Report - performancemanager4.successfactors.com/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1

Report Overview

Submitted URL
performancemanager4.successfactors.com/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1
IP
96.6.19.112
ASN
#16625 AKAMAI-AS
Submitted
2022-09-29 12:55:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
shib.oit.duke.edu	513268	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.6 kB	298 kB	152.3.72.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
beacon.oit.duke.edu	793749	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.1 kB	11 MB	152.3.100.240
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
performancemanager4.successfactors.com	20679	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	12 kB	96.6.19.112
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	660 B	2.0 kB	172.64.155.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.36.24.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	shib.oit.duke.edu/idp/authn/external?conversation=e1s1	5.1 kB	2023-03-08	2023-08-08
Pretty URL shib.oit.duke.edu/idp/authn/external?conversation=e1s1 IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-08-08 21:12:15 Times Seen3 Hash 78bf31cfe79691e4f42a56c4107893e0 dcf715759068c362c4748811c86c4b662f83befb b14618e118cbb93b0abe68358220f3a074ca7b4fda09e83b6a1295c54bed8860 Loading...

	performancemanager4.successfactors.com/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js	7.1 kB	2023-03-08	2023-03-10
Pretty URL performancemanager4.successfactors.com/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js IP 96.6.19.112 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-03-10 23:01:55 Times Seen1 Hash 40cf11764d0b0987aba407d3addc9448 6ded812fae67ff516ac64605ef608251e14ca9a0 7e6379700b493a70d66cb2af4adc231a22dc68968ac8b57a87485b3ae2ccdfa8 Loading...

	performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d	75 B	2023-03-08	2023-03-12
Pretty URL performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d IP 96.6.19.112 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-03-12 22:50:56 Times Seen1 Hash a3809b9426afcf3d91add7e6ae8c0673 dc6c2b5c68cc46abac15b54973202f26ac33a34f 1280e31d8f53d5dd100211cf32da521b6d8d3deeb32eba2033c323e0f33a1ad3 Loading...

	performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d	44 B	2023-03-08	2023-09-22
Pretty URL performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d IP 96.6.19.112 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-09-22 19:12:31 Times Seen4 Hash 0261424a186bb8fdeae4a082dff17bd7 3aa9d55498a96845d59ee9a3e4b8d9fc037620ee 30bbdf42a2550af12a8acf7836f831ea5cfe6e6e645901ae53dc5752718dd82b Loading...

	shib.oit.duke.edu/idp/js/boomerang-oit.js	42 kB	2023-03-08	2023-08-08
Pretty URL shib.oit.duke.edu/idp/js/boomerang-oit.js IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-08-08 21:12:15 Times Seen4 Hash 4096ecf4075c0dd5f61e39e6dde0d5d3 4a1fcc101b0f3435112d7bbba05da7b0355fd523 65f6e1aa6535b391426d610736fc92fb244002b7430fbadcd3b6a2892222b8a5 Loading...

	shib.oit.duke.edu/idp/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL shib.oit.duke.edu/idp/js/jquery-3.2.1.min.js IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 07:56:42 Times Seen60781 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	shib.oit.duke.edu/idp/authn/external?conversation=e1s1	1.7 kB	2023-03-08	2023-03-08
Pretty URL shib.oit.duke.edu/idp/authn/external?conversation=e1s1 IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-03-08 03:28:55 Times Seen1 Hash 95c85ae763b297f7111609d0c2a0da23 836965d38ffddaca9a8e51cd911105a6ca93c6c8 e84b40f998e3c0d2fbc7df5e447a1728fe9eb192af3b193735c2ea454e2bfa93 Loading...

	shib.oit.duke.edu/idp/authn/external?conversation=e1s1	25 B	2023-03-08	2023-08-08
Pretty URL shib.oit.duke.edu/idp/authn/external?conversation=e1s1 IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-08-08 21:12:15 Times Seen3 Hash 7124e8a7194d3c4ee4a901beae2018b0 1ca58ba0736ef575a52ab20d9d985079056924aa 6c04c9e9c5528d71b1ff71a78cac0c7e71234d1e07bb48c7ba9e8871adeba155 Loading...

	performancemanager4.successfactors.com/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js	12 kB	2023-03-08	2023-05-29
Pretty URL performancemanager4.successfactors.com/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js IP 96.6.19.112 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-05-29 01:51:06 Times Seen2 Hash 89f67066907046c68fe028cd9866cba0 4481a05e071af29dd2da9bdeb0c08b2b924f6dfb 2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02 Loading...

	shib.oit.duke.edu/idp/authn/external?conversation=e1s1	486 B	2023-03-08	2023-08-08
Pretty URL shib.oit.duke.edu/idp/authn/external?conversation=e1s1 IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-08-08 21:12:15 Times Seen3 Hash 44be68b718396f0baf953740995677ce dd3d09060ae9ddf0389d7b5e3b880fd901a8b3a5 fba2147a923a866a21f90c1505fa0778f3fe82176f2013c35ebc9497fc8d5c34 Loading...

	shib.oit.duke.edu/idp/authn/external?conversation=e1s1	3.8 kB	2023-03-08	2023-08-08
Pretty URL shib.oit.duke.edu/idp/authn/external?conversation=e1s1 IP 152.3.72.35 ASN #13371 DUKE-INTERCHANGE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:28:55 Last Seen2023-08-08 21:12:15 Times Seen2 Hash 06aadab2f95268933cfbf8a3f7eaa98a 7c5773008e2a54ba90f66c24343b93a7aac78777 8e4565aa4a4296c05a29276ea59a34e68a18c88b732ea950e64a8c1b031626e3 Loading...

