsSCzkFzouWdiy6V
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
14028218
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Wed, 12 Jul 2023 14:36:18 GMT
server
istio-envoy
etag
W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ERyxAMzpILjrOveOAcy4tyW8ce6NIxS-VpxktgGm3PfdIn77JQCqVg==
main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
7 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 08:39:28 GMT
x-amz-version-id
h8FtHV0i381FW4g4vgS0pDflX8vL7fXX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9709118
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
23
last-modified
Mon, 04 Sep 2023 22:46:03 GMT
server
istio-envoy
etag
W/"e094b276ad2035c3a46871991c258c2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
u5_Q3Y1L1JBAl214yfKOG2zDr7en8SR-NTC3vsVfbW8HCoYSF6Vwfg==
runtime~main.7656baa8.js
js.driftt.com/core/assets/js/ Frame 9259
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
33c819c3b54af12f66086f15e44faa620f97a57dd27c503c1dc2af4c2c1154a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
YRg3fr55Sau951Oh.Q.cCUy.j_RMZhYy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
72
last-modified
Tue, 19 Dec 2023 16:15:25 GMT
server
istio-envoy
etag
W/"54ae90df168987dea0e780b5a9585491"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tFjaI3FkHRT4BP-hNflWKS-VqGoOJuAepFRPHYnArwIUcW9wqIOMTQ==
9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
35 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:54:28 GMT
x-amz-version-id
j9wMK55lq0iLj26rdsSCzkFzouWdiy6V
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
14028218
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Wed, 12 Jul 2023 14:36:18 GMT
server
istio-envoy
etag
W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Es1IEQzrVqEdqqjZlGC7nIISs57F3RzL9D8zFcK9gIil570PkUzOYA==
main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
7 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 08:39:28 GMT
x-amz-version-id
h8FtHV0i381FW4g4vgS0pDflX8vL7fXX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9709118
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
23
last-modified
Mon, 04 Sep 2023 22:46:03 GMT
server
istio-envoy
etag
W/"e094b276ad2035c3a46871991c258c2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GCo3DKoOQ2Owq40_aRajGj1i2kT8l-gvU1sum73DRIaWLeGdZC7ohQ==
getSubscriptions
js.zi-scripts.com/unified/v1/master/
150 B
281 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a7514b8e684e6f630f202b8dae1b2b0f68b401a4f4fe94bf26b7f47384ab202e

