118fa3ed03e0114568ae0a65bd43de180de9636c2ed457f6e030ef73c11f853c

Analysis

max time kernel
109s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
16/04/2024, 23:01 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

email-html-1.html
Size

22KB
MD5

d22a09a93fc3affd6e0cdc7041cd7770
SHA1

5a992796a12bda99956164dc56707d6fa9839b6e
SHA256

22272fa5f2766a202e3934a8a5706dd226fbd88faba6ea42fed033dd64cf198f
SHA512

1e0b46b5663af214b51e6c344146bfec190486f9d17c1d291a02a8c56f43dbe011c8a23ff308179c53ca13a468751e61a82be8fefb01a193df01965ed9cd04b3
SSDEEP

384:dGm9QNSwkk+rgp5Wbt/1xYYBFoQoHOcRLS3QyOGhSHNW3g:sm9QNSwkk+rgpefxYYQQi7LgQChSHkQ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133577821369692606"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3484	chrome.exe
3484	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe
Token: SeShutdownPrivilege	3484	chrome.exe
Token: SeCreatePagefilePrivilege	3484	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe
3484	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3484 wrote to memory of 3048	3484	chrome.exe	87
PID 3484 wrote to memory of 3048	3484	chrome.exe	87
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 1992	3484	chrome.exe	88
PID 3484 wrote to memory of 2344	3484	chrome.exe	89
PID 3484 wrote to memory of 2344	3484	chrome.exe	89
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90
PID 3484 wrote to memory of 4084	3484	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\email-html-1.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9c266ab58,0x7ff9c266ab68,0x7ff9c266ab78
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:2
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:8
  2⤵
  PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:8
  2⤵
  PID:4084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:8
  2⤵
  PID:620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4260 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:8
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4616 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4192 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4868 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5084 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4532 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5332 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5484 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5596 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5796 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6020 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2272 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5900 --field-trial-handle=1748,i,14155794501946237430,202116838080984612,131072 /prefetch:8
  2⤵
  PID:1424

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1556

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x310 0x318
1⤵
PID:4492

Network

DNS

images.e2ma.net

chrome.exe

Remote address:

8.8.8.8:53

Request

images.e2ma.net

IN A

Response

images.e2ma.net

IN A

3.162.20.14

images.e2ma.net

IN A

3.162.20.25

images.e2ma.net

IN A

3.162.20.115

images.e2ma.net

IN A

3.162.20.57
DNS

t.e2ma.net

chrome.exe

Remote address:

8.8.8.8:53

Request

t.e2ma.net

IN A

Response

t.e2ma.net

IN A

3.226.85.102

t.e2ma.net

IN A

35.175.160.101

t.e2ma.net

IN A

34.232.74.39
DNS

d31hzlhk6di2h5.cloudfront.net

chrome.exe

Remote address:

8.8.8.8:53

Request

d31hzlhk6di2h5.cloudfront.net

IN A

Response

d31hzlhk6di2h5.cloudfront.net

IN A

54.230.10.11

d31hzlhk6di2h5.cloudfront.net

IN A

54.230.10.78

d31hzlhk6di2h5.cloudfront.net

IN A

54.230.10.98

d31hzlhk6di2h5.cloudfront.net

IN A

54.230.10.109
GET

https://t.e2ma.net/track/tmzzbg/5bnclds

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /track/tmzzbg/5bnclds HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:16 GMT
content-type: image/gif
set-cookie: AWSALB=3EtfT3rZa9S7w660Px7L0a50EANZMp+Lb7M0Bzirbf4GcMTaWam0AhTNMXUoRfA9DEFpfqAr/zNq6MggkyVfdf/0ho6+9TvaYAnxfbrlEx6i7mZ29+vI0Ky4pmUf; Expires=Tue, 23 Apr 2024 23:02:16 GMT; Path=/
set-cookie: AWSALBCORS=3EtfT3rZa9S7w660Px7L0a50EANZMp+Lb7M0Bzirbf4GcMTaWam0AhTNMXUoRfA9DEFpfqAr/zNq6MggkyVfdf/0ho6+9TvaYAnxfbrlEx6i7mZ29+vI0Ky4pmUf; Expires=Tue, 23 Apr 2024 23:02:16 GMT; Path=/; SameSite=None; Secure
server: Apache
expires: Wed, 17 Apr 2024 00:02:16 GMT
x-robots-tag: noindex, nofollow
GET

https://t.e2ma.net/message/tmzzbg/5bnclds

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /message/tmzzbg/5bnclds HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AWSALBCORS=3EtfT3rZa9S7w660Px7L0a50EANZMp+Lb7M0Bzirbf4GcMTaWam0AhTNMXUoRfA9DEFpfqAr/zNq6MggkyVfdf/0ho6+9TvaYAnxfbrlEx6i7mZ29+vI0Ky4pmUf

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=H2ZvTDpqPUcND5uMrvW3Xpncfp/jkKep0NC5AhEfwxOTY6mv27NUOP9+B6pKHfmxGJzUcAZvYK8N7wz4/ZtBm9Jy59UD+xBJ9HY/r2NTWEqGuAA2+8v45ays5cY2; Expires=Tue, 23 Apr 2024 23:02:22 GMT; Path=/
set-cookie: AWSALBCORS=H2ZvTDpqPUcND5uMrvW3Xpncfp/jkKep0NC5AhEfwxOTY6mv27NUOP9+B6pKHfmxGJzUcAZvYK8N7wz4/ZtBm9Jy59UD+xBJ9HY/r2NTWEqGuAA2+8v45ays5cY2; Expires=Tue, 23 Apr 2024 23:02:22 GMT; Path=/; SameSite=None; Secure
server: Apache
vary: Accept-Encoding
content-encoding: gzip
x-robots-tag: noindex, nofollow
GET

https://t.e2ma.net/track/tmzzbg/5bnclds

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /track/tmzzbg/5bnclds HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://t.e2ma.net/message/tmzzbg/5bnclds
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AWSALB=H2ZvTDpqPUcND5uMrvW3Xpncfp/jkKep0NC5AhEfwxOTY6mv27NUOP9+B6pKHfmxGJzUcAZvYK8N7wz4/ZtBm9Jy59UD+xBJ9HY/r2NTWEqGuAA2+8v45ays5cY2
cookie: AWSALBCORS=H2ZvTDpqPUcND5uMrvW3Xpncfp/jkKep0NC5AhEfwxOTY6mv27NUOP9+B6pKHfmxGJzUcAZvYK8N7wz4/ZtBm9Jy59UD+xBJ9HY/r2NTWEqGuAA2+8v45ays5cY2

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:22 GMT
content-type: image/gif
set-cookie: AWSALB=IOw9jVcLyVP39cRMNylebHhQEudtBrcOgFGNvmaBeogR+YBo1If3VJdyOILCUAkk+5SbHBiLtBA7HyfncSIEhWjk40x0h0r0bBoFKIADG2l0OP12OS0xX7Xbuw1u; Expires=Tue, 23 Apr 2024 23:02:22 GMT; Path=/
set-cookie: AWSALBCORS=IOw9jVcLyVP39cRMNylebHhQEudtBrcOgFGNvmaBeogR+YBo1If3VJdyOILCUAkk+5SbHBiLtBA7HyfncSIEhWjk40x0h0r0bBoFKIADG2l0OP12OS0xX7Xbuw1u; Expires=Tue, 23 Apr 2024 23:02:22 GMT; Path=/; SameSite=None; Secure
server: Apache
expires: Wed, 17 Apr 2024 00:02:22 GMT
x-robots-tag: noindex, nofollow
GET

https://t.e2ma.net/favicon.ico

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /favicon.ico HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://t.e2ma.net/message/tmzzbg/5bnclds
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AWSALB=IOw9jVcLyVP39cRMNylebHhQEudtBrcOgFGNvmaBeogR+YBo1If3VJdyOILCUAkk+5SbHBiLtBA7HyfncSIEhWjk40x0h0r0bBoFKIADG2l0OP12OS0xX7Xbuw1u
cookie: AWSALBCORS=IOw9jVcLyVP39cRMNylebHhQEudtBrcOgFGNvmaBeogR+YBo1If3VJdyOILCUAkk+5SbHBiLtBA7HyfncSIEhWjk40x0h0r0bBoFKIADG2l0OP12OS0xX7Xbuw1u

Response

HTTP/2.0 404

date: Tue, 16 Apr 2024 23:02:22 GMT
content-type: text/html; charset=iso-8859-1
content-length: 10
set-cookie: AWSALB=NyoswqAdbNzpZCXVgksZ5GeIJlWNyq7lndGxj+n7onPRCW+CZlFoERR5X8FaLY53eoHsD0sraH7cYKujjXGM2kRBZaJGo+ngtUDGps9cs7PcuCx2tGWbhv0R/4a5; Expires=Tue, 23 Apr 2024 23:02:22 GMT; Path=/
set-cookie: AWSALBCORS=NyoswqAdbNzpZCXVgksZ5GeIJlWNyq7lndGxj+n7onPRCW+CZlFoERR5X8FaLY53eoHsD0sraH7cYKujjXGM2kRBZaJGo+ngtUDGps9cs7PcuCx2tGWbhv0R/4a5; Expires=Tue, 23 Apr 2024 23:02:22 GMT; Path=/; SameSite=None; Secure
server: Apache
GET

https://t.e2ma.net/click/tmzzbg/5bnclds/didv8t

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /click/tmzzbg/5bnclds/didv8t HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AWSALB=NyoswqAdbNzpZCXVgksZ5GeIJlWNyq7lndGxj+n7onPRCW+CZlFoERR5X8FaLY53eoHsD0sraH7cYKujjXGM2kRBZaJGo+ngtUDGps9cs7PcuCx2tGWbhv0R/4a5
cookie: AWSALBCORS=NyoswqAdbNzpZCXVgksZ5GeIJlWNyq7lndGxj+n7onPRCW+CZlFoERR5X8FaLY53eoHsD0sraH7cYKujjXGM2kRBZaJGo+ngtUDGps9cs7PcuCx2tGWbhv0R/4a5

Response

HTTP/2.0 302

date: Tue, 16 Apr 2024 23:02:31 GMT
content-type: text/plain
location: https://guide.duo.com/universal-prompt#duo-mobile-passcode
set-cookie: AWSALB=ya7m61y4TDu7D4jfgLDSpa2F2rlYF/jl8x8hTC+nUR+dX50BM5YQO9YC0djJXU4EnoIfF83L4A6C/azoATkEEl9iZSxWSMwfoaisDa9hfSYs8EGKTESFB6VZwVaF; Expires=Tue, 23 Apr 2024 23:02:31 GMT; Path=/
set-cookie: AWSALBCORS=ya7m61y4TDu7D4jfgLDSpa2F2rlYF/jl8x8hTC+nUR+dX50BM5YQO9YC0djJXU4EnoIfF83L4A6C/azoATkEEl9iZSxWSMwfoaisDa9hfSYs8EGKTESFB6VZwVaF; Expires=Tue, 23 Apr 2024 23:02:31 GMT; Path=/; SameSite=None; Secure
server: Apache
x-robots-tag: noindex, nofollow
GET

https://t.e2ma.net/click/tmzzbg/5bnclds/92ev8t

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /click/tmzzbg/5bnclds/92ev8t HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AWSALB=ya7m61y4TDu7D4jfgLDSpa2F2rlYF/jl8x8hTC+nUR+dX50BM5YQO9YC0djJXU4EnoIfF83L4A6C/azoATkEEl9iZSxWSMwfoaisDa9hfSYs8EGKTESFB6VZwVaF
cookie: AWSALBCORS=ya7m61y4TDu7D4jfgLDSpa2F2rlYF/jl8x8hTC+nUR+dX50BM5YQO9YC0djJXU4EnoIfF83L4A6C/azoATkEEl9iZSxWSMwfoaisDa9hfSYs8EGKTESFB6VZwVaF

Response

HTTP/2.0 302

date: Tue, 16 Apr 2024 23:02:40 GMT
content-type: text/plain
location: https://it.utah.edu/news/announcements.php?utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Announcements&utm_id=40489&sfmc_id=1095754
set-cookie: AWSALB=nFDcWy4aunhhv60vCfg5T8Oz1JiYIeNF/CZW+0Wql+MxpWCQDIRZCPY/s3OpEOm+N/5DvrtfXXL0h6S6TZXlNiOENpbc31xq9ag+ZOzMqcRwwKsUvQbfpdTgmhfb; Expires=Tue, 23 Apr 2024 23:02:40 GMT; Path=/
set-cookie: AWSALBCORS=nFDcWy4aunhhv60vCfg5T8Oz1JiYIeNF/CZW+0Wql+MxpWCQDIRZCPY/s3OpEOm+N/5DvrtfXXL0h6S6TZXlNiOENpbc31xq9ag+ZOzMqcRwwKsUvQbfpdTgmhfb; Expires=Tue, 23 Apr 2024 23:02:40 GMT; Path=/; SameSite=None; Secure
server: Apache
x-robots-tag: noindex, nofollow
GET

https://t.e2ma.net/click/tmzzbg/5bnclds/pvfv8t

chrome.exe

Remote address:

3.226.85.102:443

Request

GET /click/tmzzbg/5bnclds/pvfv8t HTTP/2.0
host: t.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AWSALB=nFDcWy4aunhhv60vCfg5T8Oz1JiYIeNF/CZW+0Wql+MxpWCQDIRZCPY/s3OpEOm+N/5DvrtfXXL0h6S6TZXlNiOENpbc31xq9ag+ZOzMqcRwwKsUvQbfpdTgmhfb
cookie: AWSALBCORS=nFDcWy4aunhhv60vCfg5T8Oz1JiYIeNF/CZW+0Wql+MxpWCQDIRZCPY/s3OpEOm+N/5DvrtfXXL0h6S6TZXlNiOENpbc31xq9ag+ZOzMqcRwwKsUvQbfpdTgmhfb

Response

HTTP/2.0 302

date: Tue, 16 Apr 2024 23:02:45 GMT
content-type: text/plain
location: https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
set-cookie: AWSALB=IFjmt0Sop6IheP2OtLiQjsH64giWJqjVzDN0A/hkOCEvP0XqlwddXr3tMmS+N8wHBPnosut08VUVklbUmf0S+2XgZsBLt8z12WGv0NO5akaeYg2E3CGGGjpXEGID; Expires=Tue, 23 Apr 2024 23:02:45 GMT; Path=/
set-cookie: AWSALBCORS=IFjmt0Sop6IheP2OtLiQjsH64giWJqjVzDN0A/hkOCEvP0XqlwddXr3tMmS+N8wHBPnosut08VUVklbUmf0S+2XgZsBLt8z12WGv0NO5akaeYg2E3CGGGjpXEGID; Expires=Tue, 23 Apr 2024 23:02:45 GMT; Path=/; SameSite=None; Secure
server: Apache
x-robots-tag: noindex, nofollow
GET

https://images.e2ma.net/images/spacer.gif

chrome.exe

Remote address:

3.162.20.14:443

Request

GET /images/spacer.gif HTTP/2.0
host: images.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
content-length: 43
last-modified: Mon, 12 Feb 2018 18:47:23 GMT
x-amz-version-id: NR_h3shUbuyvZr_K0khC35LOEbKbE_ml
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 07:43:49 GMT
etag: "4053ffd58fd43af7556f4f9394a458e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecc560fc8727dd454ee44d076e78f57a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4D0ckE6djJJbCphWb7ybzJLqXAd3A0ifdBVcq6cGu650_3D4frYmcw==
age: 55107
GET

https://images.e2ma.net/images/spacer.gif

chrome.exe

Remote address:

3.162.20.14:443

Request

GET /images/spacer.gif HTTP/2.0
host: images.e2ma.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://t.e2ma.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
content-length: 43
last-modified: Mon, 12 Feb 2018 18:47:23 GMT
x-amz-version-id: NR_h3shUbuyvZr_K0khC35LOEbKbE_ml
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 07:43:49 GMT
etag: "4053ffd58fd43af7556f4f9394a458e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecc560fc8727dd454ee44d076e78f57a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RVwM7DLglhlfpOR24XN-dRJ6a1UyJCDgKBLtzezbKejvL5QZ_2iK0A==
age: 55114
GET

https://d31hzlhk6di2h5.cloudfront.net/20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png

chrome.exe

Remote address:

54.230.10.11:443

Request

GET /20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png HTTP/2.0
host: d31hzlhk6di2h5.cloudfront.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 29708
date: Tue, 16 Apr 2024 23:02:17 GMT
last-modified: Wed, 10 Apr 2024 18:05:01 GMT
etag: "6519c3350778eb58a41d22f9d5a9b7d1"
x-amz-server-side-encryption: AES256
x-amz-version-id: WO5Qd4dhZw7a57y7Alyt4u5JHRTxqU3a
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 1ed36bd3b5d6fd1bf8a2a83c2b445d64.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oYSuthay6QQPbD6OxsVF8QqMmCrnIoimd0aJ1GwbmrgsEsU6IO81Xw==
GET

https://d31hzlhk6di2h5.cloudfront.net/20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png

chrome.exe

Remote address:

54.230.10.11:443

Request

GET /20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png HTTP/2.0
host: d31hzlhk6di2h5.cloudfront.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://t.e2ma.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 29708
date: Tue, 16 Apr 2024 23:02:17 GMT
last-modified: Wed, 10 Apr 2024 18:05:01 GMT
etag: "6519c3350778eb58a41d22f9d5a9b7d1"
x-amz-server-side-encryption: AES256
x-amz-version-id: WO5Qd4dhZw7a57y7Alyt4u5JHRTxqU3a
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1ed36bd3b5d6fd1bf8a2a83c2b445d64.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1OndllXoPSayn4YyYsnRkQeSkSzJ_4f8Ak-SJ8Q_lO875auAtbhKZw==
age: 6
DNS

42.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.200.250.142.in-addr.arpa

IN PTR

Response

42.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f101e100net
DNS

10.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.178.250.142.in-addr.arpa

IN PTR

Response

10.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f101e100net
DNS

14.20.162.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.20.162.3.in-addr.arpa

IN PTR

Response

14.20.162.3.in-addr.arpa

IN PTR

server-3-162-20-14man51r cloudfrontnet
DNS

11.10.230.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.10.230.54.in-addr.arpa

IN PTR

Response

11.10.230.54.in-addr.arpa

IN PTR

server-54-230-10-11man50r cloudfrontnet
DNS

241.154.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.154.82.20.in-addr.arpa

IN PTR

Response
DNS

102.85.226.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.85.226.3.in-addr.arpa

IN PTR

Response

102.85.226.3.in-addr.arpa

IN PTR

ec2-3-226-85-102 compute-1 amazonawscom
DNS

3.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.169.217.172.in-addr.arpa

IN PTR

Response

3.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f31e100net
DNS

219.183.117.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

219.183.117.104.in-addr.arpa

IN PTR

Response

219.183.117.104.in-addr.arpa

IN PTR

a104-117-183-219deploystaticakamaitechnologiescom
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

21.114.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.114.53.23.in-addr.arpa

IN PTR

Response

21.114.53.23.in-addr.arpa

IN PTR

a23-53-114-21deploystaticakamaitechnologiescom
DNS

guide.duo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

guide.duo.com

IN A

Response

guide.duo.com

IN CNAME

ghs.googlehosted.com

ghs.googlehosted.com

IN A

216.58.212.243
GET

https://guide.duo.com/universal-prompt

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /universal-prompt HTTP/2.0
host: guide.duo.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/css/bootstrap.css?None

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/css/bootstrap.css?None HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/css/bootstrap-responsive.css?None

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/css/bootstrap-responsive.css?None HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/css/guide.css?None

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/css/guide.css?None HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/js/jquery.js?None

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/js/jquery.js?None HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/js/guide.js?None

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/js/guide.js?None HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/duo-security.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/duo-security.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/tp-duo-push_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/tp-duo-push_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-push-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-push-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-options-list_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-options-list_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-options-filtered-list_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-options-filtered-list_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-remember-device_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-remember-device_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-remember-device-push_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-remember-device-push_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-remember-device-webauthn_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-remember-device-webauthn_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-touchid-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-touchid-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-faceid-verify_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-faceid-verify_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-hello-login-pin_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-hello-login-pin_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-android-login_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-android-login_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-touch-id-failed_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-touch-id-failed_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-touch-id-setup_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-touch-id-setup_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-securitykey-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-securitykey-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-securitykey-safari_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-securitykey-safari_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-security-key-verify-pin-chrome_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-security-key-verify-pin-chrome_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-yubipasscode-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-yubipasscode-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-prompt-verification-code_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-prompt-verification-code_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-dmpasscode-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-dmpasscode-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-smspasscode-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-smspasscode-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-phonecall-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-phonecall-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-tokenpasscode-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-tokenpasscode-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-bypasscode-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-bypasscode-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-enrollment-welcome_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-enrollment-welcome_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-enrollment-choose_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-enrollment-choose_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-touch-id-enroll-intro_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-touch-id-enroll-intro_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/chrome-touch-id-verify_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/chrome-touch-id-verify_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/touch-id-bar-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/touch-id-bar-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-touch-id-added_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-touch-id-added_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-hello-info_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-hello-info_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-hello-login-bio_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-hello-login-bio_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-hello-added_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-hello-added_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-faceid-info_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-faceid-info_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-faceid-added_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-faceid-added_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-android-info_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-android-info_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-android-verify_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-android-verify_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/passwordless-android-added_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/passwordless-android-added_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-duo-mobile-number_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-duo-mobile-number_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-phone-number-confirm_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-phone-number-confirm_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-confirm-phone-ownership_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-confirm-phone-ownership_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-duo-mobile-install_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-duo-mobile-install_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-duo-mobile-scan_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-duo-mobile-scan_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-duo-mobile-added_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-duo-mobile-added_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-security-key-enroll-intro_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-security-key-enroll-intro_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/windows-security-key-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/windows-security-key-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-security-key-set-pin-chrome_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-security-key-set-pin-chrome_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-security-key-enroll-success_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-security-key-enroll-success_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-phone-number_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-phone-number_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-phone-number-extension_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-phone-number-extension_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-phone-text-success_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-phone-text-success_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-phone-enroll-success_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-phone-enroll-success_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-enrollment-add-another-method_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-enrollment-add-another-method_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-enrollment-setup-complete_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-enrollment-setup-complete_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices-verify_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices-verify_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices-portal_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices-portal_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices-choose_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices-choose_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices-updated_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices-updated_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices-rename_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices-rename_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-manage-devices-delete_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-manage-devices-delete_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-push-timeout_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-push-timeout_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-text-link_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-text-link_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/up-new-number_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/up-new-number_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-reactivate-start_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-reactivate-start_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-reactivate-confirm-owner_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-reactivate-confirm-owner_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-reactivate-verify_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-reactivate-verify_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/device-notification-push-email_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/device-notification-push-email_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/device-notification-push_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/device-notification-push_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/device-notification-email-fraud_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/device-notification-email-fraud_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-os-ood-block_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-os-ood-block_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/universal-duo-desktop-check_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/universal-duo-desktop-check_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/static/images/en/trusted-endpoints-block-notice-universal-prompt_2x.png