HTTP Transactions (50)

	URL	IP	Response	Size
	firefox.settings.services.mozilla.com/v1/	143.204.55.27	200 OK	939 B
URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/ IP 143.204.55.27:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 1b3053fa528e28810f8a2cc9284cc921 cca9eb471d941881a6b9a1793aecb6c281908f6a a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 29 Sep 2022 12:15:52 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Wy7sd0CxDDksKozwqv6yJTeAaHllhrLRmfGgVzfO-cCvtt8XdQvZxg== Age: 2391

	performancemanager4.successfactors.com/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1	96.6.19.112	302 Found	0 B
URL HTTP/2 performancemanager4.successfactors.com/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1 IP 96.6.19.112:0 ASN #16625 AKAMAI-AS File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /sf/emailjobtofriend?jobId=204423&company=dukeuniverP1 HTTP/1.1 Host: performancemanager4.successfactors.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 302 Found content-length: 0 optr_cxt: 01000100000756b126-3ff6-11ed-9af7-c3729fdd3ced00000000-0000-0000-0000-000000000001-1 HTTP ; x-unique-id: 5581e2f5590a2208c73a5f0967628125 x-event-id: EVENT-UNKNOWN-UNKNOWN-ob3abe231s-20220929085543-1087984 pragma: no-cache cache-control: no-store,no-cache expires: Thu, 29 Sep 2022 12:55:43 GMT location: /saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d server: Successfactors strict-transport-security: max-age=31536000; includeSubDomains x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-itr-target-cluster: defaultCluster x-itr-server: 5a5b08f38e82cad0fc57f2f0259c75a63d8a2758 date: Thu, 29 Sep 2022 12:55:43 GMT set-cookie: route=249b98aee44909b0f59698a4504916d0303d7e0d; Path=/; Secure; HttpOnly; SameSite=None OptierRQUUID=0756b126-3ff6-11ed-9af7-c3729fdd3ced; Max-Age=30; Expires=Thu, 29-Sep-2022 12:56:13 GMT; Path=/ %2Fsf%2Femailjobtofriend-markFromServer=true; Max-Age=60; Expires=Thu, 29-Sep-2022 12:56:43 GMT JSESSIONID=E66F724EA8E4ABD6BDF52178C7A4121B.pc4bcf342t; Path=/; Secure; HttpOnly; SameSite=None deeplinkCookieKey=%2fsf%2femailjobtofriend%3fjobId%3d204423%26company%3ddukeuniverP1; Path=/; Secure; HttpOnly; SameSite=None X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7fb7c70f7f4e2cee27eb0e7d875931f7 98fca3817a551b1daecebae103a48e718b8b5a53 2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349" Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19078 Expires: Thu, 29 Sep 2022 18:13:41 GMT Date: Thu, 29 Sep 2022 12:55:43 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain	143.204.55.35	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP 143.204.55.35:0 ASN #16509 AMAZON-02 File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Thu, 29 Sep 2022 05:28:28 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: mVYCBbxaMXd8Ir7_07n6_gb-Q5JbCVH03qnnMXljXkBEZhxSsWqEpw== age: 26836 X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 29 Sep 2022 12:55:43 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d	96.6.19.112	200 OK	1.7 kB
URL HTTP/2 performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d IP 96.6.19.112:0 ASN #16625 AKAMAI-AS File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (986) Size 1.7 kB (1683 bytes) Hash 2484774f165555960a6407a96b18e2a3 5ca7bf20dbc32ef450736a4506fab4d60515f829 6fb7799291c3e22dfd952bfb318bbad4579dcfde138d6924c63fbb5ae179e34c HTTP Headers GET /saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d HTTP/1.1 Host: performancemanager4.successfactors.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: route=249b98aee44909b0f59698a4504916d0303d7e0d; OptierRQUUID=0756b126-3ff6-11ed-9af7-c3729fdd3ced; JSESSIONID=E66F724EA8E4ABD6BDF52178C7A4121B.pc4bcf342t; deeplinkCookieKey=%2fsf%2femailjobtofriend%3fjobId%3d204423%26company%3ddukeuniverP1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 200 OK content-type: text/html;charset=UTF-8 optr_cxt: 0100010000078206f0-3ff6-11ed-9af7-c3729fdd3ced00000000-0000-0000-0000-000000000001-1 HTTP ; x-unique-id: 5a84e97d3ec7776796360fd736cbc36b x-event-id: EVENT-UNKNOWN-UNKNOWN-ob3abe231s-20220929085543-1087986 cache-control: no-store,no-cache pragma: no-cache, no-cache expires: Thu, 29 Sep 2022 12:55:43 GMT, Wed, 31 Dec 1969 23:59:59 GMT x-request-stats: SQLT=1&CCON=0&FWR=0&NRE=0&CEXT=0&ST=1664456143884&EID=EVENT-UNKNOWN-UNKNOWN-ob3abe231s-20220929085543-1087986&CLOC=0&CREM=0&NWR=0&CPU=30&SVT=35&SQLC=2&SCPU=0&CSUP=2&MEM=10758&UCPU=30&FRE=0 server: Successfactors strict-transport-security: max-age=31536000; includeSubDomains x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-itr-target-cluster: defaultCluster x-itr-server: 5a5b08f38e82cad0fc57f2f0259c75a63d8a2758 location: date: Thu, 29 Sep 2022 12:55:44 GMT content-length: 1683 X-Firefox-Spdy: h2