Request headers

visited_url
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Referer
https://resources.infosecinstitute.com/
_zitok
11a07e2a3eda9998144d1703612286
accept-language
en-US,en;q=0.9
Authorization
Bearer 637aad59011679924935
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
JFK50-P6
x-powered-by
Express
etag
W/"96-VYg2lxH3rQQgQ8I7QGnX+Y5h5RY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
83bb1877cd7c429e-EWR
x-amz-cf-id
c53i0BaW4HdRW1DzlxqYm7BKkiJOxMXh_5zzuSV9fPTCUnOrLHuZZA==
apigw-requestid
Qj9b2hGEvHcEP7w=
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://resources.infosecinstitute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
Qj9b1ggvvHcEPvw=
cf-cache-status
DYNAMIC
cf-ray
83bb18767bcb429e-EWR
date
Tue, 26 Dec 2023 17:38:06 GMT
server
cloudflare
vary
Access-Control-Request-Headers
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
x-amz-cf-id
5lmwn14ntsO2-jx_QFzUXo44f0H4PMnYiiaoaIp2LMjYPF7uYerBvQ==
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
x-powered-by
Express
collect
www.google-analytics.com/g/
0
263 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LBHGZWKZX1&gtm=45je3bt0v893934935&_p=1703612285956&gcd=11l1l1l1l1&dma=0&gdid=dYmQxMT&cid=263901619.1703612287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703612286&sct=1&seg=0&dl=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&dt=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3954
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBHGZWKZX1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resources.infosecinstitute.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
51.558be3c5.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
23 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:01:55 GMT
x-amz-version-id
FJkK9YMx2OWsNKBc6KbuqpS2wZqwn2Ni
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13512971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 21 Jul 2023 20:53:09 GMT
server
istio-envoy
etag
W/"fa281fcbe4b2e35558d60fae3e316367"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0D2khcxCltNCPdMC3IxC3doHGjU_38zgltBriZXxJ0ej3hY_6aqP8w==
35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
36 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 07:19:24 GMT
x-amz-version-id
f8pwWxGakHkqDa5G7Sli3a.o.RMnpl4A
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
1419522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Wed, 06 Dec 2023 19:18:01 GMT
server
istio-envoy
etag
W/"46fa5a7bc37a22544a908e4ad950309c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
PBGbed4YbWyU5B56WKyZkGXSZeRkHTJyEt5Eu3O7TNXNURAqJBu0BA==
22.6b9a301a.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
32 KB
11 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:32:33 GMT
x-amz-version-id
Iq6q_gvY8pNzoTs.Gj7cRHHiJM4JZUUq
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
12179133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Fri, 28 Jul 2023 18:55:10 GMT
server
istio-envoy
etag
W/"d8739a9fe9a3a42936f5cd86c8727494"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2iOhKZQ_Lte3zFcQnFss2MxR2tYnACEDr-M-okDBVgwwObL92IZQtA==
19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
17 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 00:45:48 GMT
x-amz-version-id
Hk_vupXb1b30d6Vcw2qdMZn4qW64.euE
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
2134338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Wed, 29 Nov 2023 17:11:55 GMT
server
istio-envoy
etag
W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lIdBLQHuxwFmtAeBgVvmcCpbtKlWEDJtdKtw1GqiPeDSerAzfWfIOA==
41.b4fc4de2.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
25 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:23 GMT
x-amz-version-id
_5XuCoBvpwpe74IeYxrswbcOHbJC1Qsp
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 15 Sep 2023 20:51:07 GMT
server
istio-envoy
etag
W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
pReWnoQybYEfr9ZzAGr0GiUjGIDRV0z18HvSCwUXOT1d0yVmybrZEw==
20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
74 KB
23 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:01:55 GMT
x-amz-version-id
yRHab8n8pSoFgQ4q92BOxh1RnhH9U7cp
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13512971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 21 Jul 2023 20:53:08 GMT
server
istio-envoy
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
thFxGMUN0R5BaUYn1pYbrdp65pHlb2Loj0y6NUfHsz2xHWCnuJO0nw==
26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
66 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:56:44 GMT
x-amz-version-id
zTSx1s2_iE4F5lVvR1Bl0RgCDh7ps_ry
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
3422482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Wed, 15 Nov 2023 22:15:46 GMT
server
istio-envoy
etag
W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
D-IqHa5nxuogJRH2mEuw6DPHY1R9Rje63KE_6TX-RdQFe9iMlq_t9w==
14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
91 KB
28 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 14:02:02 GMT
x-amz-version-id
7KpbYueSmA2vlHASVtvVJK_Gmlq1Btaz
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8134564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
20
last-modified
Fri, 22 Sep 2023 19:55:10 GMT
server
istio-envoy
etag
W/"16d7ae86e21434a32157d3226ac9bb77"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
drmnWi9YJeUFkntEuGnu28qMAd8GE9Fv4ay1c2Drdpyq_Okc-2N_LQ==
11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
23 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:23 GMT
x-amz-version-id
PipiODm4WhWzigBJrfwsWCO2Kvw028Yl
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 15 Sep 2023 20:51:05 GMT
server
istio-envoy
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_OWXaHOsOIvmakBQfgpkiptJZmM7P9BPqNCkYsjaxPFC-3R2FrIyxA==
18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
62 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 11:13:51 GMT
x-amz-version-id
aGdqfwhzhh2bEA7qD.1_jfGQlKXR2O.8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
1405455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Wed, 06 Dec 2023 19:18:00 GMT
server
istio-envoy
etag
W/"02f09379c544befa413d22eb57ed41de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
sWzoT6dCZO2oEVm-13YMCyBJPGsnnsHD7liML0dAAMafBAQ7fsRjUQ==
49.f7274268.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
105 KB
34 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/49.f7274268.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 11:09:39 GMT
x-amz-version-id
AM0hgbOTPnD2Z3I_CxvserRWPDVENWtq
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9181707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Thu, 07 Sep 2023 15:58:13 GMT
server
istio-envoy
etag
W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6KeFaC0h34PRKSZ1fyEU54iMnxKddqGEeQ7Zuf4ZrLxcWnms_Otm1Q==
40.31ef8dbf.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
12 KB
4 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 13:02:33 GMT
x-amz-version-id
7WRVREC_cpOOfcU8CBUNKma_ca7JkA0q
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
3731733
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Thu, 09 Nov 2023 16:46:49 GMT
server
istio-envoy
etag
W/"b0793fa46e8c0ae1846b7be8a833da35"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
NvjKkAqB9NdlbklY5yfyyRLQTeIRW6VoGeE6JkUSlD6IUzakFInv4A==
29.31d09948.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
13 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/29.31d09948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 11:09:39 GMT
x-amz-version-id
cDEtyB9dXmhkuU2pl5EGfQct.heLuf0a
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9181707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Thu, 07 Sep 2023 15:58:12 GMT
server
istio-envoy
etag
W/"455157cb49065fb85fed54901ddaeb0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
KmWdvQkHGvgcCDjdxjGEXTxO6dHb5AAzkEyV7LMMRt25tY4rtwXQAg==
21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
17 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:54:21 GMT
x-amz-version-id
4qTep96ynZO1cvUJBb6PeApp6csBpuDy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13340625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
last-modified
Fri, 21 Jul 2023 20:53:08 GMT
server
istio-envoy
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
u6mtkq1-JaQqMAnCcMtRtcBh9O3DcswiwzVMZh3gUbR2hwY-0eWXIg==
8.7602338c.chunk.css
js.driftt.com/core/assets/css/ Frame CB52
31 KB
4 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 17:29:14 GMT
x-amz-version-id
Z3PSShQjZUbW560QfpsUp8auVInwOZp.
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
2678932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Tue, 21 Nov 2023 16:21:39 GMT
server
istio-envoy
etag
W/"76d0343f1f9f445c80d5c68c2a35b6e0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lpmWnK6POIuVNcFm8SamDK39coxUlF3aT6fBbVSXgs-9pyUMqSkNCA==
8.241483c9.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
81 KB
26 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/8.241483c9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
02e0af8160d983b1e80bd6103733715fee1c7a245a100ef55029efcd737199b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
0c79nyKqpwCRHWqE5e9sPBo0Bb4UyIfy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
70
last-modified
Tue, 19 Dec 2023 16:15:25 GMT
server
istio-envoy
etag
W/"9e20f6a52d561fe062cec030eb95b5f3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iVjae59vslxSPtdXEiqKTS2MN02eq-YJdaheK9ICtXdXcYTaWd1H2w==
16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame CB52
24 B
696 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 19:44:54 GMT
x-amz-version-id
MG8zaRoUrZeTkSnK8fTXkM4CV5El6i5d
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAH50-C2
age
12693192
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
content-length
24
last-modified
Fri, 28 Jul 2023 18:55:08 GMT
server
istio-envoy
etag
"0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lhdIAckWASACraOgzwpJIe6xYadu4VMO9-gV3g79z4seXiULdkgFbg==
16.47352bd2.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
93 KB
24 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/16.47352bd2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d6b0973d4321ac8a1bbe809533b94b0ebdb8cdfc3815903aa4f09f7b7866e4f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
YQ0DTCY2o7SmrPag5FV7YsghgvMFm_i2
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
116
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"3b04cce3813d0ca9480188e1731143c5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lOmeaL2f6R1vQvD2--YAeC2ZY1AR9LRJDKiqC0LoBLa9hVWqJsLFCw==
24.b27a8ea7.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
51 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/24.b27a8ea7.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b5552112b463d93966fca4f5631586d9e399d6fdf999d09a791157be4d209923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
jG4KvttCR2zMNNdkgDLNtwBSfigD3i4S
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
53
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"44055a9dd10e7b09939f2bfab4ca5d19"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
f3R-bga8TfNg-fJUqZvl1dX-nfsO0W-JqPMveJx92Gcd-yKdB0R3xA==
17.e196fe7f.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
40 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/17.e196fe7f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
358eb90752ceecc50106c5ef89ed32016dae4b35c7b1a484e767059f4cf5b7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
UglEBZPvnWZADbcLpRJJuhRb4BvaO05i
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
70
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"35e67464b9ce1dc158a506ecea9f7300"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
HluNLZeRcJ9qQSzoTTP_2GyLMwOu4gFkoPB1NaDSQtA1eqsL1y1XcQ==
51.558be3c5.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
23 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:01:55 GMT
x-amz-version-id
FJkK9YMx2OWsNKBc6KbuqpS2wZqwn2Ni
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13512971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 21 Jul 2023 20:53:09 GMT
server
istio-envoy
etag
W/"fa281fcbe4b2e35558d60fae3e316367"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rKgeQ_T_MPcum5jFybedPRFSGIS1eHw20fLxwKBftd2avCGG8yTJtg==
35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
36 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 07:19:24 GMT
x-amz-version-id
f8pwWxGakHkqDa5G7Sli3a.o.RMnpl4A
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
1419522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Wed, 06 Dec 2023 19:18:01 GMT
server
istio-envoy
etag
W/"46fa5a7bc37a22544a908e4ad950309c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
cwW-MC1ARJCQpEJ23CtUME6MkBFNf91Z4n700XFL_75mT49Bxe8iLA==
22.6b9a301a.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
32 KB
11 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:32:33 GMT