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /static/images/en/trusted-endpoints-block-notice-universal-prompt_2x.png HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://guide.duo.com/favicon.ico

chrome.exe

Remote address:

216.58.212.243:443

Request

GET /favicon.ico HTTP/2.0
host: guide.duo.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/universal-prompt
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.483104690.1713308562
cookie: _gid=GA1.2.843472844.1713308562
cookie: _gat=1
cookie: _mkto_trk=id:074-UQX-410&token:_mch-duo.com-1713308562357-83506
DNS

cloud.webtype.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cloud.webtype.com

IN A

Response

cloud.webtype.com

IN A

104.21.11.219

cloud.webtype.com

IN A

172.67.167.75
DNS

www.cisco.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.cisco.com

IN A

Response

www.cisco.com

IN CNAME

www.cisco.com.akadns.net

www.cisco.com.akadns.net

IN CNAME

wwwds.cisco.com.edgekey.net

wwwds.cisco.com.edgekey.net

IN CNAME

wwwds.cisco.com.edgekey.net.globalredir.akadns.net

wwwds.cisco.com.edgekey.net.globalredir.akadns.net

IN CNAME

e2867.dsca.akamaiedge.net

e2867.dsca.akamaiedge.net

IN A

23.55.97.5
GET

https://cloud.webtype.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css

chrome.exe

Remote address:

104.21.11.219:443

Request

GET /css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css HTTP/2.0
host: cloud.webtype.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 16 Apr 2024 23:02:32 GMT
location: https://cloud.typenetwork.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css
cache-control: max-age=3600
expires: Wed, 17 Apr 2024 00:02:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MAJFFS%2BWKD5tg7D9BhW5sbpVcKPTFgjAIT9RobPPZuHRkoX1nBlRdED5UBNlPQC3WS0MkTyTtyw7ahA%2F%2Fc2EPYifd%2F8ZIs0v%2BuCgTORiE7%2FcLoZ1ZOf2IGykmNxbkDET%2FLxgLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8757cdb619e19538-LHR
alt-svc: h3=":443"; ma=86400
GET

https://www.cisco.com/c/dam/cdc/t/ctm-core.js

chrome.exe

Remote address:

23.55.97.5:443

Request

GET /c/dam/cdc/t/ctm-core.js HTTP/2.0
host: www.cisco.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
etag: "96f2-6154a96c1ad40-gzip"
accept-ranges: bytes
content-encoding: gzip
cdchost: wemxweb-publish-prod2-04
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-test-debug: nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1
content-length: 10648
content-type: application/x-javascript
expires: Tue, 16 Apr 2024 23:02:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 23:02:32 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
content-security-policy: upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/;
strict-transport-security: max-age=31536000
set-cookie: c_bi=f8fa77f54c01dfe37c3a57fa199243f8; path=/; domain=.www.cisco.com; Secure
server-timing: ak_p; desc="1713308552624_1490899893_605694659_35_8919_46_97_219";dur=1
GET

https://www.cisco.com/c/dam/cdc/t/ctm.js

chrome.exe

Remote address:

23.55.97.5:443

Request

GET /c/dam/cdc/t/ctm.js HTTP/2.0
host: www.cisco.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
etag: "1ba8d-6154a96d293ab-gzip"
accept-ranges: bytes
content-encoding: gzip
cdchost: wemxweb-publish-prod1-03
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-test-debug: nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1
content-length: 27438
content-type: application/x-javascript
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 19
expires: Tue, 16 Apr 2024 23:02:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 23:02:32 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
content-security-policy: upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/;
strict-transport-security: max-age=31536000
set-cookie: c_bi=eeb45bb922c24b5d9548921492d25519; path=/; domain=.www.cisco.com; Secure
server-timing: ak_p; desc="1713308552887_1490899893_605694741_33_10310_52_0_182";dur=1
GET

https://www.cisco.com/assets/ctm/xdc/xdcLsFrame.html

chrome.exe

Remote address:

23.55.97.5:443

Request

GET /assets/ctm/xdc/xdcLsFrame.html HTTP/2.0
host: www.cisco.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
accept-ranges: bytes
cdchost: wemxweb-publish-prod2-01
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-test-debug: nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1
content-type: text/html;charset=utf-8
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 9
x-akamai-transformed: 9 - 0 pmb=mRUM,1
content-encoding: gzip
cache-control: max-age=28545
expires: Wed, 17 Apr 2024 06:58:28 GMT
date: Tue, 16 Apr 2024 23:02:43 GMT
content-length: 2181
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
content-security-policy: upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/;
strict-transport-security: max-age=31536000
set-cookie: c_bi=4bf3cc1f1fb0e7eeac53edba8ad55217; path=/; domain=.www.cisco.com; Secure
server-timing: ak_p; desc="1713308563606_1490899893_605701300_42_10753_49_0_255";dur=1
GET

https://www.cisco.com/assets/ctm/xdc/xdc_ls_frame.js

chrome.exe

Remote address:

23.55.97.5:443

Request

GET /assets/ctm/xdc/xdc_ls_frame.js HTTP/2.0
host: www.cisco.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.cisco.com/assets/ctm/xdc/xdcLsFrame.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
etag: "10f5-5fef0de99b022-gzip"
accept-ranges: bytes
content-encoding: gzip
cdchost: wemxweb-publish-prod1-05
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-test-debug: nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1
content-length: 1633
content-type: application/x-javascript
x-edgeconnect-midmile-rtt: 1
x-edgeconnect-origin-mex-latency: 27
x-edgeconnect-midmile-rtt: 1
x-edgeconnect-origin-mex-latency: 27
cache-control: max-age=24035
expires: Wed, 17 Apr 2024 05:43:18 GMT
date: Tue, 16 Apr 2024 23:02:43 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
content-security-policy: upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/;
strict-transport-security: max-age=31536000
set-cookie: c_bi=290c5ae6ff415f0b674a04f13e454dbf; path=/; domain=.www.cisco.com; Secure
server-timing: ak_p; desc="1713308563690_1490899893_605701358_449_12409_49_0_219";dur=1
DNS

cloud.typenetwork.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cloud.typenetwork.com

IN A

Response

cloud.typenetwork.com

IN CNAME

n.sni.global.fastly.net

n.sni.global.fastly.net

IN A

151.101.1.91

n.sni.global.fastly.net

IN A

151.101.65.91

n.sni.global.fastly.net

IN A

151.101.129.91

n.sni.global.fastly.net

IN A

151.101.193.91
DNS

243.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

243.212.58.216.in-addr.arpa

IN PTR

Response

243.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f2431e100net

243.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f19�J

243.212.58.216.in-addr.arpa

IN PTR

lhr25s28-in-f19�J
DNS

219.11.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

219.11.21.104.in-addr.arpa

IN PTR

Response
DNS

5.97.55.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.97.55.23.in-addr.arpa

IN PTR

Response

5.97.55.23.in-addr.arpa

IN PTR

a23-55-97-5deploystaticakamaitechnologiescom
GET

https://cloud.typenetwork.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css HTTP/2.0
host: cloud.typenetwork.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
x-frame-options: DENY
cache-control: max-age=28800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8741ee9fedbcc32b-EWR
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 247429
date: Tue, 16 Apr 2024 23:02:32 GMT
x-served-by: cache-ewr18141-EWR, cache-lcy-eglc8600052-LCY
x-cache: HIT, HIT
x-cache-hits: 241, 0
x-timer: S1713308553.834579,VS0,VE2
vary: origin
access-control-allow-origin: *
content-length: 179
DNS

a.nel.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
DNS

cdn.localizejs.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.localizejs.com

IN A

Response

cdn.localizejs.com

IN A

172.66.43.199

cdn.localizejs.com

IN A

172.66.40.57
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D

chrome.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://cloud.typenetwork.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://a.nel.cloudflare.com/report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D

chrome.exe

Remote address:

35.190.80.1:443

Request

POST /report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D HTTP/2.0
host: a.nel.cloudflare.com
content-length: 450
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.localizejs.com/localize.js

chrome.exe

Remote address:

172.66.43.199:443

Request

GET /localize.js HTTP/2.0
host: cdn.localizejs.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 16 Apr 2024 23:02:33 GMT
location: https://global.localizecdn.com/localize.js
cache-control: max-age=3600
expires: Wed, 17 Apr 2024 00:02:33 GMT
set-cookie: __cf_bm=0kGsEw0k0oWj8nP23fqIS.cEKFFq7R2ACrh3Z_7OG4A-1713308553-1.0.1.1-IY4t7Wkh6aIuTieYBS25NB.fS_jmd_0za9K5lyLfW_XQRWy_xMMYa2aBMsLH1nVcB8eDUC81pwtqoF.0zd6wPQ; path=/; expires=Tue, 16-Apr-24 23:32:33 GMT; domain=.localizejs.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdb84f26dd1b-LHR
alt-svc: h3=":443"; ma=86400
DNS

global.localizecdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

global.localizecdn.com

IN A

Response

global.localizecdn.com

IN A

104.18.5.175

global.localizecdn.com

IN A

104.18.4.175
GET

https://global.localizecdn.com/localize.js

chrome.exe

Remote address:

104.18.5.175:443

Request

GET /localize.js HTTP/2.0
host: global.localizecdn.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:33 GMT
content-type: application/javascript
cache-control: public, max-age=259200
cf-bgj: minify
etag: W/"3be6398804eeab2124f4b83c4f33c1aa"
last-modified: Thu, 04 Apr 2024 15:28:15 GMT
vary: Accept-Encoding
via: 1.1 fcba64af08748c3d9b1a3ae3aeed39c0.cloudfront.net (CloudFront)
x-amz-cf-id: fyaQud-KZ1Ozb5tVupXp2UyTuhlmlNhsCxhKg6CX477piCwkxn3ZJA==
x-amz-cf-pop: CDG50-P1
x-amz-meta-x-amz-meta-v: 483
x-amz-server-side-encryption: AES256
x-amz-version-id: ZMs98.l0d_4bnX1T9jXjHHaT0X8dgz40
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 182272
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdb97ca79503-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://global.localizecdn.com/api/lib/Nj09ZGcmRJDwn/tl.gif?l=source&c=255660

chrome.exe

Remote address:

104.18.5.175:443

Request

GET /api/lib/Nj09ZGcmRJDwn/tl.gif?l=source&c=255660 HTTP/2.0
host: global.localizecdn.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-length: 43
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 06b0ae3f7e31c86dd483b6af7dc0cc98.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-amz-cf-id: c801jfC7-MEr48_vumzKhln9fuoVmWMWvgArEyeJB3mrgqKvQEGpBw==
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 23:02:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf758289503-LHR
alt-svc: h3=":443"; ma=86400
GET

https://global.localizecdn.com/api/lib/Nj09ZGcmRJDwn/tl.gif?l=en&c=6790498

chrome.exe

Remote address:

104.18.5.175:443

Request

GET /api/lib/Nj09ZGcmRJDwn/tl.gif?l=en&c=6790498 HTTP/2.0
host: global.localizecdn.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-length: 43
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6b044dd2ae76c466251b3be8f6ece716.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-amz-cf-id: n_oLdkHYD4tbHYc0UMK1XMBRtpv6ZIT5-IYJBC1lXL4bhKgXDFBf7w==
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 23:02:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf7582a9503-LHR
alt-svc: h3=":443"; ma=86400
DNS

91.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.1.101.151.in-addr.arpa

IN PTR

Response
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

199.43.66.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

199.43.66.172.in-addr.arpa

IN PTR

Response
DNS

175.5.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.5.18.104.in-addr.arpa

IN PTR

Response
DNS

fast.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

fast.wistia.com

IN A

Response

fast.wistia.com

IN CNAME

dualstack.j.sni.global.fastly.net

dualstack.j.sni.global.fastly.net

IN A

151.101.2.132

dualstack.j.sni.global.fastly.net

IN A

151.101.66.132

dualstack.j.sni.global.fastly.net

IN A

151.101.130.132

dualstack.j.sni.global.fastly.net

IN A

151.101.194.132
GET

https://fast.wistia.com/embed/medias/d6kzpc5ojl.jsonp

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /embed/medias/d6kzpc5ojl.jsonp HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"030539184b5d1515b0bdf269b4a77c68"
x-request-id: 6efe9357-a90f-45fa-899f-18f8fc387b1f
x-runtime: 0.049381
content-encoding: br
x-envoy-upstream-service-time: 51
via: 1.1 e4938fc434947f57a79af6b9b403df6e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD61-P1
x-amz-cf-id: 8J5pfmW7eeTbF2LWkJTFWxCQO1GPZyb6uPIxrp8ZTyO9T5ffhKNIqA==
accept-ranges: bytes
age: 27947
date: Tue, 16 Apr 2024 23:02:36 GMT
x-served-by: cache-iad-kiad7000119-IAD, cache-lcy-eglc8600034-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 2, 0
x-timer: S1713308556.388036,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
content-length: 1795
GET

https://fast.wistia.com/assets/external/E-v1.js

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /assets/external/E-v1.js HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 16 Apr 2024 15:26:39 GMT
etag: "9c4577923cced55a7d39723bb79bf33a"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 23:02:36 GMT
age: 2060
x-served-by: cache-iad-kjyo7100044-IAD, cache-lcy-eglc8600034-LCY
x-cache: HIT, HIT
x-cache-hits: 35, 167
x-timer: S1713308556.431045,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
asset-version: fa99d54708370281794f72e3586ef5977a90a618
content-length: 136623
GET

https://fast.wistia.com/assets/external/share-v2.js

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /assets/external/share-v2.js HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 16 Apr 2024 15:26:39 GMT
etag: "a9c0c4e9724dc508c0c3405b7c120cce"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 23:02:43 GMT
age: 2170
x-served-by: cache-iad-kiad7000111-IAD, cache-lcy-eglc8600034-LCY
x-cache: HIT, HIT
x-cache-hits: 33, 10
x-timer: S1713308563.198801,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
asset-version: fa99d54708370281794f72e3586ef5977a90a618
content-length: 20122
DNS

132.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.2.101.151.in-addr.arpa

IN PTR

Response
DNS

it.utah.edu

chrome.exe

Remote address:

8.8.8.8:53

Request

it.utah.edu

IN A

Response

it.utah.edu

IN A

155.98.186.99
GET

https://it.utah.edu/news/announcements.php?utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Announcements&utm_id=40489&sfmc_id=1095754

chrome.exe

Remote address:

155.98.186.99:443

Request

GET /news/announcements.php?utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Announcements&utm_id=40489&sfmc_id=1095754 HTTP/1.1
Host: it.utah.edu
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Tue, 16 Apr 2024 23:02:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 512
Connection: keep-alive
Location: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Set-Cookie: BIGipServerosc-nginx-ingress-http=1950041866.14460.0000; path=/; Httponly; Secure
Strict-Transport-Security: max-age=4294967295; includeSubDomains
DNS

99.186.98.155.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.186.98.155.in-addr.arpa

IN PTR

Response
DNS

go.utah.edu

chrome.exe

Remote address:

8.8.8.8:53

Request

go.utah.edu

IN A

Response

go.utah.edu

IN A

155.98.185.164
GET

https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754 HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

requestId: beb06c4d-9349-441e-878a-a477587f1e1c
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Set-Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en; Path=/; Secure; HttpOnly
Set-Cookie: TGC=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=utah.edu; Path=/cas; Secure; HttpOnly
Content-Type: text/html;charset=UTF-8
Content-Language: en
Transfer-Encoding: chunked
Date: Tue, 16 Apr 2024 23:02:42 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/normalize.css/8.0.1/normalize.css

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/normalize.css/8.0.1/normalize.css HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 3df4d091-3602-4840-8663-aae3e2214bd5
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:08 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/css;charset=UTF-8
Content-Length: 6138
Date: Tue, 16 Apr 2024 23:02:42 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/material-components-web/14.0.0/dist/material-components-web.min.css

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/material-components-web/14.0.0/dist/material-components-web.min.css HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 9a455bab-2263-4721-ba69-4e9d4b5ad26a
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:08 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/css;charset=UTF-8
Content-Length: 495454
Date: Tue, 16 Apr 2024 23:02:42 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/es5-shim/4.5.9/es5-shim.min.js

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/es5-shim/4.5.9/es5-shim.min.js HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: e97788b2-269c-4ca0-954f-7702c2fb089d
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:06 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 25453
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/material-components-web/14.0.0/dist/material-components-web.min.js

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/material-components-web/14.0.0/dist/material-components-web.min.js HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 6ca1ccda-8310-4bc3-b999-44019222c8a5
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:08 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 480232
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/favicon.ico

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/favicon.ico HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en; _ga=GA1.2.909880028.1713308564; _gid=GA1.2.1852852552.1713308564; _gat=1

Response

HTTP/1.1 200

requestId: 7e22d8ce-4aa6-4188-9fe2-fd090a9982d1
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/x-icon;charset=UTF-8
Content-Length: 318
Date: Tue, 16 Apr 2024 23:02:44 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/login?service=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1&entityId=https%3A%2F%2Fuofu.service-now.com

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/login?service=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1&entityId=https%3A%2F%2Fuofu.service-now.com HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en; _ga=GA1.2.909880028.1713308564; _gid=GA1.2.1852852552.1713308564; _gat=1; _ga_RRZG2G96EG=GS1.2.1713308563.1.0.1713308563.0.0.0

Response

HTTP/1.1 200

requestId: 1857e8e1-c2b7-4857-b804-5b2c6e8ac60a
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Set-Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en; Path=/; Secure; HttpOnly
Set-Cookie: TGC=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=utah.edu; Path=/cas; Secure; HttpOnly
Content-Type: text/html;charset=UTF-8
Content-Language: en
Transfer-Encoding: chunked
Date: Tue, 16 Apr 2024 23:02:51 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/bootstrap/5.2.0/css/bootstrap-grid.min.css

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/bootstrap/5.2.0/css/bootstrap-grid.min.css HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: eaf1cdf1-d9ca-441b-915a-542a29c7decc
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:06 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/css;charset=UTF-8
Content-Length: 53265
Date: Tue, 16 Apr 2024 23:02:42 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/css/cas.css

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/css/cas.css HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 43d107c2-bb80-42a7-a671-d6acb9772d3b
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/css;charset=UTF-8
Content-Length: 18820
Date: Tue, 16 Apr 2024 23:02:42 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/jquery/3.6.1/jquery.min.js

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 8e730cb8-22c5-48b9-93f9-d3ab8f50a618
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:08 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 89664
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/datatables/1.12.1/js/jquery.dataTables.min.js

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/datatables/1.12.1/js/jquery.dataTables.min.js HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 40e15d5e-9936-486d-97ff-782461c3fa58
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:06 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 90265
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/webjars/css-vars-ponyfill/2.4.7/dist/css-vars-ponyfill.min.js

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/css-vars-ponyfill/2.4.7/dist/css-vars-ponyfill.min.js HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 7788e1a7-074b-4f8a-8390-5f47bc66211e
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:06 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 23138
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/images/uofu/ulogo_white.png

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/images/uofu/ulogo_white.png HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 9235f853-a31d-4e81-9772-3c6751c1f2e7
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
Content-Length: 2732
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/images/uofu/imagine_u.png

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/images/uofu/imagine_u.png HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 4a4185cd-dd19-482a-844e-3b642045f3f3
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
Content-Length: 4021
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
DNS

99.186.98.155.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.186.98.155.in-addr.arpa