	performancemanager4.successfactors.com/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js	96.6.19.112	200 OK	2.7 kB
URL HTTP/2 performancemanager4.successfactors.com/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js IP 96.6.19.112:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (533) Size 2.7 kB (2721 bytes) Hash 0cee2b601f0085ca82e01f1cfd895c18 54c7a44886bf3d203a69219cf6093b113df4f0ba 1b3e63deed8e6abd4f8b5871da0335a062eb60b51efea235aae27eb0aed43486 HTTP Headers GET /ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js HTTP/1.1 Host: performancemanager4.successfactors.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d Connection: keep-alive Cookie: route=249b98aee44909b0f59698a4504916d0303d7e0d; OptierRQUUID=0756b126-3ff6-11ed-9af7-c3729fdd3ced; JSESSIONID=E66F724EA8E4ABD6BDF52178C7A4121B.pc4bcf342t; deeplinkCookieKey=%2fsf%2femailjobtofriend%3fjobId%3d204423%26company%3ddukeuniverP1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK content-type: application/javascript last-modified: Sat, 22 Jan 2022 05:39:17 GMT vary: Accept-Encoding server: Successfactors strict-transport-security: max-age=31536000; includeSubDomains x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin content-encoding: gzip location: content-length: 2721 unused62: 8096267 cache-control: public, max-age=314464136 expires: Thu, 16 Sep 2032 04:04:40 GMT date: Thu, 29 Sep 2022 12:55:44 GMT X-Firefox-Spdy: h2

	performancemanager4.successfactors.com/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js	96.6.19.112	200 OK	4.4 kB
URL HTTP/2 performancemanager4.successfactors.com/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js IP 96.6.19.112:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (540) Size 4.4 kB (4421 bytes) Hash f7f20d4e44b80e5415c21cd8999bbd3d 052cd5ee379230ae132c0aeb89f436531988836f 5582ca4776307f097ba5e7f36b23c85c7e628e1611704f3d47b57b7adb5f9af3 HTTP Headers GET /ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js HTTP/1.1 Host: performancemanager4.successfactors.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://performancemanager4.successfactors.com/saml2/Login?company=dukeuniverP1&RelayState=/sf/emailjobtofriend?jobId=204423&company=dukeuniverP1&_s.crb=pOcM7lMWi1vjVfaJEUPMRSGFJ%252fviOvdftbBQO2fBygw%253d Connection: keep-alive Cookie: route=249b98aee44909b0f59698a4504916d0303d7e0d; OptierRQUUID=0756b126-3ff6-11ed-9af7-c3729fdd3ced; JSESSIONID=E66F724EA8E4ABD6BDF52178C7A4121B.pc4bcf342t; deeplinkCookieKey=%2fsf%2femailjobtofriend%3fjobId%3d204423%26company%3ddukeuniverP1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK content-type: application/javascript last-modified: Sat, 21 May 2022 05:13:49 GMT vary: Accept-Encoding server: Successfactors strict-transport-security: max-age=31536000; includeSubDomains x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin content-encoding: gzip location: content-length: 4421 cache-control: public, max-age=312612867 expires: Wed, 25 Aug 2032 17:50:11 GMT date: Thu, 29 Sep 2022 12:55:44 GMT X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	143.204.55.27	200 OK	329 B
URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 143.204.55.27:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Thu, 29 Sep 2022 12:29:33 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Thu, 29 Sep 2022 13:26:20 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: imLFlM2OAH8SYw-D3ARB92y9iB1rO2Nl8AHa-Y8mEI8gvT77MWsI_w== Age: 1571