x-amz-version-id
Iq6q_gvY8pNzoTs.Gj7cRHHiJM4JZUUq
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
12179133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Fri, 28 Jul 2023 18:55:10 GMT
server
istio-envoy
etag
W/"d8739a9fe9a3a42936f5cd86c8727494"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7k4kM0aSisz0q_EsnscMTGBKNAncyWS7Sr0gbx8WTVjQ6QMtmFn5MA==
19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
17 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 00:45:48 GMT
x-amz-version-id
Hk_vupXb1b30d6Vcw2qdMZn4qW64.euE
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
2134338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Wed, 29 Nov 2023 17:11:55 GMT
server
istio-envoy
etag
W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tNCTI0LXnPFBB-zcv8GZqH60PUlJGHYShSIkpMGANYP4xmwY0TFxew==
41.b4fc4de2.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
25 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:23 GMT
x-amz-version-id
_5XuCoBvpwpe74IeYxrswbcOHbJC1Qsp
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 15 Sep 2023 20:51:07 GMT
server
istio-envoy
etag
W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7kQZ6jAKKw3qCtdAO-RB4ZR4LnlsNetTdMudn-Zzhqc3fhdZIbqvmQ==
20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
74 KB
23 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:01:55 GMT
x-amz-version-id
yRHab8n8pSoFgQ4q92BOxh1RnhH9U7cp
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13512971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 21 Jul 2023 20:53:08 GMT
server
istio-envoy
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
HivH2yC4r6nVJlKP26hG55Exc7_IJPFlbHj2R-rl9CCte66Wv-Zqyw==
26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
66 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:56:44 GMT
x-amz-version-id
zTSx1s2_iE4F5lVvR1Bl0RgCDh7ps_ry
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
3422482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Wed, 15 Nov 2023 22:15:46 GMT
server
istio-envoy
etag
W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9PgUvqWYrdJMT5s8IdKvSr3BFVnAa41BQ17YsJmvnZmEsMSW7n_rcA==
14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
91 KB
28 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 14:02:02 GMT
x-amz-version-id
7KpbYueSmA2vlHASVtvVJK_Gmlq1Btaz
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8134564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
20
last-modified
Fri, 22 Sep 2023 19:55:10 GMT
server
istio-envoy
etag
W/"16d7ae86e21434a32157d3226ac9bb77"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iegRYG-k1S6SjLNi0gJI4-MkiBNn2xkk-x4BFg8XFKLBQ9gJdAo4Cw==
11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
23 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:23 GMT
x-amz-version-id
PipiODm4WhWzigBJrfwsWCO2Kvw028Yl
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 15 Sep 2023 20:51:05 GMT
server
istio-envoy
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0rxhFFMhuzrSaQQwyG6Ugpr6D486KqJywyHjQkJqJ8S4ELBmamBnug==
18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
62 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 11:13:51 GMT
x-amz-version-id
aGdqfwhzhh2bEA7qD.1_jfGQlKXR2O.8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
1405455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Wed, 06 Dec 2023 19:18:00 GMT
server
istio-envoy
etag
W/"02f09379c544befa413d22eb57ed41de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ZOp46mfwTGXLGsPi8bBEx1NaOKYdZm4WKSSdAHTMoMUVDcsT8-gk3g==
49.f7274268.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
105 KB
34 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/49.f7274268.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 11:09:39 GMT
x-amz-version-id
AM0hgbOTPnD2Z3I_CxvserRWPDVENWtq
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9181707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Thu, 07 Sep 2023 15:58:13 GMT
server
istio-envoy
etag
W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
nk2DZKe-wGnBN2T61HQRoYxJPdwNAXPaXhHCOKaUI0XnVAdivtfM7Q==
40.31ef8dbf.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
12 KB
4 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 13:02:33 GMT
x-amz-version-id
7WRVREC_cpOOfcU8CBUNKma_ca7JkA0q
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
3731733
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Thu, 09 Nov 2023 16:46:49 GMT
server
istio-envoy
etag
W/"b0793fa46e8c0ae1846b7be8a833da35"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2CjBqo49Bi_5qdjlxNzfeGX09Ev7IiuF3IJJ6L2RxpYCMg2Ute5ZwA==
29.31d09948.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
13 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/29.31d09948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 11:09:39 GMT
x-amz-version-id
cDEtyB9dXmhkuU2pl5EGfQct.heLuf0a
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9181707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Thu, 07 Sep 2023 15:58:12 GMT
server
istio-envoy
etag
W/"455157cb49065fb85fed54901ddaeb0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
G-sz5LccxLd41RgLMRbRYJdo0Ly2zwAwHc1pTkZSeM9BCBDLEXkBNQ==
21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
17 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:54:21 GMT
x-amz-version-id
4qTep96ynZO1cvUJBb6PeApp6csBpuDy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13340625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
last-modified
Fri, 21 Jul 2023 20:53:08 GMT
server
istio-envoy
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
wsce1QzjYYK4pfqFooRpZwLTsasR96WlgsxGjLN6BcKuSVvkYFbM8w==
8.7602338c.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
31 KB
4 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 17:29:14 GMT
x-amz-version-id
Z3PSShQjZUbW560QfpsUp8auVInwOZp.
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
2678932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Tue, 21 Nov 2023 16:21:39 GMT
server
istio-envoy
etag
W/"76d0343f1f9f445c80d5c68c2a35b6e0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SdThBo3Q6Ot3Ae0z8LlcSdAhz0LrvlP75z7rOkI-zePFCjgXuOxNcw==
8.241483c9.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
81 KB
26 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/8.241483c9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
02e0af8160d983b1e80bd6103733715fee1c7a245a100ef55029efcd737199b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
0c79nyKqpwCRHWqE5e9sPBo0Bb4UyIfy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
70
last-modified
Tue, 19 Dec 2023 16:15:25 GMT
server
istio-envoy
etag
W/"9e20f6a52d561fe062cec030eb95b5f3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Du2KjUBvR0S-YGnToKPzwx4McGz0ZcxmDPhEbaby-9x0ezMBrZcyDQ==
16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
24 B
697 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 19:44:54 GMT
x-amz-version-id
MG8zaRoUrZeTkSnK8fTXkM4CV5El6i5d
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAH50-C2
age
12693192
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
content-length
24
last-modified
Fri, 28 Jul 2023 18:55:08 GMT
server
istio-envoy
etag
"0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
IlO3cy5qYy1MlA4yXa5mivDzWAoVVtqn8fR_91zEJTvjqZpQdzy21g==
16.47352bd2.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
93 KB
24 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/16.47352bd2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d6b0973d4321ac8a1bbe809533b94b0ebdb8cdfc3815903aa4f09f7b7866e4f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
YQ0DTCY2o7SmrPag5FV7YsghgvMFm_i2
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
116
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"3b04cce3813d0ca9480188e1731143c5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
L0SnKl-SvTyXngvn0lOkjUXFldwVSMz-CPkI3Q-rzfTRN3rdJ0KhgQ==
24.b27a8ea7.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
51 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/24.b27a8ea7.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b5552112b463d93966fca4f5631586d9e399d6fdf999d09a791157be4d209923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
jG4KvttCR2zMNNdkgDLNtwBSfigD3i4S
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
53
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"44055a9dd10e7b09939f2bfab4ca5d19"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SShY3x4p6MFi8ZIUJ5SMT64JwiL0swNzUmCTVap30Nz5wBqvD8JNLg==
17.e196fe7f.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
40 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/17.e196fe7f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
358eb90752ceecc50106c5ef89ed32016dae4b35c7b1a484e767059f4cf5b7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
UglEBZPvnWZADbcLpRJJuhRb4BvaO05i
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
70
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"35e67464b9ce1dc158a506ecea9f7300"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GbrzO6j5AA-a4kXLlz5EdLWl4NdhsRNMivI4udSuGxpckxVloIa7WA==
lightbox.js
www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/ Frame BE31
501 B
399 B
Script
General
Full URL
https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/lightbox.js?mb=1703612286535&lv=1
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.211.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e10e4857419d55d06ccac3379927552997b5c9baf6b502dac8c789234312a789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 26 Dec 2023 17:29:33 GMT
server
cloudflare
age
513
cf-polished
origSize=510
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cf-ray
83bb1876ef520f85-EWR
/
www.google.com/pagead/1p-conversion/580249777/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/?random=899830718&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&ur...
  • https://www.google.com/pagead/1p-conversion/580249777/?random=899830718&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresou...
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/580249777/?random=899830718&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p5eGhnMnhqU3VJNHRweTJDcUY4MnhRRzFIMG5ta2RrVnJ3Z0l2NGotWktramJyeDVNSi1yX28iEwjXnK6p0q2DAxW1DmgIHdX4CT0&is_vtc=1&ocp_id=fg-LZdflHLWdoPMP1fGn6AM&cid=CAQSGwAvHhf_rgS-yojImPLJU4bkHdcfp11lIulI8w&random=1862832405
Protocol
H2
Server
142.251.35.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/580249777/?random=899830718&cv=11&fst=1703612286362&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p5eGhnMnhqU3VJNHRweTJDcUY4MnhRRzFIMG5ta2RrVnJ3Z0l2NGotWktramJyeDVNSi1yX28iEwjXnK6p0q2DAxW1DmgIHdX4CT0&is_vtc=1&ocp_id=fg-LZdflHLWdoPMP1fGn6AM&cid=CAQSGwAvHhf_rgS-yojImPLJU4bkHdcfp11lIulI8w&random=1862832405
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/580249777/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580249777/?random=1158652596&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&u...
  • https://www.google.com/pagead/1p-conversion/580249777/?random=1158652596&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Freso...
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/580249777/?random=1158652596&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p6WWxyeXl4YkZ5ZUp0R1BELUFNT3lQcGZsdXhvaFYxNWxMZ04wRG5MRWV6WGhES00tU1ZiS1EiEwion66p0q2DAxW8CWgIHa3rCug&is_vtc=1&ocp_id=fg-LZajoHLyToPMPrderwA4&cid=CAQSGwAvHhf_0CiUb-RaPndHDdpBE0KBMr1WRQw13w&random=976280122
Protocol
H2
Server
142.251.35.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/580249777/?random=1158652596&cv=11&fst=1703612286424&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&label=TealiumAPItracker&hn=www.googleadservices.com&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=292205441.1703612286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pDcXJBWVE3OUs4MnBURXN2WUhFaVVBdHp6YmpkRnpDUk9IM3RHZ242bW9mZ0FqR0dadmVORlM4VS04OHlqbl9FYjQ4Qlc0GldDaEFJZ0pDcXJBWVFwcks0cjkyNjVkRVVFaTBBamdqR0p6WWxyeXl4YkZ5ZUp0R1BELUFNT3lQcGZsdXhvaFYxNWxMZ04wRG5MRWV6WGhES00tU1ZiS1EiEwion66p0q2DAxW8CWgIHa3rCug&is_vtc=1&ocp_id=fg-LZajoHLyToPMPrderwA4&cid=CAQSGwAvHhf_0CiUb-RaPndHDdpBE0KBMr1WRQw13w&random=976280122
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/
0
489 B
XHR
General
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.140.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
x-envoy-decorator-operation
events-smart-router.edp-prod.svc.cluster.local:8080/*
via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
201a9ec7-851e-424a-8521-77e17ebb4e79
user.js
www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/ Frame BE31
1 MB
164 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/user.js?cb=638387847729784616
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/lightbox.js?mb=1703612286535&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.211.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf90816877908b1cfc40711dcc39582392288d0019bf9a534eda1d193df7e454