IN PTR

Response

99.186.98.155.in-addr.arpa

IN PTR

ccgswebutahedu

99.186.98.155.in-addr.arpa

IN PTR

cate�A

99.186.98.155.in-addr.arpa

IN PTR

campusrec�A

99.186.98.155.in-addr.arpa

IN PTR

cail�A

99.186.98.155.in-addr.arpa

IN PTR

c2c�A

99.186.98.155.in-addr.arpa

IN PTR

bsh�A

99.186.98.155.in-addr.arpa

IN PTR

bshtest�A

99.186.98.155.in-addr.arpa

IN PTR

box�A

99.186.98.155.in-addr.arpa

IN PTR

blocku��

99.186.98.155.in-addr.arpa

IN PTR

biophysics�A

99.186.98.155.in-addr.arpa

IN PTR

biophysics��

99.186.98.155.in-addr.arpa

IN PTR

biokids childcare�A

99.186.98.155.in-addr.arpa

IN PTR

biochemweb��

99.186.98.155.in-addr.arpa

IN PTR

bi�A

99.186.98.155.in-addr.arpa

IN PTR

bhidc�A

99.186.98.155.in-addr.arpa

IN PTR

bfsa��

99.186.98.155.in-addr.arpa

IN PTR

batholithtestfm�A

99.186.98.155.in-addr.arpa

IN PTR

basins�A

99.186.98.155.in-addr.arpa

IN PTR

basicneeds�A

99.186.98.155.in-addr.arpa

IN PTR

awc�A

99.186.98.155.in-addr.arpa

IN PTR

asuuchildcare�A

99.186.98.155.in-addr.arpa

IN PTR

asuu�1

99.186.98.155.in-addr.arpa

IN PTR

asia-center�A

99.186.98.155.in-addr.arpa

IN PTR

asap��

99.186.98.155.in-addr.arpa

IN PTR

anthro��

99.186.98.155.in-addr.arpa

IN PTR

alumni�A

99.186.98.155.in-addr.arpa

IN PTR

alumni��

99.186.98.155.in-addr.arpa

IN PTR

alumni humanities�A

99.186.98.155.in-addr.arpa

IN PTR

alumni humanities��

99.186.98.155.in-addr.arpa

IN PTR

aging�A

99.186.98.155.in-addr.arpa

IN PTR

afrotc�A

99.186.98.155.in-addr.arpa

IN PTR

afrotc��

99.186.98.155.in-addr.arpa

IN PTR

advising�A

99.186.98.155.in-addr.arpa

IN PTR

advanced-microscopy�A

99.186.98.155.in-addr.arpa

IN PTR

adaptlabpsych�A

99.186.98.155.in-addr.arpa

IN PTR

adaptlabpsych��

99.186.98.155.in-addr.arpa

IN PTR

accessibility��

99.186.98.155.in-addr.arpa

IN PTR

50yearscsbs�A

99.186.98.155.in-addr.arpa

IN PTR

1u4u��

99.186.98.155.in-addr.arpa

IN PTR

wwwit�A

99.186.98.155.in-addr.arpa

IN PTR

humanitiesworks�A

99.186.98.155.in-addr.arpa

IN PTR

umodel�A

99.186.98.155.in-addr.arpa

IN PTR

segerbiology�A

99.186.98.155.in-addr.arpa

IN PTR

sekercioglu�

99.186.98.155.in-addr.arpa

IN PTR

jorgensen�

99.186.98.155.in-addr.arpa

IN PTR

hec�=

99.186.98.155.in-addr.arpa

IN PTR

miller�

99.186.98.155.in-addr.arpa

IN PTR

farmer�

99.186.98.155.in-addr.arpa

IN PTR

bohs�

99.186.98.155.in-addr.arpa

IN PTR

yamaguchi�

99.186.98.155.in-addr.arpa

IN PTR

shapiro�

99.186.98.155.in-addr.arpa

IN PTR

roselab�

99.186.98.155.in-addr.arpa

IN PTR

olivera�

99.186.98.155.in-addr.arpa

IN PTR

nielsen�

99.186.98.155.in-addr.arpa

IN PTR

coley�

99.186.98.155.in-addr.arpa

IN PTR

carrier�

99.186.98.155.in-addr.arpa

IN PTR

bowling�

99.186.98.155.in-addr.arpa

IN PTR

bastiani�

99.186.98.155.in-addr.arpa

IN PTR

sperry�

99.186.98.155.in-addr.arpa

IN PTR

��

99.186.98.155.in-addr.arpa

IN PTR

sudo�A

99.186.98.155.in-addr.arpa

IN PTR

ants�

99.186.98.155.in-addr.arpa

IN PTR

darwin�

99.186.98.155.in-addr.arpa

IN PTR

adler�

99.186.98.155.in-addr.arpa

IN PTR

goldenberg�

99.186.98.155.in-addr.arpa

IN PTR

pataki�

99.186.98.155.in-addr.arpa

IN PTR

cwcedb�A

99.186.98.155.in-addr.arpa

IN PTR

postdocs�A

99.186.98.155.in-addr.arpa

IN PTR

radon�A

99.186.98.155.in-addr.arpa

IN PTR

wellness�A

99.186.98.155.in-addr.arpa

IN PTR

nsf-circ23�A

99.186.98.155.in-addr.arpa

IN PTR

ess��

99.186.98.155.in-addr.arpa

IN PTR

picl�r

99.186.98.155.in-addr.arpa

IN PTR

hospitality�A

99.186.98.155.in-addr.arpa

IN PTR

utahfounders��

99.186.98.155.in-addr.arpa

IN PTR

learnandearn�A

99.186.98.155.in-addr.arpa

IN PTR

websitesit��

99.186.98.155.in-addr.arpa

IN PTR

utahfoundersorg

99.186.98.155.in-addr.arpa

IN PTR

deansearlabneuro�A

99.186.98.155.in-addr.arpa

IN PTR

christianlab�E

99.186.98.155.in-addr.arpa

IN PTR

matteringmatters��

99.186.98.155.in-addr.arpa

IN PTR

uepc��

99.186.98.155.in-addr.arpa

IN PTR

firstgen��

99.186.98.155.in-addr.arpa

IN PTR

blueprintspace�A

99.186.98.155.in-addr.arpa

IN PTR

search��

99.186.98.155.in-addr.arpa

IN PTR

rises�V

99.186.98.155.in-addr.arpa

IN PTR

ai��

99.186.98.155.in-addr.arpa

IN PTR

nla�A

99.186.98.155.in-addr.arpa

IN PTR

cloud�

99.186.98.155.in-addr.arpa

IN PTR

securityresearch��

99.186.98.155.in-addr.arpa

IN PTR

firstgenscholars��

99.186.98.155.in-addr.arpa

IN PTR

accelerateu�A

99.186.98.155.in-addr.arpa

IN PTR

generaleducation�A

99.186.98.155.in-addr.arpa

IN PTR

energybalance�A

99.186.98.155.in-addr.arpa

IN PTR

rdodev�A

99.186.98.155.in-addr.arpa

IN PTR

vaast-lab�r

99.186.98.155.in-addr.arpa

IN PTR

materialsavailabilitymse�A

99.186.98.155.in-addr.arpa

IN PTR

innovationlab�A

99.186.98.155.in-addr.arpa

IN PTR

amqua2024�A

99.186.98.155.in-addr.arpa

IN PTR

journalism��

99.186.98.155.in-addr.arpa

IN PTR

forward��

99.186.98.155.in-addr.arpa

IN PTR

academy�D

99.186.98.155.in-addr.arpa

IN PTR

navigate�A

99.186.98.155.in-addr.arpa

IN PTR

supportus�A

99.186.98.155.in-addr.arpa

IN PTR

engage�A

99.186.98.155.in-addr.arpa

IN PTR

connect2health�A

99.186.98.155.in-addr.arpa

IN PTR

connect2health��

99.186.98.155.in-addr.arpa

IN PTR

1850�A

99.186.98.155.in-addr.arpa

IN PTR

centers�A

99.186.98.155.in-addr.arpa

IN PTR

accreditation�A

99.186.98.155.in-addr.arpa

IN PTR

studiesforyou�A

99.186.98.155.in-addr.arpa

IN PTR

centers��

99.186.98.155.in-addr.arpa

IN PTR

accreditation��

99.186.98.155.in-addr.arpa

IN PTR

diversity gradschool�A

99.186.98.155.in-addr.arpa

IN PTR

wellness��

99.186.98.155.in-addr.arpa

IN PTR

npig��

99.186.98.155.in-addr.arpa

IN PTR

healthandrelationships�U

99.186.98.155.in-addr.arpa

IN PTR

healthandrelationships�r

99.186.98.155.in-addr.arpa

IN PTR

studiesforyou��

99.186.98.155.in-addr.arpa

IN PTR

connect2healthus��

99.186.98.155.in-addr.arpa

IN PTR

spark��

99.186.98.155.in-addr.arpa

IN PTR

matheson�A

99.186.98.155.in-addr.arpa

IN PTR

sparc�A

99.186.98.155.in-addr.arpa

IN PTR

wellbeing��

99.186.98.155.in-addr.arpa

IN PTR

bfi�A

99.186.98.155.in-addr.arpa

IN PTR

sparc��

99.186.98.155.in-addr.arpa

IN PTR

pmst��

99.186.98.155.in-addr.arpa

IN PTR

nearcrisisprojectpoli-sci�A

99.186.98.155.in-addr.arpa

IN PTR

ucl�A

99.186.98.155.in-addr.arpa

IN PTR

lxdcards�A

99.186.98.155.in-addr.arpa

IN PTR

scripts��

99.186.98.155.in-addr.arpa

IN PTR

prisoneducationproject�A

99.186.98.155.in-addr.arpa

IN PTR

bennioncenter�A

99.186.98.155.in-addr.arpa

IN PTR

fulbright�A

99.186.98.155.in-addr.arpa

IN PTR

diversity gradschool��

99.186.98.155.in-addr.arpa

IN PTR

lxdcards��

99.186.98.155.in-addr.arpa

IN PTR

stena�A

99.186.98.155.in-addr.arpa

IN PTR

climatesurveycsbs��

99.186.98.155.in-addr.arpa

IN PTR

itk�A

99.186.98.155.in-addr.arpa

IN PTR

epicenter�A

99.186.98.155.in-addr.arpa

IN PTR

prisoneducationproject��

99.186.98.155.in-addr.arpa

IN PTR

ux��

99.186.98.155.in-addr.arpa

IN PTR

e3�A

99.186.98.155.in-addr.arpa

IN PTR

utahproject�A

99.186.98.155.in-addr.arpa

IN PTR

mentors�A

99.186.98.155.in-addr.arpa

IN PTR

fintech��

99.186.98.155.in-addr.arpa

IN PTR

fulbright��

99.186.98.155.in-addr.arpa

IN PTR

cte�A

99.186.98.155.in-addr.arpa

IN PTR

sam�A

99.186.98.155.in-addr.arpa

IN PTR

cte��

99.186.98.155.in-addr.arpa

IN PTR

herriman��

99.186.98.155.in-addr.arpa

IN PTR

bonderman-station�A

99.186.98.155.in-addr.arpa

IN PTR

skills�A

99.186.98.155.in-addr.arpa

IN PTR

accessibility�A

99.186.98.155.in-addr.arpa

IN PTR

history��

99.186.98.155.in-addr.arpa

IN PTR

bmishramining��

99.186.98.155.in-addr.arpa

IN PTR

mentors��

99.186.98.155.in-addr.arpa

IN PTR

facilities��

99.186.98.155.in-addr.arpa

IN PTR

transfer�A

99.186.98.155.in-addr.arpa

IN PTR

ssc�A

99.186.98.155.in-addr.arpa

IN PTR

digitallearning�A

99.186.98.155.in-addr.arpa

IN PTR

atmos�=

99.186.98.155.in-addr.arpa

IN PTR

first-year��

99.186.98.155.in-addr.arpa

IN PTR

robertbsmith�A

99.186.98.155.in-addr.arpa

IN PTR

rememberingu�A

99.186.98.155.in-addr.arpa

IN PTR

youthprotection��

99.186.98.155.in-addr.arpa

IN PTR

wwwthc�A

99.186.98.155.in-addr.arpa

IN PTR

wwwosp�A

99.186.98.155.in-addr.arpa

IN PTR

wwwmusic�A

99.186.98.155.in-addr.arpa

IN PTR

wwwmining�A

99.186.98.155.in-addr.arpa

IN PTR

wwwlegal�A

99.186.98.155.in-addr.arpa

IN PTR

wwwlearningabroad�A

99.186.98.155.in-addr.arpa

IN PTR

wwwkronos�A

99.186.98.155.in-addr.arpa

IN PTR

wwwgetreal�A

99.186.98.155.in-addr.arpa

IN PTR

wwwearth�A

99.186.98.155.in-addr.arpa

IN PTR

wwwcmes�A

99.186.98.155.in-addr.arpa

IN PTR

www�j

99.186.98.155.in-addr.arpa

IN PTR

www bioscience�A

99.186.98.155.in-addr.arpa

IN PTR

www�k

99.186.98.155.in-addr.arpa

IN PTR

writingcenter�A

99.186.98.155.in-addr.arpa

IN PTR

writing��

99.186.98.155.in-addr.arpa

IN PTR

wpjohnsongroup�A

99.186.98.155.in-addr.arpa

IN PTR

wpjohnsongroup��

99.186.98.155.in-addr.arpa

IN PTR

work-reimagined��

99.186.98.155.in-addr.arpa

IN PTR

womenscenter�A

99.186.98.155.in-addr.arpa

IN PTR

williamslab�E

99.186.98.155.in-addr.arpa

IN PTR

wateriso��

99.186.98.155.in-addr.arpa

IN PTR

vickersbiology��

99.186.98.155.in-addr.arpa

IN PTR

vhas�A

99.186.98.155.in-addr.arpa

IN PTR

v3nlp�A

99.186.98.155.in-addr.arpa

IN PTR

uwp�A

99.186.98.155.in-addr.arpa

IN PTR

uwhen�A

99.186.98.155.in-addr.arpa

IN PTR

uwebresources�A

99.186.98.155.in-addr.arpa

IN PTR

uusatrg�A

99.186.98.155.in-addr.arpa

IN PTR

uurc�A

99.186.98.155.in-addr.arpa

IN PTR

uuac�A

99.186.98.155.in-addr.arpa

IN PTR

uuac��

99.186.98.155.in-addr.arpa

IN PTR

utahlogic��

99.186.98.155.in-addr.arpa

IN PTR

utahfieldstations��

99.186.98.155.in-addr.arpa

IN PTR

ɽ

99.186.98.155.in-addr.arpa

IN PTR

upark�A

99.186.98.155.in-addr.arpa

IN PTR

unwp�A

99.186.98.155.in-addr.arpa

IN PTR

undergraduate-advancement�A

99.186.98.155.in-addr.arpa

IN PTR

undergraduate-advancement��

99.186.98.155.in-addr.arpa

IN PTR

umarket�A

99.186.98.155.in-addr.arpa

IN PTR

ukic�A

99.186.98.155.in-addr.arpa

IN PTR

ugsodi�A

99.186.98.155.in-addr.arpa

IN PTR

ugs�=

99.186.98.155.in-addr.arpa

IN PTR

ugs�A

99.186.98.155.in-addr.arpa

IN PTR

ucl��

99.186.98.155.in-addr.arpa

IN PTR

thriving�A

99.186.98.155.in-addr.arpa

IN PTR

thriving��

99.186.98.155.in-addr.arpa

IN PTR

theagingarchive��

99.186.98.155.in-addr.arpa

IN PTR

��

99.186.98.155.in-addr.arpa

IN PTR

templates�=

99.186.98.155.in-addr.arpa

IN PTR

templates�A

99.186.98.155.in-addr.arpa

IN PTR

templates��

99.186.98.155.in-addr.arpa

IN PTR

templates��

99.186.98.155.in-addr.arpa

IN PTR

tannerlectures�A

99.186.98.155.in-addr.arpa

IN PTR

tannerlectures��

99.186.98.155.in-addr.arpa

IN PTR

taft-nicholson�A

99.186.98.155.in-addr.arpa

IN PTR

surfacegeology�=

99.186.98.155.in-addr.arpa

IN PTR

surfacegeologyЧ

99.186.98.155.in-addr.arpa

IN PTR

summerconferences�A

99.186.98.155.in-addr.arpa

IN PTR

studentsuccess��

99.186.98.155.in-addr.arpa

IN PTR

studenthealth�A

99.186.98.155.in-addr.arpa

IN PTR

studentaffairs�A

99.186.98.155.in-addr.arpa

IN PTR

studentaffairs��

99.186.98.155.in-addr.arpa

IN PTR

stormy�

99.186.98.155.in-addr.arpa

IN PTR

stgeorge�A

99.186.98.155.in-addr.arpa

IN PTR

steelechem�A

99.186.98.155.in-addr.arpa

IN PTR

staffdiversity�A

99.186.98.155.in-addr.arpa

IN PTR

speechlab�A

99.186.98.155.in-addr.arpa

IN PTR

speechlab��

99.186.98.155.in-addr.arpa

IN PTR

special-ed�A

99.186.98.155.in-addr.arpa

IN PTR

special-ed��

99.186.98.155.in-addr.arpa

IN PTR

software�A

99.186.98.155.in-addr.arpa

IN PTR

socwk�A

99.186.98.155.in-addr.arpa

IN PTR

socialwork�A

99.186.98.155.in-addr.arpa

IN PTR

socialneuroscience�r

99.186.98.155.in-addr.arpa

IN PTR

soc�A

99.186.98.155.in-addr.arpa

IN PTR

skype�A

99.186.98.155.in-addr.arpa

IN PTR

sirfer�A

99.186.98.155.in-addr.arpa

IN PTR

singleirb�A

99.186.98.155.in-addr.arpa

IN PTR

singleirb��

99.186.98.155.in-addr.arpa

IN PTR

shoshoniproject�A

99.186.98.155.in-addr.arpa

IN PTR

sed�A

99.186.98.155.in-addr.arpa

IN PTR

sed��

99.186.98.155.in-addr.arpa

IN PTR

security��

99.186.98.155.in-addr.arpa

IN PTR

search�A

99.186.98.155.in-addr.arpa

IN PTR

scholarships�A

99.186.98.155.in-addr.arpa

IN PTR

sandy�A

99.186.98.155.in-addr.arpa

IN PTR

safetycommitteesehs�A

99.186.98.155.in-addr.arpa

IN PTR

safetycommitteesehs��

99.186.98.155.in-addr.arpa

IN PTR

safetycenter�A

99.186.98.155.in-addr.arpa

IN PTR

safe-walk�A

99.186.98.155.in-addr.arpa

IN PTR

sa11170�=

99.186.98.155.in-addr.arpa

IN PTR

rso�A

99.186.98.155.in-addr.arpa

IN PTR

rpa�A

99.186.98.155.in-addr.arpa

IN PTR

rosenblattprize��

99.186.98.155.in-addr.arpa

IN PTR

rio��

99.186.98.155.in-addr.arpa

IN PTR

rge�A

99.186.98.155.in-addr.arpa

IN PTR

rge��

99.186.98.155.in-addr.arpa

IN PTR

return�A

99.186.98.155.in-addr.arpa

IN PTR

resources presentations�A

99.186.98.155.in-addr.arpa

IN PTR

�D

99.186.98.155.in-addr.arpa

IN PTR

research

99.186.98.155.in-addr.arpa

IN PTR

research¼

99.186.98.155.in-addr.arpa

IN PTR

reportssafety�A

99.186.98.155.in-addr.arpa

IN PTR

reportssafety��

99.186.98.155.in-addr.arpa

IN PTR

reportsdps�A

99.186.98.155.in-addr.arpa

IN PTR

renewableenergyresearch�A

99.186.98.155.in-addr.arpa

IN PTR

rememberingu��

99.186.98.155.in-addr.arpa

IN PTR

regulations�A

99.186.98.155.in-addr.arpa

IN PTR

registrar�A

99.186.98.155.in-addr.arpa

IN PTR

recoverattheu�A

99.186.98.155.in-addr.arpa

IN PTR

rdcnexus�A

99.186.98.155.in-addr.arpa

IN PTR

r2m�A

99.186.98.155.in-addr.arpa

IN PTR

qualitycomplianceresearch�A

99.186.98.155.in-addr.arpa

IN PTR

qualitycompliance�D

99.186.98.155.in-addr.arpa

IN PTR

pyrite�A

99.186.98.155.in-addr.arpa

IN PTR

publicaffairs�A

99.186.98.155.in-addr.arpa

IN PTR

�U

99.186.98.155.in-addr.arpa

IN PTR

project-codegames�A

99.186.98.155.in-addr.arpa

IN PTR

proed��

99.186.98.155.in-addr.arpa

IN PTR

proceduresfinancialaid��

99.186.98.155.in-addr.arpa

IN PTR

probelab�A

99.186.98.155.in-addr.arpa

IN PTR

presidentscircle�1

99.186.98.155.in-addr.arpa

IN PTR

ppplab�r

99.186.98.155.in-addr.arpa

IN PTR

powder metallurgy�A

99.186.98.155.in-addr.arpa

IN PTR

�%

99.186.98.155.in-addr.arpa

IN PTR

poli-sci��

99.186.98.155.in-addr.arpa

IN PTR

pmmc�A

99.186.98.155.in-addr.arpa

IN PTR

pmag��

99.186.98.155.in-addr.arpa

IN PTR

pmagЧ

99.186.98.155.in-addr.arpa

IN PTR

philosophy�A

99.186.98.155.in-addr.arpa

IN PTR

phietasigma�A

99.186.98.155.in-addr.arpa

IN PTR

personal-money-management�A

99.186.98.155.in-addr.arpa

IN PTR

pebllab�r

99.186.98.155.in-addr.arpa

IN PTR

peace�A

99.186.98.155.in-addr.arpa

IN PTR

pcsw�A

99.186.98.155.in-addr.arpa

IN PTR

pataki��

99.186.98.155.in-addr.arpa

IN PTR

parklab�E

99.186.98.155.in-addr.arpa

IN PTR

paleo��

99.186.98.155.in-addr.arpa

IN PTR

��

99.186.98.155.in-addr.arpa

IN PTR

orisڝ

99.186.98.155.in-addr.arpa

IN PTR

online�A

99.186.98.155.in-addr.arpa

IN PTR

oeo�A

99.186.98.155.in-addr.arpa

IN PTR

observatoryastro��

99.186.98.155.in-addr.arpa

IN PTR

o365cloud�A

99.186.98.155.in-addr.arpa

IN PTR

nsoorientation��

99.186.98.155.in-addr.arpa

IN PTR

nrotc�A

99.186.98.155.in-addr.arpa

IN PTR

nrotc��

99.186.98.155.in-addr.arpa

IN PTR

noise��

99.186.98.155.in-addr.arpa

IN PTR

noiseЧ

99.186.98.155.in-addr.arpa

IN PTR

noiseearth��

99.186.98.155.in-addr.arpa

IN PTR

noblegaslab�A

99.186.98.155.in-addr.arpa

IN PTR

nmrc�A

99.186.98.155.in-addr.arpa

IN PTR

�e

99.186.98.155.in-addr.arpa

IN PTR

nexus��

99.186.98.155.in-addr.arpa

IN PTR

neurosciencemed�A

99.186.98.155.in-addr.arpa

IN PTR

neuro�=

99.186.98.155.in-addr.arpa

IN PTR

neuro�Q

99.186.98.155.in-addr.arpa

IN PTR

�E

99.186.98.155.in-addr.arpa

IN PTR

nearcrisesproject��

99.186.98.155.in-addr.arpa

IN PTR

navsci�A

99.186.98.155.in-addr.arpa

IN PTR

navsci��

99.186.98.155.in-addr.arpa

IN PTR

nativepeoplesofutah��

99.186.98.155.in-addr.arpa

IN PTR

myclassmap�A

99.186.98.155.in-addr.arpa

IN PTR

�

99.186.98.155.in-addr.arpa

IN PTR

muse�A

99.186.98.155.in-addr.arpa

IN PTR

muse��

99.186.98.155.in-addr.arpa

IN PTR

mpp�A

99.186.98.155.in-addr.arpa

IN PTR

mpa�A

99.186.98.155.in-addr.arpa

IN PTR

mormon��

99.186.98.155.in-addr.arpa

IN PTR

monsoncenter�A

99.186.98.155.in-addr.arpa

IN PTR

molinero�A

99.186.98.155.in-addr.arpa

IN PTR

�"

99.186.98.155.in-addr.arpa

IN PTR

milsci�A

99.186.98.155.in-addr.arpa

IN PTR

milsci��

99.186.98.155.in-addr.arpa

IN PTR

mikefree��

99.186.98.155.in-addr.arpa

IN PTR

middleeaststudies�A

99.186.98.155.in-addr.arpa

IN PTR

miage�A

99.186.98.155.in-addr.arpa

IN PTR

miage��

99.186.98.155.in-addr.arpa

IN PTR

mh1�A

99.186.98.155.in-addr.arpa

IN PTR

mh1��

99.186.98.155.in-addr.arpa

IN PTR

mental-health�A

99.186.98.155.in-addr.arpa

IN PTR

mec�A

99.186.98.155.in-addr.arpa

IN PTR

mechum�A

99.186.98.155.in-addr.arpa

IN PTR

matheson��

99.186.98.155.in-addr.arpa

IN PTR

maps��

99.186.98.155.in-addr.arpa

IN PTR

map�A

99.186.98.155.in-addr.arpa

IN PTR

lrhe�A

99.186.98.155.in-addr.arpa

IN PTR

linguistics�A

99.186.98.155.in-addr.arpa

IN PTR

lep��

99.186.98.155.in-addr.arpa

IN PTR

�;