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash f09cb223e3dc028c58cf32c2274c3766 ca7f1663a1200941986e786353ed2f3ff50bd0b2 9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6094 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Thu, 29 Sep 2022 12:55:44 GMT Last-Modified: Thu, 29 Sep 2022 11:14:10 GMT Server: ECS (ska/F707) X-Cache: HIT Content-Length: 471`

	ocsp.usertrust.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.usertrust.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 0c77ae5d717d95c88e3e3a6d61591b5f 3ade23be361798dea9389e81306ffd100ae2a876 22f3572caa2ea642e7b306311b33a07be43777b8c733ab8ee71dc558c062f44f HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 29 Sep 2022 12:55:44 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 28 Sep 2022 08:31:38 GMT Expires: Wed, 05 Oct 2022 08:31:37 GMT Etag: "3ade23be361798dea9389e81306ffd100ae2a876" Cache-Control: max-age=575321,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7524dff828ffb500-OSL

	push.services.mozilla.com/	52.36.24.174	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.36.24.174:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 7Wa0+mvXDL31EOGFijdO4w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: IBRJXoN5Gi9cNVwg70RYtdVCAxA=`

	shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJdb9sgFIb%2FisU9YJOki1GcKltULdK2Wo3Xi91MBI4XNBs8Dizbv6%2FjpFN30d7C%2B3F4DqvbP32X%2FYaA1ruKFCwnGTjtjXU%2FKvK1uaNLcrteoeo7MchNikf3AL8SYMxGo0N5ualICk56hRalUz2gjFruN58%2FScFyOQQfvfYdybaj0ToVp7JjjANKzvFoD8zbyEz6CQxM4tYMfDS1tgN%2BThH8AYwNoCPf7%2B9JdueDhmmYirSqQyDZbluR76Vp50LcaFqWZU7nh0VLVfFO06USN6qFmdAHM0oRE%2BwcRuViRUQuBM1LKsqmEHKxkPMZW5azbySrr2O%2Ft%2B6C4603Hi4ilB%2Bbpqb1%2Fb4h2eMz1lFArhDl1B5e0ns7WCFCOAMj62dgp9OJYdIaEFulow%2FItO%2F5GV9ydlxmXaz4y7Z%2FC%2Fwyxu%2B2te%2Bs%2Fpttus6fPgRQESoSQ4IJbK%2Fi6wMVrJhOrKHtJJXJ4QDathYM4etr7f8%2FZf0E&RelayState=%2Fsf%2Femailjobtofriend%3FjobId%3D204423&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=WNzF91rwQjnsqcHZsoYTQgruRWbuq1PSagMxiTas5Ll6fbg8OBPSFTy62JukUgqQQXJ%2BQXw0lyFY8gXqH0EOkATF9niMh2gy99Sm76Wwp1GqSrfh4RRYTm%2F4W2cPCaxEBLo4%2F%2BnYtT%2FehEBtXOG86yWd3FN8xhLtUIfAtuWCUjQ%3D	152.3.72.35	302 302	0 B
URL HTTP/1.1 shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJdb9sgFIb%2FisU9YJOki1GcKltULdK2Wo3Xi91MBI4XNBs8Dizbv6%2FjpFN30d7C%2B3F4DqvbP32X%2FYaA1ruKFCwnGTjtjXU%2FKvK1uaNLcrteoeo7MchNikf3AL8SYMxGo0N5ualICk56hRalUz2gjFruN58%2FScFyOQQfvfYdybaj0ToVp7JjjANKzvFoD8zbyEz6CQxM4tYMfDS1tgN%2BThH8AYwNoCPf7%2B9JdueDhmmYirSqQyDZbluR76Vp50LcaFqWZU7nh0VLVfFO06USN6qFmdAHM0oRE%2BwcRuViRUQuBM1LKsqmEHKxkPMZW5azbySrr2O%2Ft%2B6C4603Hi4ilB%2Bbpqb1%2Fb4h2eMz1lFArhDl1B5e0ns7WCFCOAMj62dgp9OJYdIaEFulow%2FItO%2F5GV9ydlxmXaz4y7Z%2FC%2Fwyxu%2B2te%2Bs%2Fpttus6fPgRQESoSQ4IJbK%2Fi6wMVrJhOrKHtJJXJ4QDathYM4etr7f8%2FZf0E&RelayState=%2Fsf%2Femailjobtofriend%3FjobId%3D204423&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=WNzF91rwQjnsqcHZsoYTQgruRWbuq1PSagMxiTas5Ll6fbg8OBPSFTy62JukUgqQQXJ%2BQXw0lyFY8gXqH0EOkATF9niMh2gy99Sm76Wwp1GqSrfh4RRYTm%2F4W2cPCaxEBLo4%2F%2BnYtT%2FehEBtXOG86yWd3FN8xhLtUIfAtuWCUjQ%3D IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJdb9sgFIb%2FisU9YJOki1GcKltULdK2Wo3Xi91MBI4XNBs8Dizbv6%2FjpFN30d7C%2B3F4DqvbP32X%2FYaA1ruKFCwnGTjtjXU%2FKvK1uaNLcrteoeo7MchNikf3AL8SYMxGo0N5ualICk56hRalUz2gjFruN58%2FScFyOQQfvfYdybaj0ToVp7JjjANKzvFoD8zbyEz6CQxM4tYMfDS1tgN%2BThH8AYwNoCPf7%2B9JdueDhmmYirSqQyDZbluR76Vp50LcaFqWZU7nh0VLVfFO06USN6qFmdAHM0oRE%2BwcRuViRUQuBM1LKsqmEHKxkPMZW5azbySrr2O%2Ft%2B6C4603Hi4ilB%2Bbpqb1%2Fb4h2eMz1lFArhDl1B5e0ns7WCFCOAMj62dgp9OJYdIaEFulow%2FItO%2F5GV9ydlxmXaz4y7Z%2FC%2Fwyxu%2B2te%2Bs%2Fpttus6fPgRQESoSQ4IJbK%2Fi6wMVrJhOrKHtJJXJ4QDathYM4etr7f8%2FZf0E&RelayState=%2Fsf%2Femailjobtofriend%3FjobId%3D204423&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=WNzF91rwQjnsqcHZsoYTQgruRWbuq1PSagMxiTas5Ll6fbg8OBPSFTy62JukUgqQQXJ%2BQXw0lyFY8gXqH0EOkATF9niMh2gy99Sm76Wwp1GqSrfh4RRYTm%2F4W2cPCaxEBLo4%2F%2BnYtT%2FehEBtXOG86yWd3FN8xhLtUIfAtuWCUjQ%3D HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/1.1 302 302 Date: Thu, 29 Sep 2022 12:55:44 GMT Server: Apache Cache-Control: no-store Expires: Set-Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204; Path=/idp; Secure; HttpOnly Pragma: Strict-Transport-Security: max-age=0 Location: /idp/profile/SAML2/Redirect/SSO?execution=e1s1 Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1	152.3.72.35	302 302	0 B
URL HTTP/1.1 shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/1.1 302 302 Date: Thu, 29 Sep 2022 12:55:44 GMT Server: Apache Cache-Control: no-store Expires: Pragma: Strict-Transport-Security: max-age=0 Location: /idp/authn/external?conversation=e1s1 Content-Length: 0 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/authn/external?conversation=e1s1	152.3.72.35	200 200	19 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/authn/external?conversation=e1s1 IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (302) Size 19 kB (19323 bytes) Hash afeb77b35a90668825f11bb137f1c9d7 690e4c91280bcb41f6f490006be3816e0683dbc9 f7bf5246b4f2341b49ca20698f569fbb31d311aa5619475f4780c8e1636b4671 HTTP Headers `GET /idp/authn/external?conversation=e1s1 HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Transfer-Encoding: chunked`