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
26bvq2fmApE/iGeFxke3iw==
age
424289
cf-polished
origSize=1786019
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 19:45:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
7d8a88bd-901e-0043-1b46-3432d9000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
83bb18776fdb0f85-EWR
expires
Wed, 25 Dec 2024 17:38:06 GMT
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
9 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 15:57:37 GMT
x-amz-version-id
v8CRq8SwJ.1n63gpnvh.yndOCUADbcdz
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
14434829
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Wed, 12 Jul 2023 14:36:15 GMT
server
istio-envoy
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Qa_tjw_vO6xZuMKi30PjI-nP9I_u8miDjo7eVAvKSA6vObL9yTJ2Vg==
27.01c2bea5.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
35 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:24 GMT
x-amz-version-id
9YlBPfrlhSgSuUsadQDUcriIzikSvi3.
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595822
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
53
last-modified
Fri, 15 Sep 2023 20:51:06 GMT
server
istio-envoy
etag
W/"04a233a42dcf8c50a83bfecea8ba552d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ilE6kbVlw_NYA0KV8qGgu_U8w9aiv7w60X8wca2rztA7ch1prp_6eQ==
28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame CB52
8 KB
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:34:11 GMT
x-amz-version-id
X.13DFJrGXxQgaaED9fWMfvYYMgNgXm2
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8978635
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
44
last-modified
Wed, 13 Sep 2023 15:34:30 GMT
server
istio-envoy
etag
W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
UIRkeiPXkvSeIdksmFsER_81KVKehcSZrahFf3xGXAT-ScIGdusX7w==
28.ce44111e.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
15 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/28.ce44111e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f8d040f2c6f5700c30ce737f3d5db464bc4ab40231d34aec71094dac043b7f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
rjiL.PlN54iJSXBU6pp_hrsH3utY1aK.
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
89
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"f834b234d557b9c9604f5ef1a5f13c21"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
w7We-3qSc4L8nUg_YE3uop9OAuIlJ1kIpEnSSrYNnBnDDW0eybfNUQ==
25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame CB52
365 B
1 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/25.c695453b.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 07:19:32 GMT
x-amz-version-id
H81CmYrWLXXAWNvVOZC.14Mf.U1yJWQE
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAH50-C2
age
1419514
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
content-length
365
last-modified
Wed, 06 Dec 2023 19:17:58 GMT
server
istio-envoy
etag
"06b2963b029c0824382815165bfea73e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
q8ZUPUTUVuaTfCvK511vtOFXgiOqD-xU8vDyRkS4P_zIAaHvLEsG_g==
25.cc73c6f2.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
92 KB
25 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/25.cc73c6f2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3e62bc9b0d78123e1a13bc7fe4d49cf0dcf25aafa059be8649035a80e7368f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
N6sZxMaFNrahq2FYpdj.znFvH42iiNZc
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
84
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"5e4d6de1177f513ec1da7f274b4849e3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6rxHX5PMbUc0Bcd1blG-Y36LUSEsuYz2JIX2obG4Kl_8u-xyC6yFTQ==
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638387847427421674
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/user.js?cb=638387847729784616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.211.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:06 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
424340
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
725949f1-901e-000c-2646-34f6c1000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
83bb187859180f85-EWR
expires
Fri, 26 Jan 2024 17:38:06 GMT
z
api.lightboxcdn.com/z9gd/43251/resources.infosecinstitute.com/jsonp/
802 B
1 KB
Script
General
Full URL
https://api.lightboxcdn.com/z9gd/43251/resources.infosecinstitute.com/jsonp/z?cb=1703612286793&dre=l&callback=jQuery3640760200669729741_1703612286768&_=1703612286769
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c2c913a7-dd36-4b41-891c-8cce110d48bc/user.js?cb=638387847729784616
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9263bfd4d89da2a9f95b97447d4dbe683847d29f4e15385540b799bc2c13e9f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/javascript
digibox.gif
www.lightboxcdn.com/z9g/
35 B
257 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1703612286775&h=resources.infosecinstitute.com&e=p&u=43251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.211.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 26 Dec 2023 17:38:06 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
2267600
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
2ee6e9bf-d01e-000b-7282-230044000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83bb1878793e0f85-EWR
/
px.ads.linkedin.com/wa/
0
207 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 17:38:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2EEFB5D26A984624A906FE4523889F7C Ref B: EWR30EDGE0420 Ref C: 2023-12-26T17:38:06Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://resources.infosecinstitute.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYNbSUxGUHa+3wrWWUHtQ==
37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
3 KB
1 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 13:14:59 GMT
x-amz-version-id
Ir6U0cA9tTpWdLrx7HYFzWqAHSIHOmGA
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
9260587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
39
last-modified
Thu, 07 Sep 2023 15:58:10 GMT
server
istio-envoy
etag
W/"87532c4db85f1429fa6d759bc3332f36"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
P5T1aZjWNANjlS78m2WihbmD7lfrLpe5XK5eJ2xb9y31351qEywMkw==
37.fba521ea.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
3 KB
2 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/37.fba521ea.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b1700a9f05644621ffe3a13f59d5258261f170718eb8a6076e5fc55cd918afc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
yjKQYZO7C1D0av2terpN.3WV3CPoW8Ab
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
86
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"deb91ed165197613da3fac3d4f67edf9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ruXwrx9_ibpnTJv8Ck8zhN6fYQJ1ciMEH1_RkHYK4GMB5VMC98o2Vw==
/
www.google.com/pagead/1p-user-list/580249777/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/580249777/?random=1703612286349&cv=11&fst=1703610000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Cv4BiMyEp5GVBmixz2NDANP90w67jQ&random=432539428&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/580249777/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/580249777/?random=1703612286420&cv=11&fst=1703610000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&frm=0&tiba=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kT5gq-wK9krb0H2ETssyPZ1E1xl_QQ&random=2482629730&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/
4 KB
2 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/?iszitag=true
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
53e46d9c4b4a44f808693522cbe1de96914206ae557893b1b91162e4b04628b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