99.186.98.155.in-addr.arpa

IN PTR

learnwork�A

99.186.98.155.in-addr.arpa

IN PTR

learnwork��

99.186.98.155.in-addr.arpa

IN PTR

learningspaces�A

99.186.98.155.in-addr.arpa

IN PTR

learningspaces��

99.186.98.155.in-addr.arpa

IN PTR

learningportfolios��

99.186.98.155.in-addr.arpa

IN PTR

learningcenter�A

99.186.98.155.in-addr.arpa

IN PTR

learningcenter��

99.186.98.155.in-addr.arpa

IN PTR

learninganalytics��

99.186.98.155.in-addr.arpa

IN PTR

�S

99.186.98.155.in-addr.arpa

IN PTR

learningabroad��

99.186.98.155.in-addr.arpa

IN PTR

leap�A

99.186.98.155.in-addr.arpa

IN PTR

leadership��

99.186.98.155.in-addr.arpa

IN PTR

latin-american-studies�A

99.186.98.155.in-addr.arpa

IN PTR

languages�A

99.186.98.155.in-addr.arpa

IN PTR

l2trec�A

99.186.98.155.in-addr.arpa

IN PTR

l2trec��

99.186.98.155.in-addr.arpa

IN PTR

�t

99.186.98.155.in-addr.arpa

IN PTR

junyanglab�=

99.186.98.155.in-addr.arpa

IN PTR

junyanglab�Q

99.186.98.155.in-addr.arpa

IN PTR

junyanglabhsc�A

99.186.98.155.in-addr.arpa

IN PTR

javascript�A

99.186.98.155.in-addr.arpa

IN PTR

javascript��

99.186.98.155.in-addr.arpa

IN PTR

itprofessionals��

99.186.98.155.in-addr.arpa

IN PTR

itil��

99.186.98.155.in-addr.arpa

IN PTR

�

99.186.98.155.in-addr.arpa

IN PTR

istar�A

99.186.98.155.in-addr.arpa

IN PTR

istar��

99.186.98.155.in-addr.arpa

IN PTR

isss�A

99.186.98.155.in-addr.arpa

IN PTR

isss��

99.186.98.155.in-addr.arpa

IN PTR

iss�A

99.186.98.155.in-addr.arpa

IN PTR

irb�A

99.186.98.155.in-addr.arpa

IN PTR

internships�0

99.186.98.155.in-addr.arpa

IN PTR

internationalcenter�A

99.186.98.155.in-addr.arpa

IN PTR

international-studies�A

99.186.98.155.in-addr.arpa

IN PTR

integrityڝ

99.186.98.155.in-addr.arpa

IN PTR

institute communication�A

99.186.98.155.in-addr.arpa

IN PTR

inmanlab�U

99.186.98.155.in-addr.arpa

IN PTR

inmanlab�r

99.186.98.155.in-addr.arpa

IN PTR

inclusive�A

99.186.98.155.in-addr.arpa

IN PTR

inclusive-excellence�A

99.186.98.155.in-addr.arpa

IN PTR

impactscholars�A

99.186.98.155.in-addr.arpa

IN PTR

imh�A

99.186.98.155.in-addr.arpa

IN PTR

imh��

99.186.98.155.in-addr.arpa

IN PTR

identity�A

99.186.98.155.in-addr.arpa

IN PTR

identity��

99.186.98.155.in-addr.arpa

IN PTR

ic�A

99.186.98.155.in-addr.arpa

IN PTR

ibc�A

99.186.98.155.in-addr.arpa

IN PTR

ibc��

99.186.98.155.in-addr.arpa

IN PTR

ias�A

99.186.98.155.in-addr.arpa

IN PTR

hutton�7

99.186.98.155.in-addr.arpa

IN PTR

hutton philosophy��

99.186.98.155.in-addr.arpa

IN PTR

humanrights�A

99.186.98.155.in-addr.arpa

IN PTR

humanrights��

99.186.98.155.in-addr.arpa

IN PTR

humanitiesworks��

99.186.98.155.in-addr.arpa

IN PTR

humanitiesconvocation�A

99.186.98.155.in-addr.arpa

IN PTR

humanitiesconvocation��

99.186.98.155.in-addr.arpa

IN PTR

humanities-focus�A

99.186.98.155.in-addr.arpa

IN PTR

humanities-focus��

99.186.98.155.in-addr.arpa

IN PTR

��

99.186.98.155.in-addr.arpa

IN PTR

hsp�A

99.186.98.155.in-addr.arpa

IN PTR

hsp��

99.186.98.155.in-addr.arpa

IN PTR

hrpp�A

99.186.98.155.in-addr.arpa

IN PTR

hrpp��

99.186.98.155.in-addr.arpa

IN PTR

hinckleyendowment�A

99.186.98.155.in-addr.arpa

IN PTR

hec��

99.186.98.155.in-addr.arpa

IN PTR

heartlab�U

99.186.98.155.in-addr.arpa

IN PTR

hazards��

99.186.98.155.in-addr.arpa

IN PTR

guardsman�1

99.186.98.155.in-addr.arpa

IN PTR

gsa׼

99.186.98.155.in-addr.arpa

IN PTR

ʺ

99.186.98.155.in-addr.arpa

IN PTR

��

99.186.98.155.in-addr.arpa

IN PTR

Ѝ

99.186.98.155.in-addr.arpa

IN PTR

geohazardsЧ

99.186.98.155.in-addr.arpa

IN PTR

geog��

99.186.98.155.in-addr.arpa

IN PTR

gcse׼

99.186.98.155.in-addr.arpa

IN PTR

gcloud�A

99.186.98.155.in-addr.arpa

IN PTR

foreigninfluence�A

99.186.98.155.in-addr.arpa

IN PTR

firststar�A

99.186.98.155.in-addr.arpa

IN PTR

firststar��

99.186.98.155.in-addr.arpa

IN PTR

financialwellness�A

99.186.98.155.in-addr.arpa

IN PTR

financialaid�A

99.186.98.155.in-addr.arpa

IN PTR

fieldwork�,

99.186.98.155.in-addr.arpa

IN PTR

fcs�A

99.186.98.155.in-addr.arpa

IN PTR

fairfuture�A

99.186.98.155.in-addr.arpa

IN PTR

facultycenter�A

99.186.98.155.in-addr.arpa

IN PTR

facilities�A

99.186.98.155.in-addr.arpa

IN PTR

facilitiesп

99.186.98.155.in-addr.arpa

IN PTR

exploringorigins�(

99.186.98.155.in-addr.arpa

IN PTR

envst�A

99.186.98.155.in-addr.arpa

IN PTR

envst��

99.186.98.155.in-addr.arpa

IN PTR

environmental-humanities�A

99.186.98.155.in-addr.arpa

IN PTR

english�A

99.186.98.155.in-addr.arpa

IN PTR

english��

99.186.98.155.in-addr.arpa

IN PTR

engagement�A

99.186.98.155.in-addr.arpa

IN PTR

empowerlab�U

99.186.98.155.in-addr.arpa

IN PTR

eli�A

99.186.98.155.in-addr.arpa

IN PTR

�4

99.186.98.155.in-addr.arpa

IN PTR

efs�A

99.186.98.155.in-addr.arpa

IN PTR

efs��

99.186.98.155.in-addr.arpa

IN PTR

efrcmuse�A

99.186.98.155.in-addr.arpa

IN PTR

eeu�A

99.186.98.155.in-addr.arpa

IN PTR

education�A

99.186.98.155.in-addr.arpa

IN PTR

educationڝ

99.186.98.155.in-addr.arpa

IN PTR

edpsed�A

99.186.98.155.in-addr.arpa

IN PTR

ed-psych�A

99.186.98.155.in-addr.arpa

IN PTR

ed-psych��

99.186.98.155.in-addr.arpa

IN PTR

ecs�A

99.186.98.155.in-addr.arpa

IN PTR

ecs��

99.186.98.155.in-addr.arpa

IN PTR

economics�A

99.186.98.155.in-addr.arpa

IN PTR

econ�A

99.186.98.155.in-addr.arpa

IN PTR

ecec�1

99.186.98.155.in-addr.arpa

IN PTR

eastvillage�1

99.186.98.155.in-addr.arpa

IN PTR

Ч

99.186.98.155.in-addr.arpa

IN PTR

e3��

99.186.98.155.in-addr.arpa

IN PTR

dream�A

99.186.98.155.in-addr.arpa

IN PTR

dream��

99.186.98.155.in-addr.arpa

IN PTR

dorskylab�E

99.186.98.155.in-addr.arpa

IN PTR

disability�A

99.186.98.155.in-addr.arpa

IN PTR

digital¼

99.186.98.155.in-addr.arpa

IN PTR

developer�A

99.186.98.155.in-addr.arpa

IN PTR

developer��

99.186.98.155.in-addr.arpa

IN PTR

dev2�b

99.186.98.155.in-addr.arpa

IN PTR

dev�b

99.186.98.155.in-addr.arpa

IN PTR

designjustice�A

99.186.98.155.in-addr.arpa

IN PTR

designjustice��

99.186.98.155.in-addr.arpa

IN PTR

demography�A

99.186.98.155.in-addr.arpa

IN PTR

degreeaudit�A

99.186.98.155.in-addr.arpa

IN PTR

debate�A

99.186.98.155.in-addr.arpa

IN PTR

debate��

99.186.98.155.in-addr.arpa

IN PTR

deanofstudents�A

99.186.98.155.in-addr.arpa

IN PTR

ctle��

99.186.98.155.in-addr.arpa

IN PTR

ê

99.186.98.155.in-addr.arpa

IN PTR

counselingcenter�A

99.186.98.155.in-addr.arpa

IN PTR

continuinged�A

99.186.98.155.in-addr.arpa

IN PTR

continuinged��

99.186.98.155.in-addr.arpa

IN PTR

continue��

99.186.98.155.in-addr.arpa

IN PTR

consentڝ

99.186.98.155.in-addr.arpa

IN PTR

confucius�A

99.186.98.155.in-addr.arpa

IN PTR

conflictresolution�A

99.186.98.155.in-addr.arpa

IN PTR

conferences�A

99.186.98.155.in-addr.arpa

IN PTR

commencement��

99.186.98.155.in-addr.arpa

IN PTR

coi�A

99.186.98.155.in-addr.arpa

IN PTR

coi��

99.186.98.155.in-addr.arpa

IN PTR

п

99.186.98.155.in-addr.arpa

IN PTR

ciso��

99.186.98.155.in-addr.arpa

IN PTR

�1

99.186.98.155.in-addr.arpa

IN PTR

cherp�A

99.186.98.155.in-addr.arpa

IN PTR

chemotaxis�

99.186.98.155.in-addr.arpa

IN PTR

chemotaxis��

99.186.98.155.in-addr.arpa

IN PTR

�

99.186.98.155.in-addr.arpa

IN PTR

cfahr�A

99.186.98.155.in-addr.arpa

IN PTR

certificates�A

99.186.98.155.in-addr.arpa

IN PTR

certificates��

99.186.98.155.in-addr.arpa

IN PTR

centralirb�A

99.186.98.155.in-addr.arpa

IN PTR

centeronaging�A

99.186.98.155.in-addr.arpa

IN PTR

ceedar�A

99.186.98.155.in-addr.arpa

IN PTR

cci�A
GET

https://go.utah.edu/cas/webjars/mdi__font/6.5.95/css/materialdesignicons.min.css

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/webjars/mdi__font/6.5.95/css/materialdesignicons.min.css HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: e7837bf2-b4f2-46a6-a277-d24c6466bfe5
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:08 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/css;charset=UTF-8
Content-Length: 305022
Date: Tue, 16 Apr 2024 23:02:42 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/js/cas.js

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/js/cas.js HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: 54f57ef8-9b19-4b80-bdd0-3d892d760dc4
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 7535
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
GET

https://go.utah.edu/cas/images/uofu/u_healthcare_white.png

chrome.exe

Remote address:

155.98.185.164:443

Request

GET /cas/images/uofu/u_healthcare_white.png HTTP/1.1
Host: go.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en

Response

HTTP/1.1 200

requestId: a5ca5a8e-a010-4cd1-93e7-97eed6671e96
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Last-Modified: Thu, 29 Feb 2024 23:26:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
Content-Length: 1245
Date: Tue, 16 Apr 2024 23:02:43 GMT
Keep-Alive: timeout=20
Connection: keep-alive
DNS

164.185.98.155.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.185.98.155.in-addr.arpa

IN PTR

Response

164.185.98.155.in-addr.arpa

IN PTR

goutahedu
DNS

164.185.98.155.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.185.98.155.in-addr.arpa

IN PTR

Response

164.185.98.155.in-addr.arpa

IN PTR

goutahedu
DNS

cdn.cookielaw.org

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.19.177.52

cdn.cookielaw.org

IN A

104.19.178.52
DNS

cdn.cookielaw.org

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.19.178.52

cdn.cookielaw.org

IN A

104.19.177.52
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:42 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
last-modified: Tue, 16 Apr 2024 07:41:13 GMT
etag: 0x8DC5DE897C0290E
x-ms-request-id: f7dc4b77-c01e-0030-5118-90874c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 24795
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf65dde53a5-LHR
GET

https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /scripttemplates/202304.1.0/otBannerSdk.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/javascript
content-length: 99020
content-encoding: gzip
content-md5: f9AvZgohx9TU9t078cCRXA==
last-modified: Thu, 11 May 2023 06:31:14 GMT
etag: 0x8DB51E951BA9202
x-ms-request-id: 2aef2bd7-901e-004f-134e-7948d7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 24792
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf908da53a5-LHR
GET

https://cdn.cookielaw.org/logos/03fc55fe-0057-4b2f-817d-763e7ecdb316/ad0fee7c-eecb-4e6d-b90f-8b6ca3a1e95c/cisco-logo-transparent.png

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /logos/03fc55fe-0057-4b2f-817d-763e7ecdb316/ad0fee7c-eecb-4e6d-b90f-8b6ca3a1e95c/cisco-logo-transparent.png HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/octet-stream
content-length: 32643
content-md5: XLW/kMAZl7adVJk8d8zW/Q==
last-modified: Tue, 11 Feb 2020 23:17:51 GMT
etag: 0x8D7AF489DD1DF9D
x-ms-request-id: 3f8e1479-801e-0088-5b08-7cdc8a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 70700
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdfa9ab753a5-LHR
GET

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /logos/static/powered_by_logo.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Tue, 16 Apr 2024 07:41:16 GMT
x-ms-request-id: 9997b8bc-301e-00a2-6c31-90039a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 14194
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdfb0afb53a5-LHR
content-encoding: gzip
DNS

munchkin.marketo.net

chrome.exe

Remote address:

8.8.8.8:53

Request

munchkin.marketo.net

IN A

Response

munchkin.marketo.net

IN CNAME

wildcard.marketo.net.edgekey.net

wildcard.marketo.net.edgekey.net

IN CNAME

e10776.b.akamaiedge.net

e10776.b.akamaiedge.net

IN A

104.68.89.134
DNS

munchkin.marketo.net

chrome.exe

Remote address:

8.8.8.8:53

Request

munchkin.marketo.net

IN A

Response

munchkin.marketo.net

IN CNAME

wildcard.marketo.net.edgekey.net

wildcard.marketo.net.edgekey.net

IN CNAME

e10776.b.akamaiedge.net

e10776.b.akamaiedge.net

IN A

104.68.89.134
GET

https://cdn.cookielaw.org/consent/9e0aae48-2403-41a9-8a52-892faec23a4f/9e0aae48-2403-41a9-8a52-892faec23a4f.json

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /consent/9e0aae48-2403-41a9-8a52-892faec23a4f/9e0aae48-2403-41a9-8a52-892faec23a4f.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/x-javascript
content-length: 1977
cf-ray: 8757cdf74dd06343-LHR
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 29741
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC49BA28830125
expires: Wed, 17 Apr 2024 23:02:43 GMT
last-modified: Thu, 21 Mar 2024 15:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: Ofn/DHjhlodBUqDKm8KISA==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b15fea40-701e-0047-68a3-7b52d8000000
x-ms-version: 2009-09-19
server: cloudflare
GET

https://cdn.cookielaw.org/consent/9e0aae48-2403-41a9-8a52-892faec23a4f/bbc1a39d-5c7d-43c1-9529-5b0da4ae38da/en.json

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /consent/9e0aae48-2403-41a9-8a52-892faec23a4f/bbc1a39d-5c7d-43c1-9529-5b0da4ae38da/en.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/x-javascript
content-length: 21683
cf-ray: 8757cdf9881f6343-LHR
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 19216
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC49BA2FD3B817
expires: Wed, 17 Apr 2024 23:02:43 GMT
last-modified: Thu, 21 Mar 2024 15:18:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: BoGdj5P/lT8EKHhzpiDNhA==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5f921e60-f01e-0049-01a3-7b7b68000000
x-ms-version: 2009-09-19
server: cloudflare
GET

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFlat.json

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /scripttemplates/202304.1.0/assets/otFlat.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/json
content-length: 3019
content-encoding: gzip
content-md5: VwzPf/atFGVLVHgPLKsA5g==
last-modified: Thu, 11 May 2023 06:31:08 GMT
etag: 0x8DB51E94E2F9DF3
x-ms-request-id: 05b754bb-f01e-0014-0b57-7971ec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 19530
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf9f87f6343-LHR
GET

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcTab.json

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /scripttemplates/202304.1.0/assets/v2/otPcTab.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/json
content-length: 13388
content-encoding: gzip
content-md5: WLEvjOoVH/zHes2RrTEcSA==
last-modified: Thu, 11 May 2023 06:31:10 GMT
etag: 0x8DB51E94FAFC79C
x-ms-request-id: 5d779736-101e-001c-7b4e-796be3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 22909
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf9f8806343-LHR
GET

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /scripttemplates/202304.1.0/assets/otCommonStyles.css HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: text/css
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
last-modified: Thu, 11 May 2023 06:31:18 GMT
x-ms-request-id: 066852bd-a01e-0044-1457-79b3bc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 18811
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdf9f8816343-LHR
content-encoding: gzip
GET

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

chrome.exe

Remote address:

104.19.177.52:443

Request

GET /logos/static/ot_guard_logo.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Mon, 15 Apr 2024 19:30:18 GMT
x-ms-request-id: b2b46e5c-e01e-0037-45c6-8feb2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 60181
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8757cdfa68c56343-LHR
content-encoding: gzip
GET

https://munchkin.marketo.net/munchkin.js

chrome.exe

Remote address:

104.68.89.134:443

Request

GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://guide.duo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 16 Apr 2024 23:02:43 GMT
Content-Length: 729
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
GET

https://munchkin.marketo.net/163/munchkin.js

chrome.exe

Remote address:

104.68.89.134:443

Request

GET /163/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://guide.duo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Thu, 25 Jul 2024 23:02:43 GMT
Date: Tue, 16 Apr 2024 23:02:43 GMT
Content-Length: 4741
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
DNS

stats.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

74.125.71.154

stats.g.doubleclick.net

IN A

74.125.71.155

stats.g.doubleclick.net

IN A

74.125.71.157

stats.g.doubleclick.net

IN A

74.125.71.156
DNS

stats.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

74.125.71.154

stats.g.doubleclick.net

IN A

74.125.71.155

stats.g.doubleclick.net

IN A

74.125.71.157

stats.g.doubleclick.net

IN A

74.125.71.156
DNS

geolocation.onetrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

geolocation.onetrust.com

IN A

Response

geolocation.onetrust.com

IN A

172.64.155.119

geolocation.onetrust.com

IN A

104.18.32.137
DNS

geolocation.onetrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

geolocation.onetrust.com

IN A

Response

geolocation.onetrust.com

IN A

172.64.155.119

geolocation.onetrust.com

IN A

104.18.32.137
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20141016-1&cid=483104690.1713308562&jid=702667749&gjid=2119718982&_gid=843472844.1713308562&_u=IGBAiEABBAAAAGAAI~&z=1662097513

chrome.exe

Remote address:

74.125.71.154:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20141016-1&cid=483104690.1713308562&jid=702667749&gjid=2119718982&_gid=843472844.1713308562&_u=IGBAiEABBAAAAGAAI~&z=1662097513 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://guide.duo.com
x-client-data: CICUywE=
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-216487544-4&cid=909880028.1713308564&jid=771985600&gjid=347083817&_gid=1852852552.1713308564&_u=IEBAAEAAAAAAACAAI~&z=1011448333

chrome.exe

Remote address:

74.125.71.154:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-216487544-4&cid=909880028.1713308564&jid=771985600&gjid=347083817&_gid=1852852552.1713308564&_u=IEBAAEAAAAAAACAAI~&z=1011448333 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://go.utah.edu
x-client-data: CICUywE=
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://go.utah.edu/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

chrome.exe

Remote address:

172.64.155.119:443

Request

GET /cookieconsentpub/v1/geo/location HTTP/2.0
host: geolocation.onetrust.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
accept: application/json
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 16 Apr 2024 23:02:43 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8757cdf89c7688a3-LHR
content-encoding: gzip
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
DNS

074-uqx-410.mktoresp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

074-uqx-410.mktoresp.com

IN A

Response

074-uqx-410.mktoresp.com

IN CNAME

mch-blackhole.mktoresp.com

mch-blackhole.mktoresp.com

IN A

199.15.214.243
DNS

074-uqx-410.mktoresp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

074-uqx-410.mktoresp.com

IN A

Response

074-uqx-410.mktoresp.com

IN CNAME

mch-blackhole.mktoresp.com

mch-blackhole.mktoresp.com

IN A

199.15.214.243
POST

https://074-uqx-410.mktoresp.com/webevents/visitWebPage?_mchNc=1713308562357&_mchCn=&_mchId=074-UQX-410&_mchTk=_mch-duo.com-1713308562357-83506&_mchHo=guide.duo.com&_mchPo=&_mchRu=%2Funiversal-prompt&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=%23duo-mobile-passcode&_mchRe=&_mchQp=

chrome.exe

Remote address:

199.15.214.243:443

Request

POST /webevents/visitWebPage?_mchNc=1713308562357&_mchCn=&_mchId=074-UQX-410&_mchTk=_mch-duo.com-1713308562357-83506&_mchHo=guide.duo.com&_mchPo=&_mchRu=%2Funiversal-prompt&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=%23duo-mobile-passcode&_mchRe=&_mchQp= HTTP/1.1
Host: 074-uqx-410.mktoresp.com
Connection: keep-alive
Content-Length: 0
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://guide.duo.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://guide.duo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 200 OK

Server: BigIP
Connection: Keep-Alive
Content-Length: 43
DNS

pipedream.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pipedream.wistia.com

IN A

Response

pipedream.wistia.com

IN CNAME

d36ufq1ap5wy15.cloudfront.net

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.21

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.9

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.124

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.18
DNS

pipedream.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pipedream.wistia.com

IN A

Response

pipedream.wistia.com

IN CNAME

d36ufq1ap5wy15.cloudfront.net

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.9

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.124

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.21

d36ufq1ap5wy15.cloudfront.net

IN A

18.172.89.18
POST

https://pipedream.wistia.com/mput?topic=metrics

chrome.exe

Remote address:

18.172.89.21:443

Request

POST /mput?topic=metrics HTTP/2.0
host: pipedream.wistia.com
content-length: 1071
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
content-length: 2
date: Tue, 16 Apr 2024 23:02:43 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 5ae81f496dd607ce72c6dfb1436e1ebe.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 76iWcj3wcUFZeoKbFpuJMQbCt6w_rr54CcC4PBKPj2VrKWYZNEHFEQ==
POST

https://pipedream.wistia.com/mput?topic=metrics

chrome.exe

Remote address:

18.172.89.21:443

Request

POST /mput?topic=metrics HTTP/2.0
host: pipedream.wistia.com
content-length: 2303
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
content-length: 2
date: Tue, 16 Apr 2024 23:02:47 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
server: envoy
x-cache: Miss from cloudfront
via: 1.1 5ae81f496dd607ce72c6dfb1436e1ebe.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 3No3Qnp0YucmQiuvaCcL4bOLp8IcWJAJWRg46w74n9PXYxh-rGD-TQ==
DNS

tags.tiqcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tags.tiqcdn.com

IN A

Response

tags.tiqcdn.com

IN CNAME

dzfq4ouujrxm8.cloudfront.net

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.52

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.83

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.71

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.17
DNS

tags.tiqcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tags.tiqcdn.com

IN A

Response

tags.tiqcdn.com

IN CNAME

dzfq4ouujrxm8.cloudfront.net

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.52

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.17

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.71

dzfq4ouujrxm8.cloudfront.net

IN A

13.224.81.83
GET

https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js

chrome.exe

Remote address:

13.224.81.52:443

Request

GET /utag/cisco/duo/prod/utag.js HTTP/2.0
host: tags.tiqcdn.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Tue, 09 Apr 2024 14:36:31 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ZJZkrZfI0FQjxLJtSDjzFOacD6ZEi1Na
server: AmazonS3
content-encoding: br
date: Tue, 16 Apr 2024 23:01:39 GMT
etag: W/"5125977900590766567ef078af7ecb41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c996c0f9ea69710e9375626fc26804fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-amz-cf-id: 7YkwnoxCSPa7wUHN4FNVyhz8gg65DYFz1ZjLVXwiGfHqdJyA3PoogA==
age: 273
cache-control: max-age=300
GET

https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cisco/duo/202404091428&cb=1713308563371

chrome.exe

Remote address:

13.224.81.52:443

Request

GET /utag/tiqapp/utag.v.js?a=cisco/duo/202404091428&cb=1713308563371 HTTP/2.0
host: tags.tiqcdn.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 22:56:31 GMT
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c996c0f9ea69710e9375626fc26804fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-amz-cf-id: M9wFPJ3VfxIP0XvQDFpNfI8_A2njIpZ49urYLnqDdKWZE0edxhtiWg==
age: 374
cache-control: max-age=300
DNS

s.go-mpulse.net

chrome.exe

Remote address:

8.8.8.8:53

Request

s.go-mpulse.net

IN A

Response

s.go-mpulse.net

IN CNAME

ip46.go-mpulse.net.edgekey.net

ip46.go-mpulse.net.edgekey.net

IN CNAME

e4518.dscx.akamaiedge.net

e4518.dscx.akamaiedge.net

IN A

23.55.96.141
DNS

s.go-mpulse.net

chrome.exe

Remote address:

8.8.8.8:53

Request

s.go-mpulse.net

IN A

Response

s.go-mpulse.net

IN CNAME

ip46.go-mpulse.net.edgekey.net

ip46.go-mpulse.net.edgekey.net

IN CNAME

e4518.dscx.akamaiedge.net

e4518.dscx.akamaiedge.net

IN A

23.55.96.141
DNS

238.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.179.250.142.in-addr.arpa

IN PTR

Response

238.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f141e100net
DNS

52.177.19.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.177.19.104.in-addr.arpa

IN PTR

Response
DNS

154.71.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.71.125.74.in-addr.arpa

IN PTR

Response

154.71.125.74.in-addr.arpa

IN PTR

wn-in-f1541e100net
DNS

134.89.68.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.89.68.104.in-addr.arpa

IN PTR

Response

134.89.68.104.in-addr.arpa

IN PTR

a104-68-89-134deploystaticakamaitechnologiescom
DNS

134.89.68.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.89.68.104.in-addr.arpa

IN PTR

Response

134.89.68.104.in-addr.arpa

IN PTR

a104-68-89-134deploystaticakamaitechnologiescom
DNS

119.155.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

119.155.64.172.in-addr.arpa

IN PTR

Response
DNS

4.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.178.250.142.in-addr.arpa

IN PTR

Response

4.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f41e100net
DNS

21.89.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.89.172.18.in-addr.arpa

IN PTR

Response

21.89.172.18.in-addr.arpa

IN PTR

server-18-172-89-21man51r cloudfrontnet
DNS

243.214.15.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

243.214.15.199.in-addr.arpa

IN PTR

Response
DNS

243.214.15.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

243.214.15.199.in-addr.arpa

IN PTR

Response
DNS

52.81.224.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.81.224.13.in-addr.arpa

IN PTR

Response

52.81.224.13.in-addr.arpa

IN PTR

server-13-224-81-52man50r cloudfrontnet
GET

https://s.go-mpulse.net/boomerang/GKZXC-NS3SU-A7VFH-HKBHM-U7LKH

chrome.exe

Remote address:

23.55.96.141:443

Request

GET /boomerang/GKZXC-NS3SU-A7VFH-HKBHM-U7LKH HTTP/2.0
host: s.go-mpulse.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.cisco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Wed, 27 Mar 2024 08:16:25 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 50742
date: Tue, 16 Apr 2024 23:02:43 GMT
POST

https://02179910.akstat.io/

chrome.exe

Remote address:

23.55.96.141:443

Request

POST / HTTP/2.0
host: 02179910.akstat.io
content-length: 3540
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://www.cisco.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.cisco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.cisco.com
x-xss-protection: 0
access-control-allow-credentials: true
timing-allow-origin: *
content-type: image/gif
expires: Tue, 16 Apr 2024 23:02:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 23:02:44 GMT
alt-svc: h3=":443"; ma=93600
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

172.217.169.10

content-autofill.googleapis.com

IN A

216.58.212.234

content-autofill.googleapis.com

IN A

172.217.169.74

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

142.250.180.10
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

172.217.169.10

content-autofill.googleapis.com

IN A

216.58.212.234

content-autofill.googleapis.com

IN A

172.217.169.74

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

142.250.180.10
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAnm5qRa2TNMchIFDaWTNiQ=?alt=proto

chrome.exe

Remote address:

142.250.187.202:443

Request

GET /v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAnm5qRa2TNMchIFDaWTNiQ=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CICUywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSFwlMkc26iT3tyxIFDeeNQA4SBQ3OQUx6?alt=proto

chrome.exe

Remote address:

142.250.187.202:443

Request

GET /v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSFwlMkc26iT3tyxIFDeeNQA4SBQ3OQUx6?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CICUywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

c.go-mpulse.net

chrome.exe

Remote address:

8.8.8.8:53

Request

c.go-mpulse.net

IN A

Response

c.go-mpulse.net

IN CNAME

wildcard46.go-mpulse.net.edgekey.net

wildcard46.go-mpulse.net.edgekey.net

IN CNAME

e4518.dscapi7.akamaiedge.net

e4518.dscapi7.akamaiedge.net

IN A

72.246.172.149
DNS

c.go-mpulse.net

chrome.exe

Remote address:

8.8.8.8:53

Request

c.go-mpulse.net

IN A

Response

c.go-mpulse.net

IN CNAME

wildcard46.go-mpulse.net.edgekey.net

wildcard46.go-mpulse.net.edgekey.net

IN CNAME

e4518.dscapi7.akamaiedge.net

e4518.dscapi7.akamaiedge.net

IN A

72.246.172.149
GET

https://c.go-mpulse.net/api/config.json?key=GKZXC-NS3SU-A7VFH-HKBHM-U7LKH&d=www.cisco.com&t=5711029&v=1.737.0&sl=0&si=7631b4ad-d61d-4af7-a61e-f5d6acd8e498-sc25cj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=271834

chrome.exe

Remote address:

72.246.172.149:443

Request

GET /api/config.json?key=GKZXC-NS3SU-A7VFH-HKBHM-U7LKH&d=www.cisco.com&t=5711029&v=1.737.0&sl=0&si=7631b4ad-d61d-4af7-a61e-f5d6acd8e498-sc25cj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=271834 HTTP/2.0
host: c.go-mpulse.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.cisco.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.cisco.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 16 Apr 2024 23:02:44 GMT
content-length: 1001
alt-svc: h3=":443"; ma=93600
content-type: application/json
GET

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /assets/external/playPauseLoadingControl.js HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
origin: https://guide.duo.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET, HEAD
last-modified: Tue, 16 Apr 2024 15:26:39 GMT
etag: "054f6647c2b3166c5479ecec2e1cdb23"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 23:02:44 GMT
age: 2067
x-served-by: cache-iad-kiad7000029-IAD, cache-lcy-eglc8600070-LCY
x-cache: HIT, HIT
x-cache-hits: 12, 57
x-timer: S1713308564.331780,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
asset-version: fa99d54708370281794f72e3586ef5977a90a618
content-length: 21596
GET

https://fast.wistia.com/assets/external/engines/hls_video.js

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /assets/external/engines/hls_video.js HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
origin: https://guide.duo.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET, HEAD
last-modified: Tue, 16 Apr 2024 15:26:39 GMT
etag: "eb7dd49fb6d9bc27920e7403bf0de676"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 23:02:45 GMT
age: 2067
x-served-by: cache-iad-kcgs7200057-IAD, cache-lcy-eglc8600070-LCY
x-cache: HIT, HIT
x-cache-hits: 37, 31
x-timer: S1713308565.248914,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
asset-version: fa99d54708370281794f72e3586ef5977a90a618
content-length: 118197
GET

https://fast.wistia.com/embed/medias/d6kzpc5ojl.m3u8

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /embed/medias/d6kzpc5ojl.m3u8 HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"9e4e678c8b170610c4cd183fc8d2bc75"
x-request-id: 6e99ca20-3778-4320-a48e-3666ff307fed
x-runtime: 0.031393
x-envoy-upstream-service-time: 32
via: 1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: 3J5pzFC8Lo_EsyHZ_4lbIKACbM0c44md8h9eF_P0xpQckeF4TbvJSA==
accept-ranges: bytes
age: 14190
date: Tue, 16 Apr 2024 23:02:45 GMT
x-served-by: cache-iad-kjyo7100053-IAD, cache-lcy-eglc8600070-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 12670, 0
x-timer: S1713308565.402543,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
content-length: 1113
GET

https://fast.wistia.com/assets/images/blank.gif

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /assets/images/blank.gif HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
origin: https://guide.duo.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 23:02:45 GMT
age: 3211
x-served-by: cache-iad-kcgs7200077-IAD, cache-lcy-eglc8600070-LCY
x-cache: HIT, HIT
x-cache-hits: 828710, 87
x-timer: S1713308565.407444,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
content-length: 1214
GET

https://fast.wistia.com/assets/external/allIntegrations.js

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /assets/external/allIntegrations.js HTTP/2.0
host: fast.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
origin: https://guide.duo.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET, HEAD
last-modified: Tue, 16 Apr 2024 15:26:39 GMT
etag: "4d5cbf7cb285a542334e7de7bc37ed93"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 23:02:46 GMT
age: 2069
x-served-by: cache-iad-kiad7000169-IAD, cache-lcy-eglc8600070-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 38
x-timer: S1713308566.226254,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 110
asset-version: fa99d54708370281794f72e3586ef5977a90a618
content-length: 5773
DNS

embed-ssl.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

embed-ssl.wistia.com

IN A

Response

embed-ssl.wistia.com

IN CNAME

d1p8wauaa7285.cloudfront.net

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.118

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.104

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.94

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.8
DNS

embed-ssl.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

embed-ssl.wistia.com

IN A

Response

embed-ssl.wistia.com

IN CNAME

d1p8wauaa7285.cloudfront.net

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.118

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.104

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.94

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.8
DNS

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

chrome.exe

Remote address:

8.8.8.8:53

Request

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

IN A

Response

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

IN CNAME

x5s5cjyxg5qqkzq7aojq-f-950e85879.ipv4-only.cname.clienttons.com

x5s5cjyxg5qqkzq7aojq-f-950e85879.ipv4-only.cname.clienttons.com

IN CNAME

a248.b.akamai.net

a248.b.akamai.net

IN A

23.14.90.83

a248.b.akamai.net

IN A

23.14.90.98
DNS

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

chrome.exe

Remote address:

8.8.8.8:53

Request

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

IN A

Response

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

IN CNAME

x5s5cjyxg5qqkzq7aojq-f-950e85879.ipv4-only.cname.clienttons.com

x5s5cjyxg5qqkzq7aojq-f-950e85879.ipv4-only.cname.clienttons.com

IN CNAME

a248.b.akamai.net

a248.b.akamai.net

IN A

23.14.90.98

a248.b.akamai.net

IN A

23.14.90.83
GET

https://embed-ssl.wistia.com/deliveries/526c02cd75cde05326fa327e5b700a7ab9214ec9.webp?image_crop_resized=1280x720

chrome.exe

Remote address:

13.224.81.118:443

Request

GET /deliveries/526c02cd75cde05326fa327e5b700a7ab9214ec9.webp?image_crop_resized=1280x720 HTTP/2.0
host: embed-ssl.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
accept-ranges: none
access-control-request-method: *
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: 526c02cd75cde05326fa327e5b700a7ab9214ec9
etag: is3MgHoTH8OGgN2UlL3RvVlWUto=
last-modified: Fri, 26 May 2017 19:52:51 UTC
surrogate-key: 526c02cd75cde05326fa327e5b700a7ab9214ec9 thumbnail-delivery
date: Sun, 14 Apr 2024 16:12:19 GMT
x-envoy-upstream-service-time: 202
server: envoy
x-cache: Hit from cloudfront
via: 1.1 60ee0252498f6c35dfedb3d926a6fd30.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-amz-cf-id: NBj0wxcilvsdYn0Emn5FOBVGP0N0hVJvi3Q80MTwnFUI2Z8792cFPA==
age: 197425
x-cdn: cloudfront
vary: Origin
DNS

02179910.akstat.io

chrome.exe

Remote address:

8.8.8.8:53

Request

02179910.akstat.io

IN A

Response

02179910.akstat.io

IN CNAME

wildcard46.akstat.io.edgekey.net

wildcard46.akstat.io.edgekey.net

IN CNAME

e4518.dscx.akamaiedge.net

e4518.dscx.akamaiedge.net

IN A

23.55.96.141
DNS

02179910.akstat.io

chrome.exe

Remote address:

8.8.8.8:53

Request

02179910.akstat.io

IN A

Response

02179910.akstat.io

IN CNAME

wildcard46.akstat.io.edgekey.net

wildcard46.akstat.io.edgekey.net

IN CNAME

e4518.dscx.akamaiedge.net

e4518.dscx.akamaiedge.net

IN A

23.55.96.141
DNS

141.96.55.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

141.96.55.23.in-addr.arpa

IN PTR

Response

141.96.55.23.in-addr.arpa

IN PTR

a23-55-96-141deploystaticakamaitechnologiescom
DNS

202.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.187.250.142.in-addr.arpa

IN PTR

Response

202.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f101e100net
DNS

149.172.246.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.172.246.72.in-addr.arpa

IN PTR

Response

149.172.246.72.in-addr.arpa

IN PTR

a72-246-172-149deploystaticakamaitechnologiescom
DNS

118.81.224.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

118.81.224.13.in-addr.arpa

IN PTR

Response

118.81.224.13.in-addr.arpa

IN PTR

server-13-224-81-118man50r cloudfrontnet
DNS

uofu.service-now.com

chrome.exe

Remote address:

8.8.8.8:53

Request

uofu.service-now.com

IN A

Response

uofu.service-now.com

IN A

149.96.34.88
DNS

uofu.service-now.com

chrome.exe

Remote address:

8.8.8.8:53

Request

uofu.service-now.com

IN A

Response

uofu.service-now.com

IN A

149.96.34.88
GET

https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:45 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
Set-Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; Path=/; HttpOnly; secure; SameSite=None
Server-Timing: sem_wait;dur=0, sesh_wait;dur=0
Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com
Set-Cookie: glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; Max-Age=2147483647; Expires=Mon, 05-May-2092 02:16:52 GMT; Path=/; HttpOnly; secure; SameSite=None
X-Is-Logged-In: false
X-Transaction-ID: a9919e6a3532
Pragma: no-store,no-cache
Cache-Control: no-cache,no-store,must-revalidate,max-age=-1
Expires: 0
Referrer-Policy: same-origin
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/styles/scss/sp-bootstrap-basic.scss?portal_id=f30897504ff126008446f5a18110c72d&theme_id=ea385b504ff126008446f5a18110c7f1&v=2a75486a93a90210b8a878fdfaba1028

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /styles/scss/sp-bootstrap-basic.scss?portal_id=f30897504ff126008446f5a18110c72d&theme_id=ea385b504ff126008446f5a18110c7f1&v=2a75486a93a90210b8a878fdfaba1028 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:46 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:46 GMT
Cache-Control: public
ETag: 0a2bb9f9cc08ccee9188fb064d602048
Last-Modified: Tue, 16 Apr 2024 22:58:55 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/thirdparty/dompurify/purify.min.js?sysparm_substitute=false

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/thirdparty/dompurify/purify.min.js?sysparm_substitute=false HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:46 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:46 GMT
Cache-Control: public
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/dist/sp_min.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/dist/sp_min.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:46 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:46 GMT
Cache-Control: public
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
POST

https://uofu.service-now.com/angular.do?sysparm_type=message

chrome.exe

Remote address:

149.96.34.88:443

Request

POST /angular.do?sysparm_type=message HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
Content-Length: 252
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-Transaction-Source: Interface=Web,Interface-Name=IT,Interface-Type=Service Portal,Interface-SysID=f30897504ff126008446f5a18110c72d
X-UserToken: e5919e6a93e18210b8a878fdfaba1035b4712874b3a5fe039b4545b303ff15ccbf6b3cfc
X-Use-Polaris: false
sec-ch-ua-platform: "Windows"
Origin: https://uofu.service-now.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:48 GMT
Content-Type: application/json
Content-Length: 190
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
Server-Timing: wall;dur=6, sem_wait;dur=0, sesh_wait;dur=0, app_cpu;dur=0, db;dur=0, acl;dur=0, br;dur=null, ui_action;dur=0, cache_build;dur=0, scripting;dur=0
X-Frame-Options: SAMEORIGIN
X-Is-Logged-In: false
X-Transaction-ID: d69192e61032
Edge-content-type: application/json
Content-Encoding: gzip
Cache-Control: no-cache
X-TRANSACTION-TIME-MS: 6
X-TRANSACTION-TIME: 0:00:00.006
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/doctype/xperf_timing.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/doctype/xperf_timing.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 515
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:49 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/styles/css_includes_doctype_polaris.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /styles/css_includes_doctype_polaris.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:49 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/polaris_theme_refresh_observer.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/polaris_theme_refresh_observer.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 689
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:49 GMT
Cache-Control: public
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=01-30-2024_1048&lp=Tue_Apr_02_12_04_13_PDT_2024&c=32_1188

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/doctype/js_includes_doctype.jsx?v=01-30-2024_1048&lp=Tue_Apr_02_12_04_13_PDT_2024&c=32_1188 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:49 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/app.guided_tours/js_guided_tours_includes.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:50 GMT
Cache-Control: public
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/heisenberg/heisenberg_all.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/heisenberg/heisenberg_all.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:50 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/transaction_scope_includes.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/transaction_scope_includes.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:50 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 416
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:50 GMT
Cache-Control: public
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/amb-client-js/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/amb-client-js/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: 3b6d8be0bb84a4590a3f8f8242e5f21e
Last-Modified: Tue, 30 Jan 2024 18:54:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/@servicenow/ui-mega/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/@servicenow/ui-mega/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: b5c699429300afeaf19848e85d9c3dcf
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/polaris-app-shell/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/polaris-app-shell/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: 655966e246b147b5cee20405b3ca134e
Last-Modified: Mon, 16 Oct 2023 14:15:38 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/@devsnc/sn-layout/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/@devsnc/sn-layout/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:52 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 6175
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:52 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: bce2be8b342f012fce58f55e5f2efed2
Last-Modified: Wed, 12 Oct 2022 14:52:58 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
DNS

embed-cloudfront.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

embed-cloudfront.wistia.com

IN A

Response

embed-cloudfront.wistia.com

IN CNAME

d1p8wauaa7285.cloudfront.net

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.94

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.8

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.104

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.118
DNS

embed-cloudfront.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

embed-cloudfront.wistia.com

IN A

Response

embed-cloudfront.wistia.com

IN CNAME

d1p8wauaa7285.cloudfront.net

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.94

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.8

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.104

d1p8wauaa7285.cloudfront.net

IN A

13.224.81.118
GET

https://embed-cloudfront.wistia.com/deliveries/904ed31bcc15547d211671c136199625eb30041a.m3u8

chrome.exe

Remote address:

13.224.81.94:443

Request

GET /deliveries/904ed31bcc15547d211671c136199625eb30041a.m3u8 HTTP/2.0
host: embed-cloudfront.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/vnd.apple.mpegurl
content-length: 1195
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 904ed31bcc15547d211671c136199625eb30041a-hls-segment
surrogate-key: 904ed31bcc15547d211671c136199625eb30041a-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 79
date: Mon, 15 Apr 2024 09:56:03 GMT
expires: Tue, 15 Apr 2025 09:56:03 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c70181aba2580b213b789700a991f230.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-amz-cf-id: zHyfvY8h1jEvmJv0cN0fOb7PpxPc7-9QTq410uH10_VORb3Qe-G8Mw==
age: 133602
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
GET

https://embed-cloudfront.wistia.com/deliveries/904ed31bcc15547d211671c136199625eb30041a.m3u8/seg-1-v1-a1.ts

chrome.exe

Remote address:

13.224.81.94:443

Request

GET /deliveries/904ed31bcc15547d211671c136199625eb30041a.m3u8/seg-1-v1-a1.ts HTTP/2.0
host: embed-cloudfront.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: video/MP2T
content-length: 2918136
server: envoy
date: Wed, 10 Apr 2024 15:06:17 GMT
expires: Thu, 10 Apr 2025 15:06:17 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 904ed31bcc15547d211671c136199625eb30041a-hls-segment
surrogate-key: 904ed31bcc15547d211671c136199625eb30041a-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 200
x-cache: Hit from cloudfront
via: 1.1 c70181aba2580b213b789700a991f230.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-amz-cf-id: OLFEM7me8Jl5j4tKuu4USNmLE6TcFT8id4NXNjAgtzOIM7F-lNtj4w==
age: 546993
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
GET

https://embed-cloudfront.wistia.com/deliveries/7261106fadb99eb7578486f8092159c802728148.m3u8

chrome.exe

Remote address:

13.224.81.94:443

Request

GET /deliveries/7261106fadb99eb7578486f8092159c802728148.m3u8 HTTP/2.0
host: embed-cloudfront.wistia.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/vnd.apple.mpegurl
content-length: 1195
server: envoy
date: Thu, 11 Apr 2024 13:11:38 GMT
expires: Fri, 11 Apr 2025 13:11:38 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 7261106fadb99eb7578486f8092159c802728148-hls-segment
surrogate-key: 7261106fadb99eb7578486f8092159c802728148-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 60
x-cache: Hit from cloudfront
via: 1.1 c70181aba2580b213b789700a991f230.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-amz-cf-id: 5spN2PSxhE7cuBv_8L4yE8Ey8ac1AoViBm0MKu1_nskxBiT9AmsruA==
age: 467472
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
DNS

8.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.169.217.172.in-addr.arpa

IN PTR

Response

8.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f81e100net
DNS

8.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.169.217.172.in-addr.arpa

IN PTR

Response

8.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f81e100net
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

88.34.96.149.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.34.96.149.in-addr.arpa

IN PTR

Response

88.34.96.149.in-addr.arpa

IN PTR

vip-149-96-34-88custservice-nowcom
DNS

88.34.96.149.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.34.96.149.in-addr.arpa

IN PTR

Response

88.34.96.149.in-addr.arpa

IN PTR

vip-149-96-34-88custservice-nowcom
GET

https://uofu.service-now.com/api/now/sp/page?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Subscribe+to+NotifyIT&utm_id=40489&sfmc_id=1095754&time=1713308566200&portal_id=f30897504ff126008446f5a18110c72d&request_uri=%2Fit%2F%3Fid%3Duu_kb_article%26sys_id%3D2aa628af6f5e95009c4b52a03f3ee4df%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D2022-01-13%2520DG%2520Node%25204%2520test%2520v2%26utm_term%3DSubscribe%2520to%2520NotifyIT%26utm_id%3D40489%26sfmc_id%3D1095754

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /api/now/sp/page?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Subscribe+to+NotifyIT&utm_id=40489&sfmc_id=1095754&time=1713308566200&portal_id=f30897504ff126008446f5a18110c72d&request_uri=%2Fit%2F%3Fid%3Duu_kb_article%26sys_id%3D2aa628af6f5e95009c4b52a03f3ee4df%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D2022-01-13%2520DG%2520Node%25204%2520test%2520v2%26utm_term%3DSubscribe%2520to%2520NotifyIT%26utm_id%3D40489%26sfmc_id%3D1095754 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: application/json
X-Transaction-Source: Interface=Web,Interface-Name=IT,Interface-Type=Service Portal,Interface-SysID=f30897504ff126008446f5a18110c72d
X-UserToken: e5919e6a93e18210b8a878fdfaba1035b4712874b3a5fe039b4545b303ff15ccbf6b3cfc
X-Requested-With: XMLHttpRequest
x-portal: f30897504ff126008446f5a18110c72d
X-Use-Polaris: false
sec-ch-ua-platform: "Windows"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:47 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
Server-Timing: sem_wait;dur=0, sesh_wait;dur=0
Content-Encoding: gzip
X-Is-Logged-In: false
X-Transaction-ID: 0691d6a60a32
Pragma: no-store,no-cache
Cache-Control: no-cache,no-store,must-revalidate,max-age=-1
Expires: 0
Strict-Transport-Security: max-age=63072000; includeSubDomains
POST

https://uofu.service-now.com/api/now/sp/rectangle/b8866544cb11120000f8d856634c9c5d?id=uu_kb_article&sfmc_id=1095754&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_id=40489&utm_medium=email&utm_source=sfmc&utm_term=Subscribe+to+NotifyIT

chrome.exe

Remote address:

149.96.34.88:443

Request

POST /api/now/sp/rectangle/b8866544cb11120000f8d856634c9c5d?id=uu_kb_article&sfmc_id=1095754&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_id=40489&utm_medium=email&utm_source=sfmc&utm_term=Subscribe+to+NotifyIT HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
Content-Length: 284
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json
X-Transaction-Source: Interface=Web,Interface-Name=IT,Interface-Type=Service Portal,Interface-SysID=f30897504ff126008446f5a18110c72d
X-UserToken: e5919e6a93e18210b8a878fdfaba1035b4712874b3a5fe039b4545b303ff15ccbf6b3cfc
x-portal: f30897504ff126008446f5a18110c72d
X-Use-Polaris: false
sec-ch-ua-platform: "Windows"
Origin: https://uofu.service-now.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/it?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 201 Created

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:48 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
Server-Timing: sem_wait;dur=0, sesh_wait;dur=0
Content-Encoding: gzip
X-Is-Logged-In: false
X-Transaction-ID: 1a91562aee32
Pragma: no-store,no-cache
Cache-Control: no-cache,no-store,must-revalidate,max-age=-1
Expires: 0
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/login_with_sso.do?glide_sso_id=76a1c6eb2b779a00140cd11417da15e0

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /login_with_sso.do?glide_sso_id=76a1c6eb2b779a00140cd11417da15e0 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://uofu.service-now.com/it?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 302 Found

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:48 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
Server-Timing: sem_wait;dur=0, sesh_wait;dur=0
Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com
X-Is-Logged-In: false
X-Transaction-ID: a6915e6a0b32
Location: /auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Referer: https://uofu.service-now.com/it?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
Server-Timing: sem_wait;dur=0, sesh_wait;dur=0
Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com
X-Is-Logged-In: false
X-Transaction-ID: 2291522ad032
Pragma: no-store,no-cache
Cache-Control: no-cache,no-store,must-revalidate,max-age=-1
Expires: 0
Referrer-Policy: same-origin
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/service-worker/loader.jsdbx?uxpcb=1713256350304&sysparm_substitute=false

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/service-worker/loader.jsdbx?uxpcb=1713256350304&sysparm_substitute=false HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1477
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:49 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: 016eafb60067bcd51884c814042b9043
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /styles/polarisberg/css_includes_polarisberg.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:49 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:49 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/doctype/history_across_tabs.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/doctype/history_across_tabs.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:50 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 310
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:50 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/styles/now_icons/now-icons.woff?5ec864d1664b12d911cb28ddd1bad3f3

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /styles/now_icons/now-icons.woff?5ec864d1664b12d911cb28ddd1bad3f3 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
Origin: https://uofu.service-now.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://uofu.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:50 GMT
Content-Type: application/font-woff;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:50 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/js_includes_list_edit_doctype.jsx?v=01-30-2024_1048&lp=Tue_Apr_02_12_04_13_PDT_2024&c=32_1188

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/js_includes_list_edit_doctype.jsx?v=01-30-2024_1048&lp=Tue_Apr_02_12_04_13_PDT_2024&c=32_1188 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:50 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/scripts/doctype/z_last_include.jsx?v=01-30-2024_1048

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /scripts/doctype/z_last_include.jsx?v=01-30-2024_1048 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 589
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public
Last-Modified: Tue, 30 Jan 2024 18:54:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/@devsnc/library-uxf/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/@devsnc/library-uxf/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: 384c063a20d5355991f8ff99639e13a5
Last-Modified: Tue, 16 Apr 2024 08:33:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/sn-canvas-core-addon/latest/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/sn-canvas-core-addon/latest/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:52 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:52 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: 6fa3a40f6ce69e5e471598ef400af559
Last-Modified: Thu, 05 Oct 2023 13:13:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/snd_ui16_developer_patch.jsdbx?_=1713308569445

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /snd_ui16_developer_patch.jsdbx?_=1713308569445 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
X-Transaction-Source: Interface=Web,Interface-Type=Classic Environment,Interface-Name=Unified Navigation App
X-UserToken: e5919e6a93e18210b8a878fdfaba1035b4712874b3a5fe039b4545b303ff15ccbf6b3cfc
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Windows"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 6556
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public
Last-Modified: Tue, 16 Apr 2024 23:02:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/nds-megabundle/bundled-assets.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/nds-megabundle/bundled-assets.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: 17369f7d4a36fddfa5301a684fb8e757
Last-Modified: Mon, 16 Oct 2023 15:29:43 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
DNS

distillery.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

distillery.wistia.com

IN A

Response

distillery.wistia.com

IN CNAME

d2rpa84eq2akk3.cloudfront.net

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.69

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.100

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.22

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.80
DNS

distillery.wistia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

distillery.wistia.com

IN A

Response

distillery.wistia.com

IN CNAME

d2rpa84eq2akk3.cloudfront.net

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.80

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.22

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.100

d2rpa84eq2akk3.cloudfront.net

IN A

18.172.89.69
POST

https://distillery.wistia.com/x

chrome.exe

Remote address:

18.172.89.69:443

Request

POST /x HTTP/2.0
host: distillery.wistia.com
content-length: 1804
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://guide.duo.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://guide.duo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Tue, 16 Apr 2024 23:02:46 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 3
x-cache: Miss from cloudfront
via: 1.1 60c559b8bc9c5fb751043cfb74bd1656.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: GleRO_4AiHVRVpjNhpAuMLOV5WYwotppND0Q0r8ME1IW-1Q_ab-kYw==
DNS

94.81.224.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

94.81.224.13.in-addr.arpa

IN PTR

Response

94.81.224.13.in-addr.arpa

IN PTR

server-13-224-81-94man50r cloudfrontnet
DNS

94.81.224.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

94.81.224.13.in-addr.arpa

IN PTR

Response

94.81.224.13.in-addr.arpa

IN PTR

server-13-224-81-94man50r cloudfrontnet
DNS

69.89.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.89.172.18.in-addr.arpa

IN PTR

Response

69.89.172.18.in-addr.arpa

IN PTR

server-18-172-89-69man51r cloudfrontnet
DNS

69.89.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.89.172.18.in-addr.arpa

IN PTR

Response

69.89.172.18.in-addr.arpa

IN PTR

server-18-172-89-69man51r cloudfrontnet
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

templates.utah.edu

chrome.exe

Remote address:

8.8.8.8:53

Request

templates.utah.edu

IN A

Response

templates.utah.edu

IN A

155.98.186.99
DNS

templates.utah.edu

chrome.exe

Remote address:

8.8.8.8:53

Request

templates.utah.edu

IN A

Response

templates.utah.edu

IN A

155.98.186.99
DNS

incommon2.sso.utah.edu

chrome.exe

Remote address:

8.8.8.8:53

Request

incommon2.sso.utah.edu

IN A

Response

incommon2.sso.utah.edu

IN A

155.98.185.163
DNS

incommon2.sso.utah.edu

chrome.exe

Remote address:

8.8.8.8:53

Request

incommon2.sso.utah.edu

IN A

Response

incommon2.sso.utah.edu

IN A

155.98.185.163
GET

https://incommon2.sso.utah.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=lVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%2FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%2BsuDFFkuB%2B%2BCU65jyZoIfTDObpyl2KNv0J%2BMwq%2F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%2FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%2FiJnMhSzvs%2FsPs%2B8sqa%2BJfDRWG%2FtyO77nC4jk58OhTuun5jARnIxG%2Fzii%2FyO5b%2BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%2Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%2BOoq%2B%2FdnXf0G&RelayState=https%3A%2F%2Fuofu.service-now.com%2Fit%3Fid%3Duu_kb_article%26sys_id%3D2aa628af6f5e95009c4b52a03f3ee4df%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D2022-01-13%2520DG%2520Node%25204%2520test%2520v2%26utm_term%3DSubscribe%2520to%2520NotifyIT%26utm_id%3D40489%26sfmc_id%3D1095754

chrome.exe

Remote address:

155.98.185.163:443

Request

GET /idp/profile/SAML2/Redirect/SSO?SAMLRequest=lVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%2FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%2BsuDFFkuB%2B%2BCU65jyZoIfTDObpyl2KNv0J%2BMwq%2F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%2FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%2FiJnMhSzvs%2FsPs%2B8sqa%2BJfDRWG%2FtyO77nC4jk58OhTuun5jARnIxG%2Fzii%2FyO5b%2BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%2Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%2BOoq%2B%2FdnXf0G&RelayState=https%3A%2F%2Fuofu.service-now.com%2Fit%3Fid%3Duu_kb_article%26sys_id%3D2aa628af6f5e95009c4b52a03f3ee4df%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D2022-01-13%2520DG%2520Node%25204%2520test%2520v2%26utm_term%3DSubscribe%2520to%2520NotifyIT%26utm_id%3D40489%26sfmc_id%3D1095754 HTTP/1.1
Host: incommon2.sso.utah.edu
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _ga=GA1.2.909880028.1713308564; _gid=GA1.2.1852852552.1713308564; _gat=1; _ga_RRZG2G96EG=GS1.2.1713308563.1.0.1713308563.0.0.0

Response

HTTP/1.1 302

Cache-Control: no-store
Expires:
Set-Cookie: JSESSIONID=77D0E8BE3E90F7052DD271C690F92A7F; Path=/idp; Secure; HttpOnly
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0
Content-Security-Policy: frame-ancestors 'none';
Location: /idp/profile/SAML2/Redirect/SSO?execution=e1s1
Content-Length: 0
Date: Tue, 16 Apr 2024 23:02:50 GMT
Keep-Alive: timeout=60
Connection: keep-alive
GET

https://incommon2.sso.utah.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1

chrome.exe

Remote address:

155.98.185.163:443

Request

GET /idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP/1.1
Host: incommon2.sso.utah.edu
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=77D0E8BE3E90F7052DD271C690F92A7F; _ga=GA1.2.909880028.1713308564; _gid=GA1.2.1852852552.1713308564; _gat=1; _ga_RRZG2G96EG=GS1.2.1713308563.1.0.1713308563.0.0.0

Response

HTTP/1.1 302

Cache-Control: no-store
Expires:
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0
Content-Security-Policy: frame-ancestors 'none';
Location: /idp/Authn/External?conversation=e1s1
Content-Length: 0
Date: Tue, 16 Apr 2024 23:02:50 GMT
Keep-Alive: timeout=60
Connection: keep-alive
GET

https://incommon2.sso.utah.edu/idp/Authn/External?conversation=e1s1

chrome.exe

Remote address:

155.98.185.163:443

Request

GET /idp/Authn/External?conversation=e1s1 HTTP/1.1
Host: incommon2.sso.utah.edu
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=77D0E8BE3E90F7052DD271C690F92A7F; _ga=GA1.2.909880028.1713308564; _gid=GA1.2.1852852552.1713308564; _gat=1; _ga_RRZG2G96EG=GS1.2.1713308563.1.0.1713308563.0.0.0

Response

HTTP/1.1 302

Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0
Content-Security-Policy: frame-ancestors 'none';
Location: https://go.utah.edu/cas/login?service=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1&entityId=https%3A%2F%2Fuofu.service-now.com
Content-Length: 0
Date: Tue, 16 Apr 2024 23:02:51 GMT
Keep-Alive: timeout=60
Connection: keep-alive
GET

https://uofu.service-now.com/uxasset/externals/sn-canvas-common/latest/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/sn-canvas-common/latest/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:51 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 634
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:51 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: e3032a418530ddd41cfdf73db516597f
Last-Modified: Thu, 05 Oct 2023 13:13:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
GET

https://uofu.service-now.com/uxasset/externals/lodash/latest/index.jsdbx?uxpcb=1713256350304

chrome.exe

Remote address:

149.96.34.88:443

Request

GET /uxasset/externals/lodash/latest/index.jsdbx?uxpcb=1713256350304 HTTP/1.1
Host: uofu.service-now.com
Connection: keep-alive
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=BB1180B10324E80B3AA53CB39E739EC0; glide_user_route=glide.7e9e9ec2563be7b312d20e1c4a7c4b7f; BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4

Response

HTTP/1.1 200 OK

Server: snow_adc
Date: Tue, 16 Apr 2024 23:02:52 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: BIGipServerpool_uofu=a11747239ae629c69bf7975fd41262f4; httponly; secure; path=/; SameSite=None
x-edge-enc-proxy-static: true
Cross-Origin-Embedder-Policy: require-corp
Expires: Sun, 20 Apr 2025 23:02:52 GMT
Cache-Control: public,immutable,max-age=600,must-revalidate
ETag: adfcaadd9a6c97931e1bb55079b8d199
Last-Modified: Mon, 23 Oct 2023 01:57:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
DNS

163.185.98.155.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.185.98.155.in-addr.arpa

IN PTR

Response

163.185.98.155.in-addr.arpa

IN PTR

incommon2ssoutahedu
DNS

163.185.98.155.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.185.98.155.in-addr.arpa

IN PTR

Response

163.185.98.155.in-addr.arpa

IN PTR

incommon2ssoutahedu
DNS

87.126.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

87.126.19.2.in-addr.arpa

IN PTR

Response

87.126.19.2.in-addr.arpa

IN PTR

a2-19-126-87deploystaticakamaitechnologiescom
DNS

87.126.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

87.126.19.2.in-addr.arpa

IN PTR

Response

87.126.19.2.in-addr.arpa

IN PTR

a2-19-126-87deploystaticakamaitechnologiescom
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

21.236.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.236.111.52.in-addr.arpa

IN PTR

Response
DNS

21.236.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.236.111.52.in-addr.arpa

IN PTR

Response

3.226.85.102:443

https://t.e2ma.net/click/tmzzbg/5bnclds/pvfv8t

tls, http2

chrome.exe

4.4kB
14.8kB
30
34

HTTP Request

GET https://t.e2ma.net/track/tmzzbg/5bnclds

HTTP Response

200

HTTP Request

GET https://t.e2ma.net/message/tmzzbg/5bnclds

HTTP Response

200

HTTP Request

GET https://t.e2ma.net/track/tmzzbg/5bnclds

HTTP Response

200

HTTP Request

GET https://t.e2ma.net/favicon.ico

HTTP Response

404

HTTP Request

GET https://t.e2ma.net/click/tmzzbg/5bnclds/didv8t

HTTP Response

302

HTTP Request

GET https://t.e2ma.net/click/tmzzbg/5bnclds/92ev8t

HTTP Response

302

HTTP Request

GET https://t.e2ma.net/click/tmzzbg/5bnclds/pvfv8t

HTTP Response

302
3.162.20.14:443

https://images.e2ma.net/images/spacer.gif

tls, http2

chrome.exe

1.8kB
7.9kB
14
19

HTTP Request

GET https://images.e2ma.net/images/spacer.gif

HTTP Response

200

HTTP Request

GET https://images.e2ma.net/images/spacer.gif

HTTP Response

200
54.230.10.11:443

https://d31hzlhk6di2h5.cloudfront.net/20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png

tls, http2

chrome.exe

3.2kB
69.2kB
42
63

HTTP Request

GET https://d31hzlhk6di2h5.cloudfront.net/20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png

HTTP Response

200

HTTP Request

GET https://d31hzlhk6di2h5.cloudfront.net/20240410/a6/28/16/1c/2f5307f22d552b035c24794c.png

HTTP Response

200
216.58.212.243:443

https://guide.duo.com/favicon.ico

tls, http2

chrome.exe

158.6kB
5.7MB
3209
5182

HTTP Request

GET https://guide.duo.com/universal-prompt

HTTP Request

GET https://guide.duo.com/static/css/bootstrap.css?None

HTTP Request

GET https://guide.duo.com/static/css/bootstrap-responsive.css?None

HTTP Request

GET https://guide.duo.com/static/css/guide.css?None

HTTP Request

GET https://guide.duo.com/static/js/jquery.js?None

HTTP Request

GET https://guide.duo.com/static/js/guide.js?None

HTTP Request

GET https://guide.duo.com/static/images/duo-security.png

HTTP Request

GET https://guide.duo.com/static/images/en/tp-duo-push_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-push-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-options-list_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-options-filtered-list_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-remember-device_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-remember-device-push_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-remember-device-webauthn_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-touchid-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-faceid-verify_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-hello-login-pin_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-android-login_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-touch-id-failed_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-touch-id-setup_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-securitykey-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-securitykey-safari_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-security-key-verify-pin-chrome_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-yubipasscode-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-prompt-verification-code_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-dmpasscode-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-smspasscode-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-phonecall-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-tokenpasscode-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-bypasscode-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-enrollment-welcome_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-enrollment-choose_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-touch-id-enroll-intro_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/chrome-touch-id-verify_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/touch-id-bar-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-touch-id-added_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-hello-info_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-hello-login-bio_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-hello-added_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-faceid-info_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-faceid-added_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-android-info_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-android-verify_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/passwordless-android-added_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-duo-mobile-number_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-phone-number-confirm_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-confirm-phone-ownership_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-duo-mobile-install_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-duo-mobile-scan_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-duo-mobile-added_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-security-key-enroll-intro_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/windows-security-key-prompt_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-security-key-set-pin-chrome_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-security-key-enroll-success_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-phone-number_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-phone-number-extension_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-phone-text-success_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-phone-enroll-success_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-enrollment-add-another-method_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-enrollment-setup-complete_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices-verify_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices-portal_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices-choose_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices-updated_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices-rename_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-manage-devices-delete_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-push-timeout_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-text-link_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/up-new-number_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-reactivate-start_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-reactivate-confirm-owner_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-reactivate-verify_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/device-notification-push-email_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/device-notification-push_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/device-notification-email-fraud_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-os-ood-block_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/universal-duo-desktop-check_2x.png

HTTP Request

GET https://guide.duo.com/static/images/en/trusted-endpoints-block-notice-universal-prompt_2x.png

HTTP Request

GET https://guide.duo.com/favicon.ico
104.21.11.219:443

https://cloud.webtype.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css

tls, http2

chrome.exe

1.7kB
5.4kB
13
12

HTTP Request

GET https://cloud.webtype.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css

HTTP Response

301
23.55.97.5:443

https://www.cisco.com/assets/ctm/xdc/xdc_ls_frame.js

tls, http2

chrome.exe

3.4kB
57.2kB
42
56

HTTP Request

GET https://www.cisco.com/c/dam/cdc/t/ctm-core.js

HTTP Response

200

HTTP Request

GET https://www.cisco.com/c/dam/cdc/t/ctm.js

HTTP Response

200

HTTP Request

GET https://www.cisco.com/assets/ctm/xdc/xdcLsFrame.html

HTTP Response

200

HTTP Request

GET https://www.cisco.com/assets/ctm/xdc/xdc_ls_frame.js

HTTP Response

200
151.101.1.91:443

https://cloud.typenetwork.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css

tls, http2

chrome.exe

1.6kB
6.8kB
12
15

HTTP Request

GET https://cloud.typenetwork.com/css/e3348ae0-a196-45c6-8abf-8157c8d62fd8.css

HTTP Response

404
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D

tls, http2

chrome.exe

2.7kB
4.8kB
17
19

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D

HTTP Request

POST https://a.nel.cloudflare.com/report/v4?s=1jDSCR28rU%2FqwCCz%2F6UtP7IxdTdm5uvsBJwu5P2unUp0C09S6t2G4P6QKjLvipdP%2Bw1a6AUFJFNFf7zBa7%2BrAH8GR9nD7RSDkN3pEi6m153pL%2FUczxcYhXROwYpJg%2Fv6t385kOI%3D
172.66.43.199:443

https://cdn.localizejs.com/localize.js

tls, http2

chrome.exe

1.6kB
5.2kB
13
12

HTTP Request

GET https://cdn.localizejs.com/localize.js

HTTP Response

301
104.18.5.175:443

https://global.localizecdn.com/api/lib/Nj09ZGcmRJDwn/tl.gif?l=en&c=6790498

tls, http2

chrome.exe

2.8kB
30.1kB
32
38

HTTP Request

GET https://global.localizecdn.com/localize.js

HTTP Response

200

HTTP Request

GET https://global.localizecdn.com/api/lib/Nj09ZGcmRJDwn/tl.gif?l=source&c=255660

HTTP Request

GET https://global.localizecdn.com/api/lib/Nj09ZGcmRJDwn/tl.gif?l=en&c=6790498

HTTP Response

200

HTTP Response

200
151.101.2.132:443

https://fast.wistia.com/assets/external/share-v2.js

tls, http2

chrome.exe

4.6kB
170.8kB
73
136

HTTP Request

GET https://fast.wistia.com/embed/medias/d6kzpc5ojl.jsonp

HTTP Response

200

HTTP Request

GET https://fast.wistia.com/assets/external/E-v1.js

HTTP Response

200

HTTP Request

GET https://fast.wistia.com/assets/external/share-v2.js

HTTP Response

200
155.98.186.99:443

https://it.utah.edu/news/announcements.php?utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Announcements&utm_id=40489&sfmc_id=1095754

tls, http

chrome.exe

2.0kB
8.1kB
10
13

HTTP Request

GET https://it.utah.edu/news/announcements.php?utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Announcements&utm_id=40489&sfmc_id=1095754

HTTP Response

302
155.98.186.99:443

it.utah.edu

tls

chrome.exe

1.0kB
6.8kB
8
10
155.98.185.164:443

https://go.utah.edu/cas/login?service=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1&entityId=https%3A%2F%2Fuofu.service-now.com

tls, http

chrome.exe

27.2kB
1.1MB
438
864

HTTP Request

GET https://go.utah.edu/cas/login?service=https%3a%2f%2fit.utah.edu%2fnews%2fannouncements.php%3futm_source%3dsfmc%26utm_medium%3demail%26utm_campaign%3d2022-01-13%2bDG%2bNode%2b4%2btest%2bv2%26utm_term%3dAnnouncements%26utm_id%3d40489%26sfmc_id%3d1095754

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/normalize.css/8.0.1/normalize.css

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/material-components-web/14.0.0/dist/material-components-web.min.css

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/es5-shim/4.5.9/es5-shim.min.js

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/material-components-web/14.0.0/dist/material-components-web.min.js

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/favicon.ico

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/login?service=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1&entityId=https%3A%2F%2Fuofu.service-now.com

HTTP Response

200
155.98.185.164:443

https://go.utah.edu/cas/images/uofu/imagine_u.png

tls, http

chrome.exe

12.9kB
302.7kB
132
250

HTTP Request

GET https://go.utah.edu/cas/webjars/bootstrap/5.2.0/css/bootstrap-grid.min.css

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/css/cas.css

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/jquery/3.6.1/jquery.min.js

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/datatables/1.12.1/js/jquery.dataTables.min.js

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/webjars/css-vars-ponyfill/2.4.7/dist/css-vars-ponyfill.min.js

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/images/uofu/ulogo_white.png

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/images/uofu/imagine_u.png

HTTP Response

200
8.8.8.8:53

99.186.98.155.in-addr.arpa

dns

460 B
12.7kB
9
12

DNS Request

99.186.98.155.in-addr.arpa
155.98.185.164:443

https://go.utah.edu/cas/images/uofu/u_healthcare_white.png

tls, http

chrome.exe

9.7kB
333.1kB
140
268

HTTP Request

GET https://go.utah.edu/cas/webjars/mdi__font/6.5.95/css/materialdesignicons.min.css

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/js/cas.js

HTTP Response

200

HTTP Request

GET https://go.utah.edu/cas/images/uofu/u_healthcare_white.png

HTTP Response

200
155.98.185.164:443

go.utah.edu

tls

chrome.exe

897 B
6.8kB
7
9
104.19.177.52:443

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

tls, http2

chrome.exe

4.8kB
151.1kB
75
126

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/logos/03fc55fe-0057-4b2f-817d-763e7ecdb316/ad0fee7c-eecb-4e6d-b90f-8b6ca3a1e95c/cisco-logo-transparent.png

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

HTTP Response

200
104.19.177.52:443

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

tls, http2

chrome.exe

3.4kB
51.9kB
41
63

HTTP Request

GET https://cdn.cookielaw.org/consent/9e0aae48-2403-41a9-8a52-892faec23a4f/9e0aae48-2403-41a9-8a52-892faec23a4f.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/consent/9e0aae48-2403-41a9-8a52-892faec23a4f/bbc1a39d-5c7d-43c1-9529-5b0da4ae38da/en.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFlat.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcTab.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

HTTP Response

200
104.68.89.134:443

https://munchkin.marketo.net/163/munchkin.js

tls, http

chrome.exe

2.3kB
11.9kB
13
15

HTTP Request

GET https://munchkin.marketo.net/munchkin.js

HTTP Response

200

HTTP Request

GET https://munchkin.marketo.net/163/munchkin.js

HTTP Response

200
74.125.71.154:443

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-216487544-4&cid=909880028.1713308564&jid=771985600&gjid=347083817&_gid=1852852552.1713308564&_u=IEBAAEAAAAAAACAAI~&z=1011448333

tls, http2

chrome.exe

2.3kB
7.2kB
18
20

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20141016-1&cid=483104690.1713308562&jid=702667749&gjid=2119718982&_gid=843472844.1713308562&_u=IGBAiEABBAAAAGAAI~&z=1662097513

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-216487544-4&cid=909880028.1713308564&jid=771985600&gjid=347083817&_gid=1852852552.1713308564&_u=IEBAAEAAAAAAACAAI~&z=1011448333
172.64.155.119:443

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

tls, http2

chrome.exe

1.6kB
3.5kB
11
12

HTTP Request

GET https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

HTTP Response

200
142.250.178.4:443

www.google.com

tls

chrome.exe

953 B
4.8kB
8
9
199.15.214.243:443

https://074-uqx-410.mktoresp.com/webevents/visitWebPage?_mchNc=1713308562357&_mchCn=&_mchId=074-UQX-410&_mchTk=_mch-duo.com-1713308562357-83506&_mchHo=guide.duo.com&_mchPo=&_mchRu=%2Funiversal-prompt&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=%23duo-mobile-passcode&_mchRe=&_mchQp=

tls, http

chrome.exe

1.9kB
5.0kB
9
11

HTTP Request

POST https://074-uqx-410.mktoresp.com/webevents/visitWebPage?_mchNc=1713308562357&_mchCn=&_mchId=074-UQX-410&_mchTk=_mch-duo.com-1713308562357-83506&_mchHo=guide.duo.com&_mchPo=&_mchRu=%2Funiversal-prompt&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=%23duo-mobile-passcode&_mchRe=&_mchQp=

HTTP Response

200
18.172.89.21:443

https://pipedream.wistia.com/mput?topic=metrics

tls, http2

chrome.exe

5.4kB
7.8kB
17
18

HTTP Request

POST https://pipedream.wistia.com/mput?topic=metrics

HTTP Response

200

HTTP Request

POST https://pipedream.wistia.com/mput?topic=metrics

HTTP Response

200
199.15.214.243:443

074-uqx-410.mktoresp.com

tls

chrome.exe

1.0kB
4.8kB
8
9
13.224.81.52:443

https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cisco/duo/202404091428&cb=1713308563371

tls, http2

chrome.exe

3.5kB
71.4kB
52
60

HTTP Request

GET https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js

HTTP Response

200

HTTP Request

GET https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cisco/duo/202404091428&cb=1713308563371

HTTP Response

200
23.55.96.141:443

https://02179910.akstat.io/

tls, http2

chrome.exe

6.8kB
57.9kB
45
54

HTTP Request

GET https://s.go-mpulse.net/boomerang/GKZXC-NS3SU-A7VFH-HKBHM-U7LKH

HTTP Response

200

HTTP Request

POST https://02179910.akstat.io/

HTTP Response

204
142.250.187.202:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSFwlMkc26iT3tyxIFDeeNQA4SBQ3OQUx6?alt=proto

tls, http2

chrome.exe

2.0kB
7.3kB
17
20

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAnm5qRa2TNMchIFDaWTNiQ=?alt=proto

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSFwlMkc26iT3tyxIFDeeNQA4SBQ3OQUx6?alt=proto
72.246.172.149:443

https://c.go-mpulse.net/api/config.json?key=GKZXC-NS3SU-A7VFH-HKBHM-U7LKH&d=www.cisco.com&t=5711029&v=1.737.0&sl=0&si=7631b4ad-d61d-4af7-a61e-f5d6acd8e498-sc25cj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=271834

tls, http2

chrome.exe

1.9kB
6.1kB
12
13

HTTP Request

GET https://c.go-mpulse.net/api/config.json?key=GKZXC-NS3SU-A7VFH-HKBHM-U7LKH&d=www.cisco.com&t=5711029&v=1.737.0&sl=0&si=7631b4ad-d61d-4af7-a61e-f5d6acd8e498-sc25cj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=271834

HTTP Response

200
151.101.2.132:443

https://fast.wistia.com/assets/external/allIntegrations.js

tls, http2

chrome.exe

5.2kB
160.9kB
81
132

HTTP Request

GET https://fast.wistia.com/assets/external/playPauseLoadingControl.js

HTTP Response

200

HTTP Request

GET https://fast.wistia.com/assets/external/engines/hls_video.js

HTTP Response

200

HTTP Request

GET https://fast.wistia.com/embed/medias/d6kzpc5ojl.m3u8

HTTP Request

GET https://fast.wistia.com/assets/images/blank.gif

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://fast.wistia.com/assets/external/allIntegrations.js

HTTP Response

200
13.224.81.118:443

https://embed-ssl.wistia.com/deliveries/526c02cd75cde05326fa327e5b700a7ab9214ec9.webp?image_crop_resized=1280x720

tls, http2

chrome.exe

2.5kB
33.0kB
30
32

HTTP Request

GET https://embed-ssl.wistia.com/deliveries/526c02cd75cde05326fa327e5b700a7ab9214ec9.webp?image_crop_resized=1280x720

HTTP Response

200
149.96.34.88:443

https://uofu.service-now.com/uxasset/externals/@devsnc/sn-layout/index.jsdbx?uxpcb=1713256350304

tls, http

chrome.exe

51.3kB
1.5MB
544
1176

HTTP Request

GET https://uofu.service-now.com/it/?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13%20DG%20Node%204%20test%20v2&utm_term=Subscribe%20to%20NotifyIT&utm_id=40489&sfmc_id=1095754

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/styles/scss/sp-bootstrap-basic.scss?portal_id=f30897504ff126008446f5a18110c72d&theme_id=ea385b504ff126008446f5a18110c7f1&v=2a75486a93a90210b8a878fdfaba1028

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/thirdparty/dompurify/purify.min.js?sysparm_substitute=false

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/dist/sp_min.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

POST https://uofu.service-now.com/angular.do?sysparm_type=message

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/doctype/xperf_timing.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/styles/css_includes_doctype_polaris.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/polaris_theme_refresh_observer.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=01-30-2024_1048&lp=Tue_Apr_02_12_04_13_PDT_2024&c=32_1188

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/heisenberg/heisenberg_all.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/transaction_scope_includes.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/amb-client-js/index.jsdbx?uxpcb=1713256350304

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/@servicenow/ui-mega/index.jsdbx?uxpcb=1713256350304

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/polaris-app-shell/index.jsdbx?uxpcb=1713256350304

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/@devsnc/sn-layout/index.jsdbx?uxpcb=1713256350304

HTTP Response

200
13.224.81.94:443

https://embed-cloudfront.wistia.com/deliveries/7261106fadb99eb7578486f8092159c802728148.m3u8

tls, http2

chrome.exe

78.2kB
3.0MB
1647
2184

HTTP Request

GET https://embed-cloudfront.wistia.com/deliveries/904ed31bcc15547d211671c136199625eb30041a.m3u8

HTTP Response

200

HTTP Request

GET https://embed-cloudfront.wistia.com/deliveries/904ed31bcc15547d211671c136199625eb30041a.m3u8/seg-1-v1-a1.ts

HTTP Response

200

HTTP Request

GET https://embed-cloudfront.wistia.com/deliveries/7261106fadb99eb7578486f8092159c802728148.m3u8

HTTP Response

200
149.96.34.88:443

uofu.service-now.com

tls

chrome.exe

34.3kB
324.4kB
156
267
149.96.34.88:443

https://uofu.service-now.com/uxasset/externals/sn-canvas-core-addon/latest/index.jsdbx?uxpcb=1713256350304

tls, http

chrome.exe

27.2kB
370.2kB
125
308

HTTP Request

GET https://uofu.service-now.com/api/now/sp/page?id=uu_kb_article&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_source=sfmc&utm_medium=email&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_term=Subscribe+to+NotifyIT&utm_id=40489&sfmc_id=1095754&time=1713308566200&portal_id=f30897504ff126008446f5a18110c72d&request_uri=%2Fit%2F%3Fid%3Duu_kb_article%26sys_id%3D2aa628af6f5e95009c4b52a03f3ee4df%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D2022-01-13%2520DG%2520Node%25204%2520test%2520v2%26utm_term%3DSubscribe%2520to%2520NotifyIT%26utm_id%3D40489%26sfmc_id%3D1095754

HTTP Response

200

HTTP Request

POST https://uofu.service-now.com/api/now/sp/rectangle/b8866544cb11120000f8d856634c9c5d?id=uu_kb_article&sfmc_id=1095754&sys_id=2aa628af6f5e95009c4b52a03f3ee4df&utm_campaign=2022-01-13+DG+Node+4+test+v2&utm_id=40489&utm_medium=email&utm_source=sfmc&utm_term=Subscribe+to+NotifyIT

HTTP Response

201

HTTP Request

GET https://uofu.service-now.com/login_with_sso.do?glide_sso_id=76a1c6eb2b779a00140cd11417da15e0

HTTP Response

302

HTTP Request

GET https://uofu.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fincommon2.sso.utah.edu%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3FSAMLRequest%3DlVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%252FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%252BsuDFFkuB%252B%252BCU65jyZoIfTDObpyl2KNv0J%252BMwq%252F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%252FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%252FiJnMhSzvs%252FsPs%252B8sqa%252BJfDRWG%252FtyO77nC4jk58OhTuun5jARnIxG%252Fzii%252FyO5b%252BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%252Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%252BOoq%252B%252FdnXf0G%26RelayState%3Dhttps%253A%252F%252Fuofu.service-now.com%252Fit%253Fid%253Duu_kb_article%2526sys_id%253D2aa628af6f5e95009c4b52a03f3ee4df%2526utm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253D2022-01-13%252520DG%252520Node%2525204%252520test%252520v2%2526utm_term%253DSubscribe%252520to%252520NotifyIT%2526utm_id%253D40489%2526sfmc_id%253D1095754

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/service-worker/loader.jsdbx?uxpcb=1713256350304&sysparm_substitute=false

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=01-30-2024_1048&c=37ea4b1293210210b8a878fdfaba1021&theme=Polaris

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/doctype/history_across_tabs.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/styles/now_icons/now-icons.woff?5ec864d1664b12d911cb28ddd1bad3f3

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/js_includes_list_edit_doctype.jsx?v=01-30-2024_1048&lp=Tue_Apr_02_12_04_13_PDT_2024&c=32_1188

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/scripts/doctype/z_last_include.jsx?v=01-30-2024_1048

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/@devsnc/library-uxf/index.jsdbx?uxpcb=1713256350304

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/sn-canvas-core-addon/latest/index.jsdbx?uxpcb=1713256350304

HTTP Response

200
149.96.34.88:443

uofu.service-now.com

tls

chrome.exe

12.0kB
135.3kB
67
110
149.96.34.88:443

https://uofu.service-now.com/uxasset/externals/nds-megabundle/bundled-assets.jsdbx?uxpcb=1713256350304

tls, http

chrome.exe

7.1kB
209.2kB
56
160

HTTP Request

GET https://uofu.service-now.com/snd_ui16_developer_patch.jsdbx?_=1713308569445

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/nds-megabundle/bundled-assets.jsdbx?uxpcb=1713256350304

HTTP Response

200
18.172.89.69:443

https://distillery.wistia.com/x

tls, http2

chrome.exe

3.5kB
7.3kB
14
16

HTTP Request

POST https://distillery.wistia.com/x

HTTP Response

204
155.98.186.99:443

templates.utah.edu

tls

chrome.exe

1.0kB
6.9kB
8
10
155.98.186.99:443

templates.utah.edu

tls

chrome.exe

1.0kB
6.9kB
8
10
155.98.186.99:443

templates.utah.edu

tls

chrome.exe

1.0kB
6.9kB
8
10
155.98.186.99:443

templates.utah.edu

tls

chrome.exe

1.0kB
6.9kB
8
10
155.98.185.163:443

incommon2.sso.utah.edu

tls

chrome.exe

972 B
5.6kB
8
11
155.98.185.163:443

https://incommon2.sso.utah.edu/idp/Authn/External?conversation=e1s1

tls, http

chrome.exe

4.6kB
7.1kB
12
17

HTTP Request

GET https://incommon2.sso.utah.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=lVJBbtswEPyKwLtEiVbslLAMuDaKGkgTwXJ76G1DrmICEqlySaf9fWXZRdJDDfTKnZ2ZneGSoO%2FEINcxHO0ef0SkkPzsO0vyMqlY9FY6IEPSQo8kg5LN%2BsuDFFkuB%2B%2BCU65jyZoIfTDObpyl2KNv0J%2BMwq%2F7h4odQxhIch5dGzO6DFLrXjPlem7hNMALZtqxZDvKGwtnnrctY0dY76zIiFwWAxwz1JEbPfBRvzUd8rMhwfeojUcVeNM8seST8wqnuyrWQkfIkt22Ys3jBhbqWdzBPL%2FLFyXMisUMdKnaQkGhcV7ACKQaiMwJ31aJIu4sBbChYiIXZZqXaTE%2FiJnMhSzvs%2FsPs%2B8sqa%2BJfDRWG%2FtyO77nC4jk58OhTuun5jARnIxG%2Fzii%2FyO5b%2BhpSm3kZavlVJ6cTPv3fd72A39KZKtbwkv%2Bnv4qNsiz4922dp1Rv5J117nXjUcI4xXBR5wK6SH820GRFdOL0Wk7QWW0NKAyrUHN%2BOoq%2B%2FdnXf0G&RelayState=https%3A%2F%2Fuofu.service-now.com%2Fit%3Fid%3Duu_kb_article%26sys_id%3D2aa628af6f5e95009c4b52a03f3ee4df%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D2022-01-13%2520DG%2520Node%25204%2520test%2520v2%26utm_term%3DSubscribe%2520to%2520NotifyIT%26utm_id%3D40489%26sfmc_id%3D1095754

HTTP Response

302

HTTP Request

GET https://incommon2.sso.utah.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1

HTTP Response

302

HTTP Request

GET https://incommon2.sso.utah.edu/idp/Authn/External?conversation=e1s1

HTTP Response

302
155.98.185.163:443

incommon2.sso.utah.edu

tls

chrome.exe

972 B
5.6kB
8
11
149.96.34.88:443

https://uofu.service-now.com/uxasset/externals/lodash/latest/index.jsdbx?uxpcb=1713256350304

tls, http

chrome.exe

5.7kB
44.2kB
30
41

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/sn-canvas-common/latest/index.jsdbx?uxpcb=1713256350304

HTTP Response

200

HTTP Request

GET https://uofu.service-now.com/uxasset/externals/lodash/latest/index.jsdbx?uxpcb=1713256350304

HTTP Response

200
149.96.34.88:443

uofu.service-now.com

tls

chrome.exe

3.2kB
47.4kB
19
42

8.8.8.8:53

images.e2ma.net

dns

chrome.exe

61 B
125 B
1
1

DNS Request

images.e2ma.net

DNS Response

3.162.20.14

3.162.20.25

3.162.20.115

3.162.20.57
8.8.8.8:53

t.e2ma.net

dns

chrome.exe

56 B
104 B
1
1

DNS Request

t.e2ma.net

DNS Response

3.226.85.102

35.175.160.101

34.232.74.39
8.8.8.8:53

d31hzlhk6di2h5.cloudfront.net

dns

chrome.exe

75 B
139 B
1
1

DNS Request

d31hzlhk6di2h5.cloudfront.net

DNS Response

54.230.10.11

54.230.10.78

54.230.10.98

54.230.10.109
8.8.8.8:53

42.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

42.200.250.142.in-addr.arpa
8.8.8.8:53

10.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

10.178.250.142.in-addr.arpa
8.8.8.8:53

14.20.162.3.in-addr.arpa

dns

70 B
125 B
1
1

DNS Request

14.20.162.3.in-addr.arpa
8.8.8.8:53

11.10.230.54.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

11.10.230.54.in-addr.arpa
8.8.8.8:53

241.154.82.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.154.82.20.in-addr.arpa
8.8.8.8:53

102.85.226.3.in-addr.arpa

dns

71 B
125 B
1
1

DNS Request

102.85.226.3.in-addr.arpa
8.8.8.8:53

3.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.169.217.172.in-addr.arpa
8.8.8.8:53

219.183.117.104.in-addr.arpa

dns

74 B
141 B
1
1

DNS Request

219.183.117.104.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

21.114.53.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

21.114.53.23.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3
3.162.20.14:443

images.e2ma.net

https

chrome.exe

2.8kB
9.6kB
20
20
54.230.10.11:443

d31hzlhk6di2h5.cloudfront.net

https

chrome.exe

2.7kB
9.7kB
19
20
8.8.8.8:53

guide.duo.com

dns

chrome.exe

59 B
106 B
1
1

DNS Request

guide.duo.com

DNS Response

216.58.212.243
8.8.8.8:53

cloud.webtype.com

dns

chrome.exe

63 B
95 B
1
1

DNS Request

cloud.webtype.com

DNS Response

104.21.11.219

172.67.167.75
8.8.8.8:53

www.cisco.com

dns

chrome.exe

59 B
241 B
1
1

DNS Request

www.cisco.com

DNS Response

23.55.97.5
8.8.8.8:53

cloud.typenetwork.com

dns

chrome.exe

67 B
168 B
1
1

DNS Request

cloud.typenetwork.com

DNS Response

151.101.1.91

151.101.65.91

151.101.129.91

151.101.193.91
8.8.8.8:53

243.212.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

243.212.58.216.in-addr.arpa
8.8.8.8:53

219.11.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

219.11.21.104.in-addr.arpa
8.8.8.8:53

5.97.55.23.in-addr.arpa

dns

69 B
131 B
1
1

DNS Request

5.97.55.23.in-addr.arpa
8.8.8.8:53

a.nel.cloudflare.com

dns

chrome.exe

66 B
82 B
1
1

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1
8.8.8.8:53

cdn.localizejs.com

dns

chrome.exe

64 B
96 B
1
1

DNS Request

cdn.localizejs.com

DNS Response

172.66.43.199

172.66.40.57
8.8.8.8:53

global.localizecdn.com

dns

chrome.exe

68 B
100 B
1
1

DNS Request

global.localizecdn.com

DNS Response

104.18.5.175

104.18.4.175
35.190.80.1:443

a.nel.cloudflare.com

https

chrome.exe

1.6kB
3.9kB
4
6
104.18.5.175:443

global.localizecdn.com

https

chrome.exe

2.9kB
9.5kB
12
14
8.8.8.8:53

91.1.101.151.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

91.1.101.151.in-addr.arpa
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

199.43.66.172.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

199.43.66.172.in-addr.arpa
8.8.8.8:53

175.5.18.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

175.5.18.104.in-addr.arpa
8.8.8.8:53

fast.wistia.com

dns

chrome.exe

61 B
172 B
1
1

DNS Request

fast.wistia.com

DNS Response

151.101.2.132

151.101.66.132

151.101.130.132

151.101.194.132
8.8.8.8:53

132.2.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

132.2.101.151.in-addr.arpa
8.8.8.8:53

it.utah.edu

dns

chrome.exe

57 B
73 B
1
1

DNS Request

it.utah.edu

DNS Response

155.98.186.99
8.8.8.8:53

99.186.98.155.in-addr.arpa

dns

72 B
72 B
1
1

DNS Request

99.186.98.155.in-addr.arpa
8.8.8.8:53

go.utah.edu

dns

chrome.exe

57 B
73 B
1
1

DNS Request

go.utah.edu

DNS Response

155.98.185.164
8.8.8.8:53

164.185.98.155.in-addr.arpa

dns

146 B
196 B
2
2

DNS Request

164.185.98.155.in-addr.arpa

DNS Request

164.185.98.155.in-addr.arpa
8.8.8.8:53

cdn.cookielaw.org

dns

chrome.exe

126 B
190 B
2
2

DNS Request

cdn.cookielaw.org

DNS Request

cdn.cookielaw.org

DNS Response

104.19.177.52

104.19.178.52

DNS Response

104.19.178.52

104.19.177.52
8.8.8.8:53

munchkin.marketo.net

dns

chrome.exe

132 B
318 B
2
2

DNS Request

munchkin.marketo.net

DNS Request

munchkin.marketo.net

DNS Response

104.68.89.134

DNS Response

104.68.89.134
104.18.5.175:443

global.localizecdn.com

https

chrome.exe

1.8kB
6.9kB
6
10
8.8.8.8:53

stats.g.doubleclick.net

dns

chrome.exe

138 B
266 B
2
2

DNS Request

stats.g.doubleclick.net

DNS Request

stats.g.doubleclick.net

DNS Response

74.125.71.154

74.125.71.155

74.125.71.157

74.125.71.156

DNS Response

74.125.71.154

74.125.71.155

74.125.71.157

74.125.71.156
8.8.8.8:53

geolocation.onetrust.com

dns

chrome.exe

140 B
204 B
2
2

DNS Request

geolocation.onetrust.com

DNS Request

geolocation.onetrust.com

DNS Response

172.64.155.119

104.18.32.137

DNS Response

172.64.155.119

104.18.32.137
8.8.8.8:53

www.google.com

dns

chrome.exe

120 B
152 B
2
2

DNS Request

www.google.com

DNS Request

www.google.com

DNS Response

142.250.178.4

DNS Response

142.250.178.4
8.8.8.8:53

074-uqx-410.mktoresp.com

dns

chrome.exe

140 B
228 B
2
2

DNS Request

074-uqx-410.mktoresp.com

DNS Request

074-uqx-410.mktoresp.com

DNS Response

199.15.214.243

DNS Response

199.15.214.243
142.250.178.4:443

www.google.com

https

chrome.exe

3.7kB
7.7kB
11
11
8.8.8.8:53

pipedream.wistia.com

dns

chrome.exe

132 B
346 B
2
2

DNS Request

pipedream.wistia.com

DNS Request

pipedream.wistia.com

DNS Response

18.172.89.21

18.172.89.9

18.172.89.124

18.172.89.18

DNS Response

18.172.89.9

18.172.89.124

18.172.89.21

18.172.89.18
8.8.8.8:53

tags.tiqcdn.com

dns

chrome.exe

122 B
334 B
2
2

DNS Request

tags.tiqcdn.com

DNS Request

tags.tiqcdn.com

DNS Response

13.224.81.52

13.224.81.83

13.224.81.71

13.224.81.17

DNS Response

13.224.81.52

13.224.81.17

13.224.81.71

13.224.81.83
8.8.8.8:53

s.go-mpulse.net

dns

chrome.exe

122 B
308 B
2
2

DNS Request

s.go-mpulse.net

DNS Request

s.go-mpulse.net

DNS Response

23.55.96.141

DNS Response

23.55.96.141
8.8.8.8:53

238.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

238.179.250.142.in-addr.arpa
8.8.8.8:53

52.177.19.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

52.177.19.104.in-addr.arpa
8.8.8.8:53

154.71.125.74.in-addr.arpa

dns

72 B
106 B
1
1

DNS Request

154.71.125.74.in-addr.arpa
8.8.8.8:53

134.89.68.104.in-addr.arpa

dns

144 B
274 B
2
2

DNS Request

134.89.68.104.in-addr.arpa

DNS Request

134.89.68.104.in-addr.arpa
8.8.8.8:53

119.155.64.172.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

119.155.64.172.in-addr.arpa
8.8.8.8:53

4.178.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

4.178.250.142.in-addr.arpa
8.8.8.8:53

21.89.172.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

21.89.172.18.in-addr.arpa
8.8.8.8:53

243.214.15.199.in-addr.arpa

dns

146 B
274 B
2
2

DNS Request

243.214.15.199.in-addr.arpa

DNS Request

243.214.15.199.in-addr.arpa
8.8.8.8:53

52.81.224.13.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

52.81.224.13.in-addr.arpa
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

154 B
634 B
2
2

DNS Request

content-autofill.googleapis.com

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.213.10

172.217.169.10

216.58.212.234

172.217.169.74

172.217.169.42

142.250.179.234

142.250.180.10

DNS Response

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.213.10

172.217.169.10

216.58.212.234

172.217.169.74

172.217.169.42

142.250.179.234

142.250.180.10
8.8.8.8:53

c.go-mpulse.net

dns

chrome.exe

122 B
326 B
2
2

DNS Request

c.go-mpulse.net

DNS Request

c.go-mpulse.net

DNS Response

72.246.172.149

DNS Response

72.246.172.149
8.8.8.8:53

embed-ssl.wistia.com

dns

chrome.exe

132 B
344 B
2
2

DNS Request

embed-ssl.wistia.com

DNS Request

embed-ssl.wistia.com

DNS Response

13.224.81.118

13.224.81.104

13.224.81.94

13.224.81.8

DNS Response

13.224.81.118

13.224.81.104

13.224.81.94

13.224.81.8
8.8.8.8:53

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

dns

chrome.exe

208 B
482 B
2
2

DNS Request

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

DNS Request

x5s5cjyxg5qqkzq7aojq-f-950e85879-clientnsv4-s.akamaihd.net

DNS Response

23.14.90.83

23.14.90.98

DNS Response

23.14.90.98

23.14.90.83
8.8.8.8:53

02179910.akstat.io

dns

chrome.exe

128 B
324 B
2
2

DNS Request

02179910.akstat.io

DNS Request

02179910.akstat.io

DNS Response

23.55.96.141

DNS Response

23.55.96.141
142.250.187.202:443

content-autofill.googleapis.com

https

chrome.exe

3.4kB
7.2kB
8
12
74.125.71.154:443

stats.g.doubleclick.net

https

chrome.exe

2.9kB
6.5kB
5
8
8.8.8.8:53

141.96.55.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

141.96.55.23.in-addr.arpa
8.8.8.8:53

202.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.187.250.142.in-addr.arpa
8.8.8.8:53

149.172.246.72.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

149.172.246.72.in-addr.arpa
8.8.8.8:53

118.81.224.13.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

118.81.224.13.in-addr.arpa
8.8.8.8:53

uofu.service-now.com

dns

chrome.exe

132 B
164 B
2
2

DNS Request

uofu.service-now.com

DNS Request

uofu.service-now.com

DNS Response

149.96.34.88

DNS Response

149.96.34.88
8.8.8.8:53

embed-cloudfront.wistia.com

dns

chrome.exe

146 B
358 B
2
2

DNS Request

embed-cloudfront.wistia.com

DNS Request

embed-cloudfront.wistia.com

DNS Response

13.224.81.94

13.224.81.8

13.224.81.104

13.224.81.118

DNS Response

13.224.81.94

13.224.81.8

13.224.81.104

13.224.81.118
8.8.8.8:53

8.169.217.172.in-addr.arpa

dns

144 B
220 B
2
2

DNS Request

8.169.217.172.in-addr.arpa

DNS Request

8.169.217.172.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

183.59.114.20.in-addr.arpa

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

88.34.96.149.in-addr.arpa

dns

142 B
244 B
2
2

DNS Request

88.34.96.149.in-addr.arpa

DNS Request

88.34.96.149.in-addr.arpa
8.8.8.8:53

distillery.wistia.com

dns

chrome.exe

134 B
348 B
2
2

DNS Request

distillery.wistia.com

DNS Request

distillery.wistia.com

DNS Response

18.172.89.69

18.172.89.100

18.172.89.22

18.172.89.80

DNS Response

18.172.89.80

18.172.89.22

18.172.89.100

18.172.89.69
8.8.8.8:53

94.81.224.13.in-addr.arpa

dns

142 B
254 B
2
2

DNS Request

94.81.224.13.in-addr.arpa

DNS Request

94.81.224.13.in-addr.arpa
8.8.8.8:53

69.89.172.18.in-addr.arpa

dns

142 B
254 B
2
2

DNS Request

69.89.172.18.in-addr.arpa

DNS Request

69.89.172.18.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

144 B
292 B
2
2

DNS Request

15.164.165.52.in-addr.arpa

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

templates.utah.edu

dns

chrome.exe

128 B
160 B
2
2

DNS Request

templates.utah.edu

DNS Request

templates.utah.edu

DNS Response

155.98.186.99

DNS Response

155.98.186.99
8.8.8.8:53

incommon2.sso.utah.edu

dns

chrome.exe

136 B
168 B
2
2

DNS Request

incommon2.sso.utah.edu

DNS Request

incommon2.sso.utah.edu

DNS Response

155.98.185.163

DNS Response

155.98.185.163
8.8.8.8:53

163.185.98.155.in-addr.arpa

dns

146 B
218 B
2
2

DNS Request

163.185.98.155.in-addr.arpa

DNS Request

163.185.98.155.in-addr.arpa
8.8.8.8:53

87.126.19.2.in-addr.arpa

dns

140 B
266 B
2
2

DNS Request

87.126.19.2.in-addr.arpa

DNS Request

87.126.19.2.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

148 B
256 B
2
2

DNS Request

172.210.232.199.in-addr.arpa

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

21.236.111.52.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

21.236.111.52.in-addr.arpa

DNS Request

21.236.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ef46c42e844d21f78e865db8b131532e

SHA1
848dae5d7cee54afa04269c7bb13402c2cd92e25

SHA256
2fc2bfb48f643b08bfad066a73771e26146bf818e6e9d6c09a3e43723a5988ac

SHA512
fe0c66fc349c69c4f1be3f729842fb26a844c67f10df8bbc8ec4b0069a3e8efaac15023f3a0dc07d37cf5a03fa239aa1c5a7347fbfc1b0c2a010cd88b747d4d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_uofu.service-now.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\9fb062fd-37a1-47a1-bf3a-417393da7dca.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
dd36e78aeb4ef84e106fca5853cef211

SHA1
18f66729e501d10301c360e0d80459f7c1f57dc6

SHA256
5fb8accc90c2625c7f2e83f7252af16690fe6a65703140d59b48385c976a1a5b

SHA512
dd223b97eb429aa9e90647f2f6f20710c9dff1af39d02b6e62879dfaffc8af442344d3a4b8811b705da7779036c6e4101ec5df21c8dc36745bdf9520a033992b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
c723899fb46409ac53691a474393c785

SHA1
71d9334aef2869fac11c7dfa1c00738e9e63d4a9

SHA256
168ff8e1e8db1b573faad2a29d556c9ca0072c1015832fd8cb96d9e40308492e

SHA512
eecc4e6bc5ffdee98e5c9ccd8d0b87f1085f38cccf3e71ec4b3c3c8c04163e0ff597fb3e4aca7e6b2327d9d3380fa26e16afdfced77065a2ac8b69eb0408e12a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5a2cbe0dbb8dbab382fa6ca6cf2bed4d

SHA1
2c65d97df247c38720359b1c8e89b7ad2bd2149f

SHA256
be00b3fb9efe7fb99c659b22c32f8e707a970d643a822eca1ac0a1f654816b9b

SHA512
6247916c64c766d0e01a50c47a88e5d26f45c130aa47a589a383f8598a909e95fd23398c9ba763d54e9a229a7298d775094a7dc94dc859897b666dc96d341dba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
8e86923327308e66baa95e96b663b681

SHA1
70c15ececa5b7679bd551b52215c5003300f3422

SHA256
285872af520fb8a25f12a12a92d90b950f42c83a18b1982894dcaaad2fb62c23

SHA512
6ce14efab732d9d3dc9c9361483b3a688292f34f7afb9f5a54ffe9cf6151c30721624760b136e478c2f4e6ddab32f2940514d77df3f722a3b32e391a37ad9ef7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dbde9c79415c3acf068de92fa396725e

SHA1
23dd4cd9e1960f6e97dcbdf5138ba78d159a2c98

SHA256
9b0bcd310564e3cc4119947b356a1a7307e94daf964ca2473fdd7e13a9ce74b4

SHA512
a7f18d24bec057e02a4d62d80d5b197f642cf4b0ebd2c633be636f08046a87de499bcf8f81ede05dd86954bf9379123a9ae6088c3a1c874f13c5b8cbe30d65bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9214b1d082d019764ef42b2e6e8c7d50

SHA1
dfa2ab803f76c7108fabb212e4c84f4298eed7f3

SHA256
bd6c199015a6fca7ad2f3a238dc25b19f5585147a6215230dd6c6087b0ad2e5f

SHA512
b31f797da3f8398aace01fe3997df2aac4ab466f4d36bad50f331164a7101eb568821d49dd308446f5cf6760ba4e9cf984662e05f045e4de8899ca9844acd000

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\241812e7104cd1e06f11d369e948758a08080223\c36b2881-132d-4b2d-9d74-374a531aba44\index-dir\the-real-index

Filesize
312B

MD5
957b445d98d9fbc7a921c7380778e310

SHA1
c39443e68fc7bbf7540a37f00885f443c36e0ac2

SHA256
d4c0b546c9125b931098bf0f9e6343592b16d1094d71380a7597e8581e21d20d

SHA512
e1096881090ccd018849ffd6ea07cf540ae96f4b9991078cdcbffdc9b5094ab55fb6a3c3166edf51bb03068d74094a7e045541c76691ed1d937d61bf2d3e6dd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\241812e7104cd1e06f11d369e948758a08080223\c36b2881-132d-4b2d-9d74-374a531aba44\index-dir\the-real-index~RFe581519.TMP

Filesize
48B

MD5
e0993c07631b0de5b86c4de88aaf5172

SHA1
e937b54166b185bda46aa070b71bac264e6aba51

SHA256
7055caf42fc7f7334a6f8a1eedfcc857b81e8442f58bf0c7a08bbaccd72d7615

SHA512
e340180bb43d37dab4df585b88076efaaf4662046896a2a45992bc1669d9cb21fa17b51953f83ebfffb8b4fb0ffa14f2a55e805925d096f7e5c8fef10210b5e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\241812e7104cd1e06f11d369e948758a08080223\index.txt

Filesize
157B

MD5
e37b408738231d57326e07f443695278

SHA1
62ad89e98b38be1691eb1e489bca55a0451fb5ee

SHA256
a15f4bfc6ba9ff946645e84b6d926b46088eea25213852e7d660747ba3c4d65f

SHA512
570dc4f1888c3c32641172fd1bb3a823109a2b9fa8fa840f20b155b5364cc4f9d2080b3a43c2ab2b5053c15184ba7a9e73bbde9d83e446e09f80704dffb59cfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\241812e7104cd1e06f11d369e948758a08080223\index.txt~RFe581548.TMP

Filesize
161B

MD5
289a36c4cbfbdd5beb8656ba8a4fac3b

SHA1
684c9bd01a3467722f8528756b68b15cf493c997

SHA256
1000b4d85459e8800cc10f929ee66a0fbc5761dec4edcda3ffb50e0f7ff98b82

SHA512
d148d6a9a3589787cdf40366c7ef376f0dc2b2c7354541067798506cefcf2fba487ff9c123978c7c8315f5c8386be631def9e94fd9a6994e86deb67f9ad9fc04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
168B

MD5
5d19d9fca511882503337da2603ea7c9

SHA1
79f08381d04474a21d9ebd000322eda29a0b1376

SHA256
71770abc365c42a5395a897c16bd5c27b1c23c183cdee710502c621b0e99cbb6

SHA512
9b87c878a895df17ded987a4811ab375bf7a410f20b20808f89ac9c889c46d68bd60750f078ef457a41a1a09257561b5875c13fb7877682849b580357006cb32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580c11.TMP

Filesize
48B

MD5
27d551d7bea9827ee3213d8e35cc4feb

SHA1
98a448562e6ba7ba3dd45a140734bab86d0f42c6

SHA256
d71580a5780a7e1f8ca9e8ab54f1874b1780f1b9b1c66508307ca310f6d69413

SHA512
18fdc3c5a32e1aa8cb9a34b4661ee520787efce104dd50322c1de1eed82534273a07d567963d0ba3db7e77d727c91fecd9adc3c874ed4dd5c711619cf8b033b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
acdd62f5f75c579dfbe684680abf11ef

SHA1
a0ba0be7fd70bcbe082653fecbcf96fc9f55bec1

SHA256
d5254191430c4326d1e4e0b37f2b321a3ca961997265d7f3f0b2cb82d0c1878a

SHA512
39539a554835d83677124e1d7e376807527ba65a23e50d7374a5068c1f27a596351315fe8b43160ce27206f32bdcf46f8a6dbf4f778fa9900ab78c60b3c27330

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
154be1682a1c4ed054f18ab7c1a831a0

SHA1
a8f433496d13a2933b1b95888db533ca366155e9

SHA256
4ef4b3ad4c8777826ea9f70753cca54e3d7e5892eee3db2fa1efacfb6caae286

SHA512
31b6ca1b52d9da17b5a668fd6b573c2d8f9dbc3cf6f6a4321439e874902e5884ad6343a5de48aee358d94576edbb95d69735ea2a2e0ef2914cc59ea7a9236e97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
0fb81e25d39df6d65f18a93cc80ef896

SHA1
467219833d95d32a7a4d31fabf52dd79fd94ee15

SHA256
fb9eeb53a5a52a77819951cdc3f2431ebfa513b00cd6177c7520d86d30e054ca

SHA512
6e9385d200db7d65a503cff07b9f510ed0059a0161d3e64a30dd65d6af5a1d98b95944bcb4bcc35fb6e0ee8f3003f8216afa9e54ce89119715678c36ad297eb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
5bf080b443615f073b3e41678a92f11b

SHA1
5b6e140f2fe5fbc92ccabbf8a7a046029beecb06

SHA256
1ec97516d1e3178122f52736d696d2f7cbf26b5c6969b6614bf0a588714af884

SHA512
32bb5cdac9abe59359afe56375a5aaf68c131cdeb95295078e6671350ff5226216e8f3aa21143faa935823fc1df07d86795e81307bab3bb45cdb9d5ac0125dc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57cb8d.TMP

Filesize
88KB

MD5
ab2a7a0217854a2d84c12494be45aaf1

SHA1
da76ddbcbcd3937bae3eaec8c60d53f1c4cc3dd6

SHA256
c0b6e47454b3e126289e12e396d3d20bda4e8f708c78014314999324a3e3b8e5

SHA512
19cf007eea51ecca4bebd4ac2a9c62ffe0942c5e8f18040ae7af4eaefed4f1db8061809e6612dcb13db84bea5c9a608f02a3fdc1423254bbc56422cfcdaa1158

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request