	shib.oit.duke.edu/idp/css/fonts.css	152.3.72.35	200 200	38 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/css/fonts.css IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type ASCII text, with very long lines (432) Size 38 kB (37917 bytes) Hash 1ff3fbbf6490417fb0dc8d76520acbd0 0b302ca48a88e5f9c9171739dfbb085c82abf3bf fbbe6b4fb770b8a4c5860451df8ded85f57254ce6536e19d638801fbf477c4d1 HTTP Headers `GET /idp/css/fonts.css HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"37917-1627470034000" Last-Modified: Wed, 28 Jul 2021 11:00:34 GMT Content-Type: text/css;charset=UTF-8 Content-Length: 37917 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/css/shib.css	152.3.72.35	200 200	3.7 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/css/shib.css IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type ASCII text Size 3.7 kB (3659 bytes) Hash 089b998c4d980a8f4e921209ad96b66b 9f9da91418b17291503f941bdc7ce60f7f572a97 010bdfefb185378d585e58113f8afc7c741d0d45ee510a23e2fbd4a525f03d4f HTTP Headers `GET /idp/css/shib.css HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"3659-1627470034000" Last-Modified: Wed, 28 Jul 2021 11:00:34 GMT Content-Type: text/css;charset=UTF-8 Content-Length: 3659 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/css/login.css	152.3.72.35	200 200	4.7 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/css/login.css IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type ASCII text Size 4.7 kB (4741 bytes) Hash b02dc36a28332a0e3eb2dd404f627b94 b5f1f94da9783203e11bcdde8b7573bc5c2e1ffe 79bff0a1b00536f7f3ca283294e4a6a6382ce3cb68c55318d6cf5ff5b647d3f6 HTTP Headers `GET /idp/css/login.css HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"4741-1627470034000" Last-Modified: Wed, 28 Jul 2021 11:00:34 GMT Content-Type: text/css;charset=UTF-8 Content-Length: 4741 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/js/boomerang-oit.js	152.3.72.35	200 200	42 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/js/boomerang-oit.js IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type C source, ASCII text, with very long lines (32034) Size 42 kB (41997 bytes) Hash 4096ecf4075c0dd5f61e39e6dde0d5d3 4a1fcc101b0f3435112d7bbba05da7b0355fd523 65f6e1aa6535b391426d610736fc92fb244002b7430fbadcd3b6a2892222b8a5 HTTP Headers `GET /idp/js/boomerang-oit.js HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"41997-1627470036000" Last-Modified: Wed, 28 Jul 2021 11:00:36 GMT Content-Type: application/javascript;charset=UTF-8 Content-Length: 41997 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 139d64e28724086d1d5ab6d2f534ff25 2c717905e83564a17bd8ca61dd934133416f629b a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00" Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4694 Expires: Thu, 29 Sep 2022 14:13:59 GMT Date: Thu, 29 Sep 2022 12:55:45 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 139d64e28724086d1d5ab6d2f534ff25 2c717905e83564a17bd8ca61dd934133416f629b a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00" Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4694 Expires: Thu, 29 Sep 2022 14:13:59 GMT Date: Thu, 29 Sep 2022 12:55:45 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg	34.120.237.76	200 OK	4.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.1 kB (4093 bytes) Hash aed4d25286420a1405c3274931194002 c17c7bdfa4b40f9a0634da65c610869e5c410bf1 f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4093 x-amzn-requestid: 4275d743-8507-4fbe-83d1-cc0da2adef7b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZMKoPHCMIAMF7wQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6334be34-5ddb717430e7b38e3ee53657;Sampled=0 x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:48 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: H713oiiX6wslZytV_P5NblH5vT7KZ2fv1G3DLKLrH5nw0lHOquia4w== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 21:40:48 GMT etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1" content-type: image/jpeg age: 54897 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (14073 bytes) Hash 11594ce7500d8776bfd5162b17f87d72 72603efba82d649ce5a7a0ca45dc830c0d9ef012 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 14073 x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZMKnpEsJoAMFlBQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0 x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 21:41:45 GMT etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012" content-type: image/jpeg age: 54840 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10023 bytes) Hash f4505f57697072468da82e0b536d0d5b e1067a2dfbc22e7eb196046d57bd1e17604dba75 b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10023 x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZMK4dHJLIAMFWmg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0 x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 21:40:43 GMT age: 54902 etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg	34.120.237.76	200 OK	3.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.3 kB (3332 bytes) Hash 6ac86079d2901fb11bfaff81d91bb2d2 4fc0699c763f67a2602b4b3f46b8b4013d2049c6 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3332 x-amzn-requestid: 34214e89-7232-4fd5-9257-adf231670681 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZDb3vGkOIAMFVhg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63314031-3056111d48a5027a2062ad1b;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 06:01:21 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: VosALWNOhCfUDfo2bXgYE0Cx2duyHRaLb5DCn9IydXtoIsYyg9vWhA== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 21:49:13 GMT age: 54392 etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg	34.120.237.76	200 OK	7.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.9 kB (7859 bytes) Hash c62a6368c456e9614ca4c8e360a2ef12 35ec6e80d324bb215796c590a7ffafbaea55d88e 90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7859 x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZIlO4FcBoAMFy0w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google date: Thu, 29 Sep 2022 07:36:34 GMT age: 19151 etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8754 bytes) Hash 556ea631652cbb77ff38dbe3bbc8c4d1 ba797da9b2d6942161fa02a0e431de4868b84327 130dab67cb6d80c741a7f2dadfd536bd6900204880dc3b68b2afbfa53dd3d781 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8754 x-amzn-requestid: 175fc592-ed89-44fb-8cf7-8a4404f59d4b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZC5OcHKkIAMFafA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633108c2-2c0c36007bc8bcb56a54e8a1;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 02:04:50 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: -AhTOJwgY3-DnA_pYXdBL18wPP_fNeyDmZjkdkQ2J-xrBZSyRcdK3Q== via: 1.1 71e7943ea0729c284a06faa05a567236.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 20:59:31 GMT age: 57374 etag: "ba797da9b2d6942161fa02a0e431de4868b84327" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	shib.oit.duke.edu/idp/js/jquery-3.2.1.min.js	152.3.72.35	200 200	87 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/js/jquery-3.2.1.min.js IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type ASCII text, with very long lines (32058) Size 87 kB (86659 bytes) Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de HTTP Headers `GET /idp/js/jquery-3.2.1.min.js HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"86659-1627470036000" Last-Modified: Wed, 28 Jul 2021 11:00:36 GMT Content-Type: application/javascript;charset=UTF-8 Content-Length: 86659 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/img/dukelogo-white.png	152.3.72.35	200 200	7.2 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/img/dukelogo-white.png IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 284 x 98, 8-bit/color RGBA, non-interlaced\012- data Size 7.2 kB (7184 bytes) Hash a4609170e32457f102e4dcceaff95c86 5f3b5fd684f017d6ae72b9ea1320363ab46776d7 cf985ff20a778554fe674150eaeaff989639128204717a576acdd2c5875fb703 HTTP Headers `GET /idp/img/dukelogo-white.png HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:46 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"7184-1627470036000" Last-Modified: Wed, 28 Jul 2021 11:00:36 GMT Content-Type: image/png;charset=UTF-8 Content-Length: 7184 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive`