visited-url
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Referer
https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
_vtok
NS4xODEuMjM0LjEzNA==
_zitok
11a07e2a3eda9998144d1703612286
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
83bb18796cc442cf-EWR
/
ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/63ee702c42ea0e304d38412d/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://resources.infosecinstitute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://resources.infosecinstitute.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83bb1878ed1e43c8-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:06 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
9 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 15:57:37 GMT
x-amz-version-id
v8CRq8SwJ.1n63gpnvh.yndOCUADbcdz
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
14434829
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Wed, 12 Jul 2023 14:36:15 GMT
server
istio-envoy
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qd0UJp8Q2YLmQsFKsH2RLc_Jo8zUiZW37EWEQBbrcajw1T7ro7NEfg==
3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
7 KB
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 06:33:10 GMT
x-amz-version-id
Ov831I2a5yEZEgVNkzjL3jR4iYT4qeoU
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13086296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
63
last-modified
Wed, 26 Jul 2023 13:12:09 GMT
server
istio-envoy
etag
W/"189aeffd571884559dababa22c66d75a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xzY8-z6H40aBX1n03g0RzsZAC1RkwRsGWc6txbTZhCYhvASnrHSWzw==
3.f50b964b.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
54 KB
15 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:14:35 GMT
x-amz-version-id
Sdaq6z0Yr.kcc8_RD2rWLZ3gFSJAWGwC
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13350211
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
35
last-modified
Fri, 21 Jul 2023 20:53:08 GMT
server
istio-envoy
etag
W/"1ac37bf2b93050f29058b66a9ad43e10"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rWFMZPj-BTIMqWh_J1xiEaNJBq5Ju_-GfC7GcSLcX6_LunzBw84u5w==
1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
44 KB
7 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 19:01:02 GMT
x-amz-version-id
19YOPtagzF0I0emgnq_seBKB.3mPQekh
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
13732624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
35
last-modified
Thu, 20 Jul 2023 18:22:08 GMT
server
istio-envoy
etag
W/"3b8ba82e1bac13ee29e9764a55620d99"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
c6JMeXfmnPCUr1FYIovMyVb3HajewsAYdXD7cQS0zj9uNEE8wFmRNA==
1.eb95d786.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
54 KB
17 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/1.eb95d786.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e17ed6f660604edd30f3fb7d0d9f8ff81897a294451d7c5ad93b730ffcb6e5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
YGOZv4GUsbVyX.Gl6Fw8unhF7wdE_LTN
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
130
last-modified
Tue, 19 Dec 2023 16:15:23 GMT
server
istio-envoy
etag
W/"905d835fcc30c0124bb904590c72e394"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SXPvB3aqntqgyx7z-GogdWVF4Vl_lqO1SuW938KAclNyKXqZIJhATA==
4.c6304c2e.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
23 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/4.c6304c2e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a55619fd27a0e1c6c940e668707a13ea02bc52953106260a570c28e5a300c070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
bmPbjvWFoSkY1.hjaxiT.CojmYdamaBg
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
57
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"672c1436035fd059b992723cdedd3472"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iA9jrpS74lwe-mccQYUr1dv2QT_hFYzy-OWFse5PUtgXNi23hMfw6w==
34.d13ab69b.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
16 KB
3 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/34.d13ab69b.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7c8b113cce07a87ca4cb9dc4f1c55d701efd44834430e1939c27b2e5e1c12ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:04:21 GMT
x-amz-version-id
pFWMvJB2j2wrLwpXYClAbSTx9Ncr0bnJ
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
4581225
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
41
last-modified
Fri, 03 Nov 2023 16:05:55 GMT
server
istio-envoy
etag
W/"cd2168c34ad30fc16e40bb8888419c0b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
d-nwlmNEfVmqOzPYcHI_V7a8X76zEpbgNr1D31U6K8tl2FC6fcKeCg==
34.cf26c954.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
13 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/34.cf26c954.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
da4a39f6208e897443b5bda6ef5014e8e2c9477beac582ea7e17b2c61391c9f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:24:59 GMT
x-amz-version-id
vDZG3LONqVoMI.mvhT.p2kopNVOIoQ1y
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
605587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
26
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"38156cd1b538ae036f57b23fcbe9ca1f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
hMuG3rjHs2yQQTyydCLkx3bysOHT6q3Z07oATOQkHzDGYLa3qyWa_w==
v2
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame CB52
674 B
772 B
XHR
General
Full URL
https://bootstrap.api.drift.com/widget_bootstrap/ping/v2
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
8ce9848af4fcf9b9e90b7cee03801f24e470039afdf27d515937aa0a9dfefed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
3ee32ed023550592
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
327
v3
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame CB52
25 B
89 B
XHR
General
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v3
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
d5ebe56bd581d4ac
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
widget_bootstrap
bootstrap.api.drift.com/ Frame CB52
24 KB
8 KB
XHR
General
Full URL
https://bootstrap.api.drift.com/widget_bootstrap
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d006fd9fb5125b960a1ba876462179d2adb27acd58f1ae0768d1b891ce02ecc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
60acf11f6797971b
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
219
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
data.js
tags.clickagy.com/
36 KB
13 KB
Script
General
Full URL
https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-14.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1125930801bca103956f0a40293836c345f8fc4e38c6aefbacf02e3ad22d24b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
P0mFkaSbAlD2MMkYs_IR6LtsrpjYjuQf
content-encoding
gzip
via
1.1 bfe84030879ec88480b50e68b8ae07ca.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 08:42:57 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAH50-C2
age
32111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Dec 2023 11:55:50 GMT
server
AmazonS3
etag
W/"2d8cdceff761c419467c2573c15d08bd"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
5skq7mHvfNIgpbtYLhXg9WBaKgtQmX9kVOp6jJee0Ng-U5lJTuiCDw==
up_loader.1.1.0.js
js.adsrvr.org/
5 KB
3 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: resources.infosecinstitute.com
URL: https://resources.infosecinstitute.com/topics/incident-response-resources/network-traffic-analysis-for-ir-alternatives-to-wireshark/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 01:34:58 GMT
Content-Encoding
gzip
Via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR53-C3
Age
57790
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
gNycclCPW_Wp_1tofAd1AgS6ggxvEZC84xSqIAdgdVb-HYouBmCmtg==
collect
ws.zoominfo.com/pixel/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/collect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,requestfromzitag,unifiedscriptverified,x-ws-collect-type
Access-Control-Request-Method
POST
Origin
https://resources.infosecinstitute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://resources.infosecinstitute.com
allow
GET,HEAD,POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83bb187b383243c8-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:07 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
collect
ws.zoominfo.com/pixel/
0
467 B
XHR
General
Full URL
https://ws.zoominfo.com/pixel/collect
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