	shib.oit.duke.edu/idp/font/Open-Sans-regular/Open-Sans-regular.woff2	152.3.72.35	200 200	10 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/font/Open-Sans-regular/Open-Sans-regular.woff2 IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type Web Open Font Format (Version 2), TrueType, length 10352, version 1.6554\012- data Size 10 kB (10352 bytes) Hash 4124088fdd8c315a6d096b65b6cbf428 0477e48f455cbfe729f90389d3fd8aaca6cc483b 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7 HTTP Headers `GET /idp/font/Open-Sans-regular/Open-Sans-regular.woff2 HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/css/fonts.css Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:46 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"10352-1627470034000" Last-Modified: Wed, 28 Jul 2021 11:00:34 GMT Content-Type: font/woff2;charset=UTF-8 Content-Length: 10352 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive`

	shib.oit.duke.edu/favicon.ico	152.3.72.35	200 OK	4.3 kB
URL HTTP/1.1 shib.oit.duke.edu/favicon.ico IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size 4.3 kB (4286 bytes) Hash 00589cfcba88fe0941c83e3784e233cb 97ae097170bddcd72c32df9060170b785416eefe 5f09b7f371c1ef4318993f4466cc4313216f61b8dfac28297f00775b73708314 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Thu, 29 Sep 2022 12:55:46 GMT Server: Apache Last-Modified: Mon, 24 Jul 2017 11:48:05 GMT ETag: "10be-5550ec9b421bf" Accept-Ranges: bytes Content-Length: 4286 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: image/vnd.microsoft.icon`

	shib.oit.duke.edu/idp/font/font-awesome/fontawesome-webfont.woff2?v=4.7.0	152.3.72.35	200 200	77 kB
URL HTTP/1.1 shib.oit.duke.edu/idp/font/font-awesome/fontawesome-webfont.woff2?v=4.7.0 IP 152.3.72.35:0 ASN #13371 DUKE-INTERCHANGE File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Size 77 kB (77160 bytes) Hash af7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe HTTP Headers GET /idp/font/font-awesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: shib.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://shib.oit.duke.edu/idp/css/fonts.css Cookie: JSESSIONID=72FA72E35EC5787CF681A5EC6D6E0204 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 200 Date: Thu, 29 Sep 2022 12:55:46 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Expires: 0 Pragma: no-cache Accept-Ranges: bytes ETag: W/"77160-1627470036000" Last-Modified: Wed, 28 Jul 2021 11:00:36 GMT Content-Type: font/woff2;charset=UTF-8 Content-Length: 77160 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive`

	ocsp.usertrust.com/	172.64.155.188	200 OK	471 B
URL HTTP/1.1 ocsp.usertrust.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash ecc66d0d758b1a86ed7fac0effaf719f b8e3723f581845a3eb42b81044d17d60600e8955 22e51c0328ed1813765cd5deca7b3550f86b7d6fd2af5e22c3ac939c1b11adc3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 29 Sep 2022 12:55:46 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 29 Sep 2022 08:12:46 GMT Expires: Thu, 06 Oct 2022 08:12:45 GMT Etag: "b8e3723f581845a3eb42b81044d17d60600e8955" Cache-Control: max-age=588247,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: MISS Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7524e005baadb500-OSL