requestFromZITag
true
Referer
https://resources.infosecinstitute.com/
x-ws-collect-type
xhr
unifiedScriptVerified
true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
content-length
0
cf-ray
83bb187b88a943c8-EWR
alt-svc
h3=":443"; ma=86400
up
insight.adsrvr.org/track/ Frame 536A
0
0

/
match.adsrvr.org/track/upb/ Frame B4F0
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2...
  • https://match.adsrvr.org/track/upb/?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2...
874 B
926 B
Document
General
Full URL
https://match.adsrvr.org/track/upb/?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
abd1d14564dd5860f312a7e1341d13b9b66e3434b207e36880c2d02b686e431e

Request headers

Referer
https://resources.infosecinstitute.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 26 Dec 2023 17:38:07 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
493
date
Tue, 26 Dec 2023 17:38:07 GMT
location
https://match.adsrvr.org/track/upb/?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0
server
Kestrel
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame B4F0
488 B
1 KB
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 25 Dec 2023 20:35:51 GMT
Via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR53-C3
Age
75737
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
YizGbkCYCyvWXl9zH1_MbJBiEWD7hyKnNgvH9pyUCMtE4bXg6ZSgxw==
rubicon
match.adsrvr.org/track/cmf/ Frame 920B
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
474 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 26 Dec 2023 17:38:07 GMT
server
Kestrel

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
content-length
0
appnexus
match.adsrvr.org/track/cmf/ Frame C37D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4126428947753410958&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
70 B
474 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4126428947753410958&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 26 Dec 2023 17:38:07 GMT
server
Kestrel

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
91296c67-058d-4c3e-ac0e-465f81968bde
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 17:38:07 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4126428947753410958&ttd_tdid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
5.181.234.134; 5.181.234.134; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
cksync
hb.yahoo.net/ Frame E671
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UUTBCU1Y5RTJ1R09RR0JiZWdfRmZmcEhacGVrbTNVVX5B&gdpr=0&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&dpid=55953
57 B
663 B
Document
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UUTBCU1Y5RTJ1R09RR0JiZWdfRmZmcEhacGVrbTNVVX5B&gdpr=0&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&dpid=55953
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.127.80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-127-80.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
57
content-type
image/gif
date
Tue, 26 Dec 2023 17:38:07 GMT
expires
Tue, 26 Dec 2023 17:38:07 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E

Redirect headers

age
0
content-length
0
date
Tue, 26 Dec 2023 17:38:07 GMT
location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UUTBCU1Y5RTJ1R09RR0JiZWdfRmZmcEhacGVrbTNVVX5B&gdpr=0&ovsid=9e5455b0-54a5-4d8c-ad52-64ada0b9ab34&dpid=55953
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
track
event.api.drift.com/ Frame
0
0
Preflight
General
Full URL
https://event.api.drift.com/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Tue, 26 Dec 2023 17:38:07 GMT
requestid
drift5be9a7147fea140eca1906c47f4
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
track
event.api.drift.com/ Frame CB52
703 B
763 B
XHR
General
Full URL
https://event.api.drift.com/track
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d61f2bfce58a6768487a583d8993eea9bbe697e2e63c36c61431f0cdba66fbee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDUwNjY0ODIyNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQ5NTMiLCJleHAiOjE3MzUyMzQ2ODcsImlhdCI6MTcwMzYxMjI4N30.xdCn9D4Q1o7tmHB_K8psg1d2apXBwDL-JWXACwidHLPiLsdyvLtb535tUxap4veskDvBM0vMy3kCc3y9zE7gsw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
9163f9acb7191eb3
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
703
evaluate_with_log
targeting.api.drift.com/targeting/ Frame CB52
936 B
430 B
XHR
General
Full URL
https://targeting.api.drift.com/targeting/evaluate_with_log
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
4c7b058a3b5f63e2b838c03be3c7e6e87b1e6afd4fb959e79474f567234f69ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDUwNjY0ODIyNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQ5NTMiLCJleHAiOjE3MzUyMzQ2ODcsImlhdCI6MTcwMzYxMjI4N30.xdCn9D4Q1o7tmHB_K8psg1d2apXBwDL-JWXACwidHLPiLsdyvLtb535tUxap4veskDvBM0vMy3kCc3y9zE7gsw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
72908f3994e33630
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
366
evaluate_with_log
targeting.api.drift.com/targeting/ Frame
0
0
Preflight
General
Full URL
https://targeting.api.drift.com/targeting/evaluate_with_log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Tue, 26 Dec 2023 17:38:07 GMT
requestid
driftcafa9724fe482d0edfb52fa666f
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
render_initial_v3
flow.api.drift.com/flows/ Frame CB52
14 KB
4 KB
XHR
General
Full URL
https://flow.api.drift.com/flows/render_initial_v3
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
ccb7775e6603aa646cfb9168333437d183b044223954dfc2c639c897bdd8be9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDUwNjY0ODIyNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQ5NTMiLCJleHAiOjE3MzUyMzQ2ODcsImlhdCI6MTcwMzYxMjI4N30.xdCn9D4Q1o7tmHB_K8psg1d2apXBwDL-JWXACwidHLPiLsdyvLtb535tUxap4veskDvBM0vMy3kCc3y9zE7gsw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
b9f45c07a40aa592
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
279
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
render_initial_v3
flow.api.drift.com/flows/ Frame
0
0
Preflight
General
Full URL
https://flow.api.drift.com/flows/render_initial_v3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Tue, 26 Dec 2023 17:38:07 GMT
requestid
driftbf77f1b45acafdb85a59ebcdb9c
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
data
aorta.clickagy.com/
47 B
729 B
XHR
General
Full URL
https://aorta.clickagy.com/data
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.214.186.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-186-206.compute-1.amazonaws.com
Software
Aorta/20231215.627d1920a /
Resource Hash
99a1f6a81ebb317f997a965b3a4d258603175fbdf46e6bca54b85a06264b2897

Request headers

Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
gzip
server
Aorta/20231215.627d1920a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
1d57791de44b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
72
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=ZYsPf1lI2m7qnR4DDWZ3CHgw&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
  • https://d.agkn.com/pixel/10751/?che=1703612287935&ip=5.181.234.134&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D214600604742007537040
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=214600604742007537040
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.n...
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=b4d45653-f676-4ca1-903d-accf15cd3f97&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZYsPf7v5iEOKlqIIFBg9lIjy
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZYsPf7v5iEOKlqIIFBg9lIjy
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 26 Dec 2023 17:38:08 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZYsPf7v5iEOKlqIIFBg9lIjy
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
85fab0618964
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
data
aorta.clickagy.com/
47 B
729 B
XHR
General
Full URL
https://aorta.clickagy.com/data
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.214.186.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-186-206.compute-1.amazonaws.com
Software
Aorta/20231219.0f0182a99 /
Resource Hash
772f27df8739c96866b607b8defe57389eda912243895f9a4fe47b203a14b0f8

Request headers

Referer
https://resources.infosecinstitute.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
gzip
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c71a6e46d04c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
72
hasHashes
hemsync.clickagy.com/external/
2 B
335 B
XHR
General
Full URL
https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=ZYsPfyoFJgAqcffuEzLKZjWi
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.113.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-113-100.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
gzip
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-expose-headers
content-length, last-modified, expires, content-type
access-control-allow-credentials
true
content-length
28
hasHashes
hemsync.clickagy.com/external/
2 B
334 B
XHR
General
Full URL
https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=ZYsPf7v5iEOKlqIIFBg9lIjy
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.113.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-113-100.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
gzip
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://resources.infosecinstitute.com
access-control-expose-headers
content-length, last-modified, expires, content-type
access-control-allow-credentials
true
content-length
28
destination
www.googletagmanager.com/gtag/
257 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-LT2F589VT0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580249777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
66acd7d5c7ccd7513b84ca0f1cd371cf46de92fc24829d209e5a2b5495e0d302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89291
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Dec 2023 17:38:07 GMT
57.28dde8ce.chunk.js
js.driftt.com/core/assets/js/ Frame CB52
19 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=pmmnrsi6trh6&eId=pmmnrsi6trh6&region=US&forceShow=false&skipCampaigns=false&sessionId=19b1d324-deb1-4484-95f0-226d5782f219&sessionStarted=1703612286.247&campaignRefreshToken=e0e4fb49-78ef-435e-8f76-589e6e81f4bd&hideController=false&pageLoadStartTime=1703612283351&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:24 GMT
x-amz-version-id
AVhfAgum9UT7aSCN4.iXNq39tZCWvhQb
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 15 Sep 2023 20:51:07 GMT
server
istio-envoy
etag
W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
z4KJ2u3wqiDyXGNfCbCn3EkTE1g161YuuZ_kd7pEwkpJJBHOjLad4w==
widget
targeting.api.drift.com/impressions/ Frame
0
0
Preflight
General
Full URL
https://targeting.api.drift.com/impressions/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Tue, 26 Dec 2023 17:38:07 GMT
requestid
drift348dabd45c5ba7d4598c27de067
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
widget
targeting.api.drift.com/impressions/ Frame CB52
0
37 B
XHR
General
Full URL
https://targeting.api.drift.com/impressions/widget
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-218-138.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDUwNjY0ODIyNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQ5NTMiLCJleHAiOjE3MzUyMzQ2ODcsImlhdCI6MTcwMzYxMjI4N30.xdCn9D4Q1o7tmHB_K8psg1d2apXBwDL-JWXACwidHLPiLsdyvLtb535tUxap4veskDvBM0vMy3kCc3y9zE7gsw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 17:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
1c90ade771328601
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
57.28dde8ce.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
19 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:24 GMT
x-amz-version-id
AVhfAgum9UT7aSCN4.iXNq39tZCWvhQb
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 15 Sep 2023 20:51:07 GMT
server
istio-envoy
etag
W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dTYozc2JTZJRSKA5vk5cIKhvNwT87Gvl8b97Q4LkT1UOfWYa_0AHsg==
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LT2F589VT0&gtm=45je3bt0v893934116&_p=1703612285956&gcd=11l1l1l1l1&dma=0&gdid=dYmQxMT&cid=263901619.1703612287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703612287&sct=1&seg=0&dl=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&dt=Network%20traffic%20analysis%20for%20IR%3A%20Alternatives%20to%20Wireshark%20%7C%20Infosec&en=Playbook%20Fired&_fv=1&_ss=1&_ee=1&ep.event_category=Drift%20Widget&ep.event_label=Playbook%20ID%3A%202540129&ep.non_interaction=true&tfd=5378
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-LT2F589VT0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infosecinstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 17:38:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resources.infosecinstitute.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2110896%252F28a2375ae153359af28a1eb3fedd8ea87f88nbz8w9s4%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame CB52
10 KB
10 KB
Image
General
Full URL
https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2110896%252F28a2375ae153359af28a1eb3fedd8ea87f88nbz8w9s4%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Df911813ef913aac49873870223be69d2?fit=max&fm=png&h=200&w=200&s=7b018d8158e684fc2e3dd331be0d5347
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.208 -, , ASN (),
Reverse DNS
Software
imgix /
Resource Hash
24eea12dc7ae3167f9cb10048d4ce86b24c9280f21d10f11ccbbe9c4bf8b1d24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:38:08 GMT
x-content-type-options
nosniff
age
4174407
x-cache
HIT, HIT
x-imgix-id
da1d7bdf87a8854a3ee8947b5ac609281423deb2
cross-origin-resource-policy
cross-origin
content-length
10210
x-served-by
cache-sjc10067-SJC, cache-iad-kjyo7100093-IAD
x-imgix-render-farm
01.140328
last-modified
Wed, 08 Nov 2023 10:04:40 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
43.e483d03f.chunk.css
js.driftt.com/core/assets/css/ Frame 9259
900 B
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/43.e483d03f.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:54 GMT
x-amz-version-id
SfVeOrt2pFBmAJUo7HLqzjGaueDRCDx1
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAH50-C2
age
8595793
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
content-length
900
last-modified
Fri, 15 Sep 2023 20:51:04 GMT
server
istio-envoy
etag
"0bd11a8facc0a9d41713c64ed1ba1289"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
BUkZpqAq_6xG3o9-sWs9yEZOWIJLCUUOxgC6MzojrnS3-dQnlb8fxg==
43.bd189648.chunk.js
js.driftt.com/core/assets/js/ Frame 9259
303 B
998 B
Script
General
Full URL
https://js.driftt.com/core/assets/js/43.bd189648.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7656baa8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e6fe88a41144fac0a75be6c94627d7ddbe2d58e0ccea7d714ea7108e1be694de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1703612283351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:47:57 GMT
x-amz-version-id
ryPp3lHr_V9ppCr_cx3mUR5BEJnK3Wni
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAH50-C2
age
7379410
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
20
content-length
303
last-modified
Thu, 21 Sep 2023 18:21:36 GMT
server
istio-envoy
etag
"64c5c459373f38cfa09d006a64744acb"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
JF5EhrG0lrr-j6BvExO_QMi9VaVhEEuXIPPDPSAZIDwVlffEfPkNnw==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 9259
38 KB
39 KB
Font
General
Full URL
https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595812
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
31
content-length
39372
last-modified
Fri, 03 Mar 2023 16:21:38 GMT
server
istio-envoy
etag
"40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2,font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
uwgEIrOVJdVqcBh2J57WLYWD0sJvJ6nToawaeWJPRrxrddHhq0aOkQ==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame CB52
38 KB
39 KB
Font
General
Full URL
https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.59.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-59-101.iah50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Origin
https://js.driftt.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 05:54:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa4c265db5436cb99220f2c53f43ecd2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C2
age
8595813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
31
content-length
39372
last-modified
Fri, 03 Mar 2023 16:21:38 GMT
server
istio-envoy
etag
"40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2,font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
UlFvK6WuGH1zW8fzTboG_df1fgQsAsYGKZV9To4XKDB9NsBnfWaJEg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insight.adsrvr.org
URL
https://insight.adsrvr.org/track/up?adv=oqy7xc0&ref=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&upid=qi81r7g&upv=1.1.0

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture undefined| update_consent object| catMapping boolean| consent_ready number| overrideint function| OTInit function| readCookie function| getGroups function| getOTCookie function| getRootDomain function| setConsentManager function| debugLogger function| debugLogConsent function| initOptimizely function| sleep function| loadScript function| syncOTtoTeal object| appInsights function| addPageLoad function| sendTealium function| getParameterByName object| utag_cfg_ovrd object| lang string| languageUrlSegment number| paginatorPageInterval function| $ function| jQuery function| Popper object| bootstrap object| html5 object| Modernizr object| util boolean| utag_condload object| xhr object| utag function| FindApi object| lazyLoadInstance object| OneTrustStub object| _wq boolean| engagement_video_allowed boolean| trad_allowed object| Microsoft object| __dynProto$Gbl string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust number| y number| x undefined| _ object| optimizely number| startTime number| duration string| gtagRename function| gtag function| drift undefined| driftt object| _hjSettings function| hj object| _linkedin object| _linkedin_data_partner_ids boolean| _wait_for_lintrk string| ZIProjectKey object| zitag object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory function| lintrk boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| DIGIOH_LOADER function| lightboxjs function| lightboxlib object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV object| ORIBILI object| ziws object| ttdEl object| loaderEl function| ttd_dom_ready function| TTDUniversalPixelApi object| drift_sentry_config function| _initClickagy

49 Cookies

Domain/Path Name / Value
resources.infosecinstitute.com/ Name: EPiServer_Commerce_AnonymousId
Value: 88fbcbbe-00b1-482d-80d4-97e0b07e3fc6
resources.infosecinstitute.com/ Name: EPiStateMarker
Value: true
resources.infosecinstitute.com/ Name: .AspNetCore.Antiforgery.9TtSrW0hzOs
Value: CfDJ8JmDxoq_x6xInFMSaBYjoHBnt3ef6fVniHgTVjK3qpuYvNwH71IPQdwg6_Xw-gDMRhyoE3iJ_-RAJtss8mwBPVKWHzLUHlQANago9rEvfUJmtz2-YtjuhJB2rmMGjFyAXvYXu5i0yhMp505BEcAr-Eg
.resources.infosecinstitute.com/ Name: ARRAffinity
Value: f79af48d966e1e24bd367d8501e7295b6b8bed83c9c0c48a75a15dd2b0f4f9f0
.resources.infosecinstitute.com/ Name: ARRAffinitySameSite
Value: f79af48d966e1e24bd367d8501e7295b6b8bed83c9c0c48a75a15dd2b0f4f9f0
resources.infosecinstitute.com/ Name: ai_user
Value: uTx9bJZardmqnGwvtSb8EG|2023-12-26T17:38:04.197Z
resources.infosecinstitute.com/ Name: ai_session
Value: 80mrS63A1yuC8+zFj9AbCr|1703612284303|1703612284303
.resources.infosecinstitute.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Dec+26+2023+07%3A38%3A05+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=6.39.0&hosts=&consentId=c3bcd2ec-c557-43a5-b277-097f0752a747&interactionCount=0&landingPath=https%3A%2F%2Fresources.infosecinstitute.com%2Ftopics%2Fincident-response-resources%2Fnetwork-traffic-analysis-for-ir-alternatives-to-wireshark%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG73%3A1%2CC0004%3A1%2CC0005%3A1
.infosecinstitute.com/ Name: CONSENTMGR
Value: c1:1|c2:1|c3:1|c4:1|c5:1|c6:1|c7:1|c8:1|c10:1|c11:1|c12:1|c13:1|c14:1|c15:1|ts:1703612285115|consent:true
.infosecinstitute.com/ Name: optimizelyEndUserId
Value: oeu1703612285557r0.6130575423145523
.tealiumiq.com/ Name: TAPID
Value: infosec/main>018ca7347bfe000592417b8c954303074008406c00b08|
.resources.infosecinstitute.com/ Name: _zitok
Value: 11a07e2a3eda9998144d1703612286
resources.infosecinstitute.com/ Name: drift_campaign_refresh
Value: e0e4fb49-78ef-435e-8f76-589e6e81f4bd
.lightboxcdn.com/ Name: _cfuvid
Value: CzbqHFpBm086EzlSK_Bodg_Cb83SxoJgV5thFS1ahO8-1703612286277-0-604800000
.infosecinstitute.com/ Name: _gcl_au
Value: 1.1.292205441.1703612286
.infosecinstitute.com/ Name: utag_main
Value: v_id:018ca7347bfe000592417b8c954303074008406c00b08$_sn:1$_se:2$_ss:0$_st:1703614086418$ses_id:1703612283902%3Bexp-session$_pn:1%3Bexp-session$_ga:018ca7347bfe000592417b8c954303074008406c00b08$dc_visit:1$dc_event:2%3Bexp-session$dc_region:us-east-1%3Bexp-session
.infosecinstitute.com/ Name: _ga_LBHGZWKZX1
Value: GS1.1.1703612286.1.0.1703612286.0.0.0
.infosecinstitute.com/ Name: _ga
Value: GA1.1.263901619.1703612287
.infosecinstitute.com/ Name: _hjSessionUser_866561
Value: eyJpZCI6ImIyMGU1Y2UzLTU4YzItNTVlZi1iZDY1LTEwZWNkMDRhOTRmMyIsImNyZWF0ZWQiOjE3MDM2MTIyODY1OTAsImV4aXN0aW5nIjpmYWxzZX0=
.infosecinstitute.com/ Name: _hjFirstSeen
Value: 1
.infosecinstitute.com/ Name: _hjIncludedInSessionSample_866561
Value: 0
.infosecinstitute.com/ Name: _hjSession_866561
Value: eyJpZCI6IjE3MTM5ZDRhLThmYjYtNDhiYS1iYTc2LWQ3MDA4ZjJiZDU4MyIsImMiOjE3MDM2MTIyODY1OTIsInMiOjAsInIiOjAsInNiIjoxfQ==
.infosecinstitute.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: li_sugr
Value: 9adb6fe7-5a28-4f83-ac6e-3738420a4c2e
.linkedin.com/ Name: bcookie
Value: "v=2&3e3257a4-6d13-47f5-8a69-c3332c7e0330"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3099:u=1:x=1:i=1703612286:t=1703698686:v=2:sig=AQEPWcPuW9Vu4QvHGJHAEp0vsIhy7qd-"
.linkedin.com/ Name: UserMatchHistory
Value: AQLhTaiEm7ySJAAAAYynNIbLj5BCQMok4SbEdBgLW0mdDLFaGryLtIoQ_MJwnpT01w-nNohWVbLLCg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJHv8w8aBn1nwAAAYynNIbLIMYJofLsfl2Vm9Me85yLNrM77FgEy79iYw1BIegV55QabKAmrv0e6Htl4VVZsw
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231226173806092625c8-1f61-4665-8175-b4f0149b1d51AQEWzx8dGELIJA6PipyPTYjDM-124vZW"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.api.lightboxcdn.com/ Name: TiPMix
Value: 17.45942293735596
.api.lightboxcdn.com/ Name: x-ms-routing-name
Value: self
.infosecinstitute.com/ Name: drift_aid
Value: 611a2c5d-8bc7-474e-b7a9-97d8f7cce01d
.infosecinstitute.com/ Name: driftt_aid
Value: 611a2c5d-8bc7-474e-b7a9-97d8f7cce01d
.zoominfo.com/ Name: __cf_bm
Value: oEZ9ovyC03M1eY3P2OR8AAIzYKkikYj4qx.pNND0FN4-1703612287-1-AbxpJi09dkTgPVWhuXQXNkEgbwaTNwGtakKId+UeL8wZPyvJHhTGQHoBpzUkHqHoY9k/pIF+PkSBcso0Wh0CeDc=
.zoominfo.com/ Name: _cfuvid
Value: jfBUhhJFWGH1o7hec1fe.H_q71t3SV7aaI.MDWl00ik-1703612287222-0-604800000
.adsrvr.org/ Name: TDID
Value: 9e5455b0-54a5-4d8c-ad52-64ada0b9ab34
.adnxs.com/ Name: uuid2
Value: 4126428947753410958
.yahoo.com/ Name: A3
Value: d=AQABBH8Pi2UCEE-zfz3RZlsfaqGE_EmtSOwFEgEBAQFgjGWUZdxC0iMA_eMAAA&S=AQAAAr_nB-tXCsR2e32u_zIMX0M
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2ftt:19e0~2ftt"
.hb.yahoo.net/ Name: visitor-id
Value: 3466138870813459000V10
.hb.yahoo.net/ Name: data-ttd
Value: 9e5455b0-54a5-4d8c-ad52-64ada0b9ab34~~63
aorta.clickagy.com/ Name: chs
Value: [{"ch":"278","t":"2023-12-26 17:38:07"}]
.clickagy.com/ Name: cb
Value: ZYsPf7v5iEOKlqIIFBg9lIjy
.infosecinstitute.com/ Name: _ga_LT2F589VT0
Value: GS1.1.1703612287.1.0.1703612287.0.0.0
.rubiconproject.com/ Name: khaos
Value: LQMMRQ8H-1V-IF8X
.rubiconproject.com/ Name: audit
Value: 1|iy5VCsAS2AM+BcfVrd8ZEm4xYVjzhXckNpvFztqkzQbFwpmMCvAS5pMc6i5tkqkJyvUMRZf+6bswHTRO1/p4iHX0qfg68IpFQAPcN3ARK87sPInbhxjNEylNIZtmfQGFqobPlU/F9gY1ZuE6CcQO+V3LKl8AHa94UkPyQZyrNsrREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.agkn.com/ Name: ab
Value: 0001%3A1dZlsQPgK8UwktFkmMPOlkFWGwCqItgc
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCO7uqsPukMM8EAUSFwoIYXBwbmV4dXMSCwi64-nD7pDDPBAFEhkKCnJpZ2h0bWVkaWESCwjSp6vD7pDDPBAFGAUgAigDMgsI7M-t8ISRwzwQBUIPIg0IARIJCgV0aWVyMxABWgdvcXk3eGMwYAE.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' www.ed2go.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8392411042.cdn.optimizely.com
aa.agkn.com
akamai.tiqcdn.com
aorta.clickagy.com
api.lightboxcdn.com
bootstrap.api.drift.com
cdn.cookielaw.org
cdn.optimizely.com
collect.tealiumiq.com
d.agkn.com
dc.services.visualstudio.com
driftt.imgix.net
event.api.drift.com
flow.api.drift.com
geolocation.onetrust.com
googleads.g.doubleclick.net
hb.yahoo.net
hemsync.clickagy.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
js.monitor.azure.com
js.zi-scripts.com
logx.optimizely.com
match.adsrvr.org
metrics.api.drift.com
pixel.rubiconproject.com
px.ads.linkedin.com
resources.infosecinstitute.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
tags.clickagy.com
tags.tiqcdn.com
targeting.api.drift.com
ups.analytics.yahoo.com
us-u.openx.net
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
www.linkedin.com
insight.adsrvr.org
104.117.182.33
104.16.137.15
104.18.130.236
104.18.32.137
104.18.34.98
104.19.211.131
13.107.246.40
13.107.42.14
13.249.21.30
13.249.59.101
13.249.59.14
142.251.35.164
142.251.40.104
146.75.34.208
15.197.193.217
172.217.13.130
172.217.13.142
172.217.13.162
172.64.150.44
18.160.156.11
18.160.156.16
18.160.172.74
184.25.127.80
20.40.202.0
20.42.73.142
23.14.152.64
23.22.78.224
23.32.169.89
23.56.162.197
3.225.218.10
3.94.218.138
34.111.140.246
35.244.159.8
44.212.113.100
44.214.186.206
54.230.160.114
68.67.160.184
69.173.151.100
99.86.102.123
01bd64df9f72702424a2e124be3e4e04efc0376be4fe2360173ea40861c0e843
02e0af8160d983b1e80bd6103733715fee1c7a245a100ef55029efcd737199b8
04bf6e56587cbcaf3bd22e150369f625c7b1915fb3f553f307fbf8cbd2daa111
07a37080e5cba18eb1cb69582de89b80d75973dabb0237518928153b28d4bc60
0a8c1500a9833d15fa6d145aabce3c2062e4045fa8fa2d7db378e0e7bd41a138
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
1043add6a45753f52fbef7e6fb6600c900a3dcb07eae758b9dd2f0cc8bf32886
1125930801bca103956f0a40293836c345f8fc4e38c6aefbacf02e3ad22d24b1
12948aabf17f9e974261ed8a13d665df82c6217ab96f534554934951c066c4d0
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
137ce248f06a0007a61ea956fc0255d2bb6c304a7c26e6e39dabdbedfb30f523
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
1685140b10e70ea8c251a18ad45bc411d862999f08d12102ed5ca46382a70ba0
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1ae98183fee563cf992e368640357801d7b0282b6f4c743b454a6eb695fa12ea
24eea12dc7ae3167f9cb10048d4ce86b24c9280f21d10f11ccbbe9c4bf8b1d24
25814e341f76851e5d1cb703f4c810a516867e55e72881fad1c5576f833b6470
2a50275cba1b55746cc94791bdadd516219a9b4e1f0637ab554695bab7d88b21
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2f62dc537802e0984e6575c6f393d3a7527b05a6afb6e19a92ee4c0d9360cb5f
301a063a370f398276a8f59b8532bf95e84ece4894bd8c4c9c4e2f73523dd6e4
310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95
33c819c3b54af12f66086f15e44faa620f97a57dd27c503c1dc2af4c2c1154a9
358eb90752ceecc50106c5ef89ed32016dae4b35c7b1a484e767059f4cf5b7fd
39dafb85fef063b1779be71345083a08489bc842632074a7042919d618c203ee
3e62bc9b0d78123e1a13bc7fe4d49cf0dcf25aafa059be8649035a80e7368f44
403ad15d318ea9e8c3899d870c5d8b9e2b68329157d6f45a23bf1b4564c8bba5
42735be445ea056fc0d8baff2761d5daa2f2c9a5195666f16a3ec05bf350537a
460deda0fa168952b37ffdf7855cab596863a9d6f8664e2bc565a1ff2cb0a67c
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4c7b058a3b5f63e2b838c03be3c7e6e87b1e6afd4fb959e79474f567234f69ce
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
5280e48d0af1b1c69f407e4fe2c4982200ad6cce2da6fce2fc6d6c5b0711bbeb
5366f38a3d74c798938e7cd239ffa7f6652358def0e755ad278e1a77ed0414eb
53e46d9c4b4a44f808693522cbe1de96914206ae557893b1b91162e4b04628b9
55e7ae1219fcc3e1497bb2dd7dbefc07af7e1ace50be15b882481dc3289d9d36
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5de970e5ec9a321d31334b78d76b3a23f95cf3091b0a10da08c13240364e1b08
5f1f81f4701c3af408ffd164e21e2da0a2316f962d6817f86a98ea0d502d3830
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
611af45a9a6a8f42eca468d52ea8760f42c217cc7e1375a5591f9cfeeb0c8149
66acd7d5c7ccd7513b84ca0f1cd371cf46de92fc24829d209e5a2b5495e0d302
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6c88f93967e5fad4365cc96be3c1e7f8c055a366d2b4c573961aae6f40b608ff
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6fad64454276f86870c8a46c389736cab01667489ed41967022139b34774f7dc
756edf0acdfdfe3c7d5ad06d4b947d9ed59a35f0fcad219b8eddab08ada793b6
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
769297c9982d795c57295fe6bfdb9eec15357a1bcbce15053ab1ae593a35b6f4
76eab55dfc3dc8b37c1ffa5ce1dd2b27988de1a79a04fb40a04bfd61ad876bb1
772f27df8739c96866b607b8defe57389eda912243895f9a4fe47b203a14b0f8
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
7aed369f1e52c9d8067bbf8d207008116f5ff180011edcf6c947559c4fc53f4a
7c8b113cce07a87ca4cb9dc4f1c55d701efd44834430e1939c27b2e5e1c12ac1
7e5b7d4e969be5afe8899e8025320588498ab5e2f8da66c7c1c4bf04e4b903e2
7e8bf72ed67263c009a4d989643932ba00bba16204fde2de39a04c39dbd21dcb
80477471d44a007664ffb93c2e8623b580ab3ed95103ea56021770e2d33839ee
804b74f696f68fa1a78138939b3bfc6f56651ba839c1276dc74d212116200144
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
871c69d5bdf76e1b3b109641b284365db6c8557e69f29a2cb20a64209128324c
89275a1c66640733265b5be89864b6daefef1cc3f275566dd8fd29bd66601a83
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8ce9848af4fcf9b9e90b7cee03801f24e470039afdf27d515937aa0a9dfefed7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
9263bfd4d89da2a9f95b97447d4dbe683847d29f4e15385540b799bc2c13e9f3
96a8074c8bac6e55368a496b30c5dae59489f8990c52e8ea3222063b48e8cc82
99838d87a77c4581f0deda5f102b98031147a8e302aea99d41388d9da06f5ee6
99a1f6a81ebb317f997a965b3a4d258603175fbdf46e6bca54b85a06264b2897
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a077ceba154ecbb340e92c8bc74a644df7d73947b63d39a82d6b693d790f3e26
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a55619fd27a0e1c6c940e668707a13ea02bc52953106260a570c28e5a300c070
a635391c1602d5c89a0d83d80a10e848379b01b74b7a8a0b741a2a29e030beb2
a7514b8e684e6f630f202b8dae1b2b0f68b401a4f4fe94bf26b7f47384ab202e
a9a1d6b73282dd08968916010625d9a6557f9fa370026eaf4e7522a9f12357f3
abd1d14564dd5860f312a7e1341d13b9b66e3434b207e36880c2d02b686e431e
ad5a120b4597a5ea79a9a656c010966edecb6070947de58ed9e63fc9cd76ba59
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b1700a9f05644621ffe3a13f59d5258261f170718eb8a6076e5fc55cd918afc7
b26aeb2a0d07581a0ab73c938eef94bd251aa3a8c27eb04f48d340818ab2fe98
b5552112b463d93966fca4f5631586d9e399d6fdf999d09a791157be4d209923
b6e48881c761140c4d0d6a34f06ec94093a8ee88f2f16f1f5babea62892f41a9
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c8ca63c0eb66d42a8cecac698e4a63bcc27630f459dd9cd86af046a5434e5522
ccb7775e6603aa646cfb9168333437d183b044223954dfc2c639c897bdd8be9d
cd978fc2fb333adf2837cd9946d99ea2840a6b43531ca3334d5d4dfab0e69198
cdca530ade2fd0af90f85e4f1e6034ac1d6bed16194aed5a8e327b6a7847ef06
cf90816877908b1cfc40711dcc39582392288d0019bf9a534eda1d193df7e454
d006fd9fb5125b960a1ba876462179d2adb27acd58f1ae0768d1b891ce02ecc6
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d2bf87c75903f817cc53a6ed609ff9e88f93aad4becef63b7240209f11a29aa2
d4537389ea76cec1228676c83f8fd4a1d25f34a48cea5c87d2fe4dfdf542ccd4
d61f2bfce58a6768487a583d8993eea9bbe697e2e63c36c61431f0cdba66fbee
d6b0973d4321ac8a1bbe809533b94b0ebdb8cdfc3815903aa4f09f7b7866e4f8
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
da4a39f6208e897443b5bda6ef5014e8e2c9477beac582ea7e17b2c61391c9f9
dcb9852124ce21cac09607322e5de94eb21436223339a71b951d076a1cf3983e
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e10e4857419d55d06ccac3379927552997b5c9baf6b502dac8c789234312a789
e17ed6f660604edd30f3fb7d0d9f8ff81897a294451d7c5ad93b730ffcb6e5b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e6fe88a41144fac0a75be6c94627d7ddbe2d58e0ccea7d714ea7108e1be694de
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a10d1cd21817f826d74aefb01d41203e1d861b2956c134a74245a7ad3961b8
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8d040f2c6f5700c30ce737f3d5db464bc4ab40231d34aec71094dac043b7f91
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
ffb4638a501a9acecad70fe6341dc0b71a10a73fcad2327ee8d721b260e92c2c