	beacon.oit.duke.edu/images/image-l.gif?t=16644561436270.15313319414190618	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561436270.15313319414190618 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561436270.15313319414190618 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561442480.6168983187745991	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561442480.6168983187745991 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561442480.6168983187745991 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561443820.8704117125206482	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561443820.8704117125206482 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561443820.8704117125206482 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561445160.0746004953985776	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561445160.0746004953985776 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561445160.0746004953985776 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561446590.5375583764590905	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561446590.5375583764590905 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561446590.5375583764590905 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561447960.2833234068637117	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561447960.2833234068637117 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561447960.2833234068637117 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561449290.24674626532216226	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561449290.24674626532216226 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561449290.24674626532216226 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561450630.9636229631699227	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561450630.9636229631699227 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561450630.9636229631699227 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:47 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561451960.15792622215278262	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561451960.15792622215278262 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561451960.15792622215278262 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:48 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-l.gif?t=16644561453300.9687208816462084	152.3.100.240	200 OK	35 B
URL HTTP/1.1 beacon.oit.duke.edu/images/image-l.gif?t=16644561453300.9687208816462084 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type GIF image data, version 87a, 1 x 1\012- data Size 35 B (35 bytes) Hash cfea9e094d58b54abf242e795f0b913f cbeee1f89a77b67897eea9a54c0ac6b75c18d4b6 b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d HTTP Headers `GET /images/image-l.gif?t=16644561453300.9687208816462084 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:48 GMT Content-Type: image/gif Content-Length: 35 Last-Modified: Fri, 18 Feb 2022 16:41:20 GMT Connection: keep-alive ETag: "620fcc30-23" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-0.png?t=16644561454640.9558743532390116	152.3.100.240	200 OK	12 kB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-0.png?t=16644561454640.9558743532390116 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 174 x 108, 8-bit/color RGB, non-interlaced\012- data Size 12 kB (11483 bytes) Hash 5bad66448273d89d4b9668821cc3a35b a8ef060f18d8e30a6120dcf778fdabc54a0c048e 08660f15d924ee09aa01c135c9cc5c35d42f50faa1837361924e3a78b42d1cd0 HTTP Headers `GET /images/image-0.png?t=16644561454640.9558743532390116 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:48 GMT Content-Type: image/png Content-Length: 11483 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-2cdb" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-1.png?t=16644561455890.7173596583775794	152.3.100.240	200 OK	41 kB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-1.png?t=16644561455890.7173596583775794 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 355 x 221, 8-bit/color RGB, non-interlaced\012- data Size 41 kB (40658 bytes) Hash 29ee8ca4c3f1e057a3669c6ca04b1f1e c5cc8b2f694d97759337b055f72ca88d1666c698 fe7f9aa5f63db7465589dc2376dc98769c65a7744bba988375aacfc24ad27709 HTTP Headers `GET /images/image-1.png?t=16644561455890.7173596583775794 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:48 GMT Content-Type: image/png Content-Length: 40658 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-9ed2" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-2.png?t=16644561458360.5127880205149785	152.3.100.240	200 OK	165 kB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-2.png?t=16644561458360.5127880205149785 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 296 x 185, 8-bit/color RGB, non-interlaced\012- data Size 165 kB (164897 bytes) Hash 8cb930fb18ceb28de2f9dd89d50369e6 8ce7b62566954e4b8b0487bb95e61581d73e01df a2d28bff78fdcb50d1449242373bdc8472d6cc30bf25587df305e1d17be7a9dd HTTP Headers `GET /images/image-2.png?t=16644561458360.5127880205149785 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:48 GMT Content-Type: image/png Content-Length: 164897 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-28421" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-3.png?t=16644561461990.834312044775006	152.3.100.240	200 OK	382 kB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-3.png?t=16644561461990.834312044775006 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 450 x 282, 8-bit/color RGB, non-interlaced\012- data Size 382 kB (381756 bytes) Hash 7783b2ddf76c414ef7aa44fd62d9a51a 9f2bc509521edbc35b1891b2776846bc9ef461b8 21fcbb9454380f8bbc39aa9c8a652c0e1473c3ec497a44564abcfbc140936575 HTTP Headers `GET /images/image-3.png?t=16644561461990.834312044775006 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:49 GMT Content-Type: image/png Content-Length: 381756 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-5d33c" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-4.png?t=16644561464470.001422592481550411	152.3.100.240	200 OK	1.2 MB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-4.png?t=16644561464470.001422592481550411 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 810 x 507, 8-bit/color RGB, non-interlaced\012- data Size 1.2 MB (1234664 bytes) Hash 3a5f7ed47e8ba2e1015f6628665608d5 7cb56205e4ed311952f7f56adab28f5397d438bb f8332fed0f38cc90c1b90764743b37160efc87f64efec6cbb8e273ee2cce3afd HTTP Headers `GET /images/image-4.png?t=16644561464470.001422592481550411 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:49 GMT Content-Type: image/png Content-Length: 1234664 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-12d6e8" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-5.png?t=16644561468420.47994733897958486	152.3.100.240	200 OK	4.5 MB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-5.png?t=16644561468420.47994733897958486 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 1550 x 968, 8-bit/color RGB, non-interlaced\012- data Size 4.5 MB (4509613 bytes) Hash 18b99b3b1cbe791dd13247d87479ddae 599f7e55c9a1de1b274724d77e6b5ac4ad76179c 945a90ce8435a670f63de148b2cc4c38a8e9cee8a55dbeba677f430fddf62858 HTTP Headers `GET /images/image-5.png?t=16644561468420.47994733897958486 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:49 GMT Content-Type: image/png Content-Length: 4509613 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-44cfad" Accept-Ranges: bytes`

	beacon.oit.duke.edu/images/image-5.png?t=16644561482280.92351733715423	152.3.100.240	200 OK	4.5 MB
URL HTTP/1.1 beacon.oit.duke.edu/images/image-5.png?t=16644561482280.92351733715423 IP 152.3.100.240:0 ASN #13371 DUKE-INTERCHANGE File type PNG image data, 1550 x 968, 8-bit/color RGB, non-interlaced\012- data Size 4.5 MB (4509613 bytes) Hash 18b99b3b1cbe791dd13247d87479ddae 599f7e55c9a1de1b274724d77e6b5ac4ad76179c 945a90ce8435a670f63de148b2cc4c38a8e9cee8a55dbeba677f430fddf62858 HTTP Headers `GET /images/image-5.png?t=16644561482280.92351733715423 HTTP/1.1 Host: beacon.oit.duke.edu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://shib.oit.duke.edu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Thu, 29 Sep 2022 12:55:51 GMT Content-Type: image/png Content-Length: 4509613 Last-Modified: Fri, 18 Feb 2022 16:41:19 GMT Connection: keep-alive ETag: "620fcc2f-44cfad" Accept-Ranges: bytes`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations