urlscan.io logo urlscan.io
SecurityTrails logo

sso.nhaschools.com Open in urlscan Pro
3.33.189.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oraclesupport.mynha.com/
Effective URL: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj...
Submission: On June 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 30 HTTP transactions. The main IP is 3.33.189.110, located in United States and belongs to AMAZON-02, US. The main domain is sso.nhaschools.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 4th 2024. Valid for: a year.
This is the only time sso.nhaschools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.248.160.137 16509 (AMAZON-02)
8 52.162.107.2 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 3.33.189.110 16509 (AMAZON-02)
12 108.138.36.91 16509 (AMAZON-02)
1 54.230.228.128 16509 (AMAZON-02)
30 6
1    13.248.160.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa089eb6179d1ae2b.awsglobalaccelerator.com
oraclesupport.mynha.com
8    52.162.107.2 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
support.mynha.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    3.33.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com
sso.nhaschools.com
12    108.138.36.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-91.muc50.r.cloudfront.net
ok11static.oktacdn.com
1    54.230.228.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-128.muc50.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
12 oktacdn.com
ok11static.oktacdn.com — Cisco Umbrella Rank: 16319
1 MB
9 mynha.com
oraclesupport.mynha.com
support.mynha.com
876 KB
5 nhaschools.com
sso.nhaschools.com
47 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
2 KB
1 okta.com
login.okta.com — Cisco Umbrella Rank: 4688
30 6
Domain Requested by
12 ok11static.oktacdn.com sso.nhaschools.com
ok11static.oktacdn.com
8 support.mynha.com support.mynha.com
5 sso.nhaschools.com support.mynha.com
ok11static.oktacdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com client
1 login.okta.com ok11static.oktacdn.com
1 oraclesupport.mynha.com 1 redirects
30 7

This site contains links to these domains. Also see Links.

Domain
nhasupport.cherwellondemand.com
app.sharebase.com
Subject Issuer Validity Valid
*.mynha.com
Entrust Certification Authority - L1K		 2023-09-11 -
2024-10-11		 a year crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
sso.nhaschools.com
Entrust Certification Authority - L1K		 2024-06-04 -
2025-07-04		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Frame ID: A48BEAF2A46D0469C92CF7AA690884ED
Requests: 28 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 9F74B140F5A1CDC728350CE7F68622B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

National Heritage Academies - Anmelden

Page URL History Show full URLs

  1. https://oraclesupport.mynha.com/ HTTP 301
    https://support.mynha.com/start Page URL
  2. https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=Qv... Page URL

Page Statistics

30
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

2044 kB
Transfer

4887 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oraclesupport.mynha.com/ HTTP 301
    https://support.mynha.com/start Page URL
  2. https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://oraclesupport.mynha.com/ HTTP 301
  • https://support.mynha.com/start

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
start
support.mynha.com/
Redirect Chain
  • https://oraclesupport.mynha.com/
  • https://support.mynha.com/start
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/start
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8451db4b2634c71304af2eb3475949450faa829df3849862d8381b038d4e423f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 08 Jun 2024 00:24:28 GMT
ETag
"1dab1d7f9ed2b99"
Last-Modified
Wed, 29 May 2024 14:53:33 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

cache-control
no-store, max-age=0
content-encoding
gzip
content-length
143
content-type
text/html
date
Sat, 08 Jun 2024 00:24:27 GMT
er-request-id
f16689ae0f3bb36ce9cc813d2b41b47f
er-rule-id
r-ea2e373c-67ab-4aab-96a3-c85e70e4fb4a
location
https://support.mynha.com/start
pragma
no-cache
server
EasyRedir
x-content-type-options
nosniff
runtime.46fc029da4542429.js
support.mynha.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/runtime.46fc029da4542429.js
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/start
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25e2adea95a36b8af85327d0a11d0721a17c7ae6032b06dc82ff8e5dcb0ae526

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/start
Origin
https://support.mynha.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2024 14:53:32 GMT
Server
Microsoft-IIS/10.0
ETag
"1dab1d7f9547ae9"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
polyfills.bccc26aa0f3ff2b7.js
support.mynha.com/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/polyfills.bccc26aa0f3ff2b7.js
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/start
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d931592736a274e3f9d65866fdc8fea584039a037b1375055e965de32132baee

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/start
Origin
https://support.mynha.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2024 14:53:32 GMT
Server
Microsoft-IIS/10.0
ETag
"1dab1d7f954fa37"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
main.9a61e1e1a128615c.js
support.mynha.com/ 		2 MB
809 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/main.9a61e1e1a128615c.js
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/start
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d48ebb1ebad28b735d77e781eee06cc0196802aedcbaede165eb85b39dee84f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/start
Origin
https://support.mynha.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2024 14:53:32 GMT
Server
Microsoft-IIS/10.0
ETag
"1dab1d7f94aa8fd"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 08 Jun 2024 00:24:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 08 Jun 2024 00:24:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Jun 2024 00:24:28 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3190e9796e3e6b7bdf421c3864f69fcdcf147379b0e3c16c73488e041f6de805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 08 Jun 2024 00:24:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 23:23:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Jun 2024 00:24:28 GMT
styles.403afda49a9c0eba.css
support.mynha.com/ 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/styles.403afda49a9c0eba.css
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/start
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
997af8a1eea77a67dc4921c717205117bd824ef2bcd89399b7af236ee7c3e49e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/start
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2024 14:53:32 GMT
Server
Microsoft-IIS/10.0
ETag
"1dab1d7f9550301"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://support.mynha.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 17:07:38 GMT
x-content-type-options
nosniff
age
26210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 17:07:38 GMT
Get
support.mynha.com/api/data/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/api/data/Get
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/polyfills.bccc26aa0f3ff2b7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99366d8e20bc22ebd193b5093963670c433196d8852121f8f633ea08903c8dd7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://support.mynha.com/start
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:30 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://support.mynha.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:44:28 GMT
x-content-type-options
nosniff
age
67202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 05:44:28 GMT
nha-logo.svg
support.mynha.com/assets/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.mynha.com/assets/nha-logo.svg
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ea381a0305c6c3af55a478ab8ad1d024da9173b46ef852eae49da348950852b9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:30 GMT
Last-Modified
Mon, 07 Aug 2023 19:22:36 GMT
Server
Microsoft-IIS/10.0
ETag
"1d9c96485a108eb"
X-Powered-By
ASP.NET
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
28395
openid-configuration
sso.nhaschools.com/oauth2/default/.well-known/ 		3 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.nhaschools.com/oauth2/default/.well-known/openid-configuration
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/polyfills.bccc26aa0f3ff2b7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af77c9e516730cc51.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Okta-User-Agent-Extended
okta-auth-js/7.4.0 @okta/okta-angular-root/0.1.0 Angular/16.1.8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://support.mynha.com/
sec-ch-ua-platform
"Win32"

Response headers

X-Okta-Request-Id
ZmOkvvLr_xd_6y8xpvUHXQAABe8
Date
Sat, 08 Jun 2024 00:24:31 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; connect-src 'self' nha.okta.com nha-admin.okta.com sso.nhaschools.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; frame-src 'self' nha.okta.com nha-admin.okta.com sso.nhaschools.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nha.okta.com sso.nhaschools.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://support.mynha.com
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Sun, 09 Jun 2024 00:24:31 GMT
openid-configuration
sso.nhaschools.com/oauth2/default/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sso.nhaschools.com/oauth2/default/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af77c9e516730cc51.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://support.mynha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://support.mynha.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sat, 08 Jun 2024 00:24:30 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
ZmOkvvLr_xd_6y8xpvUHWgAABe8
favicon.ico
support.mynha.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://support.mynha.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.162.107.2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e5419ef2eaf4dcd35f390313271a74c4dc5e2802bf07bc8cc88f338f6525390

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://support.mynha.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:30 GMT
Last-Modified
Mon, 07 Aug 2023 19:22:36 GMT
Server
Microsoft-IIS/10.0
ETag
"1d9c96485a1627e"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
1150
Primary Request authorize
sso.nhaschools.com/oauth2/default/v1/ 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Requested by
Host: support.mynha.com
URL: https://support.mynha.com/main.9a61e1e1a128615c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af77c9e516730cc51.awsglobalaccelerator.com
Software
nginx /
Resource Hash
9b97ad3ac162261c05c3e3a9661f86da7a5f6403177e712a4d88283b596c73cf
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://support.mynha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 08 Jun 2024 00:24:31 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-security-policy-report-only
default-src 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; connect-src 'self' nha.okta.com nha-admin.okta.com sso.nhaschools.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; frame-src 'self' nha.okta.com nha-admin.okta.com sso.nhaschools.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nha.okta.com sso.nhaschools.com data: *.oktacdn.com fonts.gstatic.com
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
ZmOkv5cGqY8YCg8JKteAPAAADwo
x-rate-limit-limit
6000
x-rate-limit-remaining
5999
x-rate-limit-reset
1717806331
x-ua-compatible
IE=edge
x-xss-protection
0
okta-sign-in.min.js
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/js/ 		2 MB
484 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/js/okta-sign-in.min.js
Requested by
Host: sso.nhaschools.com
URL: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
9c72b080b6c8dc3e0dd3dd7851e898a0f2e9a6213b3898e7f32816ad663a6da1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 21:31:25 GMT
x-amz-meta-sha1sum
f0e0f51ae27c249ac59c719a35d886af522fbdfd
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
269586
x-cache
Hit from cloudfront
last-modified
Tue, 04 Jun 2024 20:55:59 GMT
server
nginx
etag
W/"91a94e583b9e4d75fa4126c81face87f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
hQieOjwKdoOWQnl8QmYOFlCTAmWe3YqdN1V-K7qRVua6yqGBqQfBAQ==
expires
Wed, 04 Jun 2025 21:31:25 GMT
okta-sign-in.min.css
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/css/ 		218 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/css/okta-sign-in.min.css
Requested by
Host: sso.nhaschools.com
URL: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
14de5dd5998b33bf4a423b9c8f15f1e1eb99582e24d7e6adbcb0eee3bcb7e145
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 21:31:24 GMT
x-amz-meta-sha1sum
72da30851a5c886598ed973f64414909ee8f3339
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
269586
x-cache
Hit from cloudfront
last-modified
Tue, 04 Jun 2024 20:55:14 GMT
server
nginx
etag
W/"66ace45fa05073e480dae5cc5e7c73d5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
H9rFcy5Pb50LBMh5qGl0nb7TDXFPHvQhBwr9t9VGX5oWu97z-eEKLg==
expires
Wed, 04 Jun 2025 21:31:24 GMT
custom-signin.73947dcedbe30f708373f1b3405f6417.css
ok11static.oktacdn.com/assets/loginpage/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Requested by
Host: sso.nhaschools.com
URL: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
35d16198401d1fd985775d017f4a337e2a74c215
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Mon, 03 Jun 2024 17:48:59 GMT
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
369332
x-cache
Hit from cloudfront
last-modified
Thu, 14 Mar 2024 00:01:49 GMT
server
nginx
etag
W/"73947dcedbe30f708373f1b3405f6417"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
c4DlTnN0JFc--TMw2tnSdFCrSBgdYdCQAdQ_JvOjezCC6LJwTrihQQ==
expires
Tue, 03 Jun 2025 17:48:59 GMT
fs0dbp5e2scwbfu5U4x7
ok11static.oktacdn.com/fs/bco/1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok11static.oktacdn.com/fs/bco/1/fs0dbp5e2scwbfu5U4x7
Requested by
Host: sso.nhaschools.com
URL: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
2e36501f1d1d317284ad500a015d6173e7e4b0f7c9b1c38d83429a6d8bf6f918
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 23:48:57 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
779734
x-cache
Hit from cloudfront
content-length
4456
last-modified
Thu, 22 Jun 2023 17:05:25 GMT
server
nginx
etag
"70a68b0a2980d34da1f03c3f8abb50df"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
6tcHP6Egj1lO5_vfkD9nAQrt263LvM7urIvf1JEyZoG6Zpb4W-llng==
expires
Thu, 29 May 2025 23:48:57 GMT
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok11static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 18:32:27 GMT
x-amz-meta-sha1sum
91eca02abf11239ec4af7a30b1da6e2610f1b9a6
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
1317125
x-cache
Hit from cloudfront
last-modified
Thu, 09 Nov 2023 00:25:32 GMT
server
nginx
etag
W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
hS4Qgabf33cjFawPcT2aAvXE5h6J90Y28Q21BHKiTLW3iDa0N63E4g==
expires
Fri, 23 May 2025 18:32:27 GMT
fs0dbp5e3x6uwhrDu4x7
ok11static.oktacdn.com/fs/bco/7/ 		297 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok11static.oktacdn.com/fs/bco/7/fs0dbp5e3x6uwhrDu4x7
Requested by
Host: sso.nhaschools.com
URL: https://sso.nhaschools.com/oauth2/default/v1/authorize?client_id=0oa5f82a4poglPTID4x7&code_challenge=QvEMXhjFXhz3hmTPZlYiuj7oDBmp-JcQon5-GiYdLSw&code_challenge_method=S256&nonce=qtvc1KyEhkLhxYHPoEh9FxqYYI2hkALFauOxeFud95aWrk1aN6h8G2fgr2hX4Hu4&redirect_uri=https%3A%2F%2Fsupport.mynha.com%2Flogin%2Fcallback&response_type=code&state=gpd8T3sTLV8Gn77nybLSR7htZxfAGRxCfXI0XzJfSesGzCFBhpELfcB45ULoXhLa&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
34966f20306b8312335ca32e301a0e5df613e1e97f595091880e367fcfecb653
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sso.nhaschools.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 12:03:05 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
994887
x-cache
Hit from cloudfront
content-length
304166
last-modified
Thu, 22 Jun 2023 17:05:26 GMT
server
nginx
etag
"28ba37cb7bbf7fc12851b791bdeab3ed"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
v55QE8zd8rnXwyOX9sDg5a0Q09DYSSp6EnE8vNjeKZmEN9ZZW0nCPg==
expires
Tue, 27 May 2025 12:03:05 GMT
login_de.json
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/labels/json/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/labels/json/login_de.json
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
c72d18b9c0efac5a6844a75651a7ab5163152cf5e371e4cff8750b447dec9e98
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain
accept
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 21:57:54 GMT
x-amz-meta-sha1sum
3b77d149eee503d29a2cc275a2da551ea2e6289c
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
267998
x-cache
Hit from cloudfront
content-length
117214
last-modified
Tue, 04 Jun 2024 20:56:04 GMT
server
nginx
etag
"d80a0c3392392948c28563c965b793c9"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
eet8G5xVCo_0CBGMXQuYgUOHLIOzsn911Plol5iMjn_K-g1AzjORQw==
expires
Wed, 04 Jun 2025 21:57:54 GMT
country_de.json
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/labels/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/labels/json/country_de.json
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain
accept
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 21:57:54 GMT
x-amz-meta-sha1sum
251dd1ccca4c80570aee52db71eed703ac579ad8
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
267998
x-cache
Hit from cloudfront
content-length
4805
last-modified
Tue, 04 Jun 2024 20:56:03 GMT
server
nginx
etag
"51bec6463b4f7c5a26ede1fd8ee067f8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
FNM2LwsoP9E2d_JEpkqGsLYuJz1c5LA7hYezT8uEoKJ9FfU1DovBDA==
expires
Wed, 04 Jun 2025 21:57:54 GMT
iframe.html
login.okta.com/discovery/ Frame 9F74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
32591
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Fri, 07 Jun 2024 15:21:22 GMT
ETag
"b84c759c61e4500dec73d24345856b08"
Last-Modified
Thu, 06 Jun 2024 15:21:17 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 fdac4411ecb7b0a694eea0076a271eb2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wF--m27dHNjLKc3yZ7PLI2aZ5_cA5vQb_PpmyKCy1_deEJrPfFepkw==
X-Amz-Cf-Pop
MUC50-P5
X-Cache
Hit from cloudfront
introspect
sso.nhaschools.com/idp/idx/ 		23 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.nhaschools.com/idp/idx/introspect
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af77c9e516730cc51.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c9dabe15cfa0b3269043496e9e8cd0d77e4b1237ad390a3a6fb72da20461051e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.18.1
Accept-Language
de
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0
Accept
application/ion+json; okta-version=1.0.0
sec-ch-ua-platform-version
"10.0.0"
Referer
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
ZmOkwJcGqY8YCg8JKteAQQAADwo
Date
Sat, 08 Jun 2024 00:24:32 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-rate-limit-limit
10000
x-content-type-options
nosniff
x-rate-limit-remaining
9999
content-security-policy-report-only
default-src 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; connect-src 'self' nha.okta.com nha-admin.okta.com sso.nhaschools.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com nha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; style-src 'unsafe-inline' 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com; frame-src 'self' nha.okta.com nha-admin.okta.com sso.nhaschools.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' nha.okta.com sso.nhaschools.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' nha.okta.com sso.nhaschools.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://sso.nhaschools.com
x-rate-limit-reset
1717806332
access-control-allow-credentials
true
cache-control
no-cache, no-store
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=99
expires
0
checkbox-sign-in-widget.png
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/css/okta-sign-in.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 21:31:25 GMT
x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
269587
x-cache
Hit from cloudfront
content-length
3141
last-modified
Tue, 04 Jun 2024 20:55:56 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
5DTQ-nYtdAWvg1OifTu12k0oBUCtUR34iJJbVeUZ-Ye3i1gphms10g==
expires
Wed, 04 Jun 2025 21:31:25 GMT
proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok11static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ok11static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 23:30:39 GMT
x-amz-meta-sha1sum
dd4beda27e8057403b27d1276ca9d68902692615
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
1126433
x-cache
Hit from cloudfront
content-length
20328
last-modified
Thu, 09 Nov 2023 00:27:09 GMT
server
nginx
etag
"27429b092c0595aa8803b611bd7508f3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
XWWohIUNBYv5JlecncGooWxPNTkyIX_PbFMYCLBs591d5C0NXBz9xw==
expires
Sun, 25 May 2025 23:30:39 GMT
proximanova-reg-webfont.353416ed0ff540352235.woff2
ok11static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ok11static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 04:06:07 GMT
x-amz-meta-sha1sum
2b5fcd8431953c44e410d0489899e74f6d2cfecc
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
937105
x-cache
Hit from cloudfront
content-length
20416
last-modified
Thu, 09 Nov 2023 00:26:36 GMT
server
nginx
etag
"d99a7377dabb55772ca9f986b0a04b57"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
0uUNuSia1_2uLizfaDKiglcIdrGINrbSl3XlnbWL7PYB2aSYThqlmQ==
expires
Wed, 28 May 2025 04:06:07 GMT
okticon.woff
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/font/okticon.woff
Requested by
Host: ok11static.oktacdn.com
URL: https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.1/css/okta-sign-in.min.css
Origin
https://sso.nhaschools.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 21:31:26 GMT
x-amz-meta-sha1sum
4d706297987d613a4e3f4f23d08c62d16830845d
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
269586
x-cache
Hit from cloudfront
content-length
20600
last-modified
Tue, 04 Jun 2024 20:55:51 GMT
server
nginx
etag
"db28723126138387cdf40680e6e0fa5d"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
PKesZFM-r6EIKm9rctyxKX38i1kz8LfEmKwRTIoH4CdL4x7EzcqotQ==
expires
Wed, 04 Jun 2025 21:31:26 GMT
favicon.ico
sso.nhaschools.com/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.nhaschools.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af77c9e516730cc51.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform-version
"10.0.0"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 00:24:32 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 21 May 2024 22:42:58 GMT
Server
nginx
etag
W/"5430-1716331378000"
Content-Type
image/x-icon
Connection
Keep-Alive
accept-ranges
bytes
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=98
Content-Length
5430

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser

5 Cookies

Domain/Path Name / Value
.support.mynha.com/ Name: ARRAffinity
Value: dd6af558f7714238fe3a80d1f60c5b7b7bcaf5d0c29fbd88bf296cdd796f82e9
.support.mynha.com/ Name: ARRAffinitySameSite
Value: dd6af558f7714238fe3a80d1f60c5b7b7bcaf5d0c29fbd88bf296cdd796f82e9
sso.nhaschools.com/ Name: t
Value: blue-dark
sso.nhaschools.com/ Name: DT
Value: DI1sHNFcvJeSDuhBaXMS5aJ-Q
sso.nhaschools.com/ Name: JSESSIONID
Value: 58C694A4F22D2D54623A51169BA79225

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.okta.com
ok11static.oktacdn.com
oraclesupport.mynha.com
sso.nhaschools.com
support.mynha.com
108.138.36.91
13.248.160.137
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
3.33.189.110
52.162.107.2
54.230.228.128
14de5dd5998b33bf4a423b9c8f15f1e1eb99582e24d7e6adbcb0eee3bcb7e145
25e2adea95a36b8af85327d0a11d0721a17c7ae6032b06dc82ff8e5dcb0ae526
2e36501f1d1d317284ad500a015d6173e7e4b0f7c9b1c38d83429a6d8bf6f918
3190e9796e3e6b7bdf421c3864f69fcdcf147379b0e3c16c73488e041f6de805
34966f20306b8312335ca32e301a0e5df613e1e97f595091880e367fcfecb653
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3d48ebb1ebad28b735d77e781eee06cc0196802aedcbaede165eb85b39dee84f
3e5419ef2eaf4dcd35f390313271a74c4dc5e2802bf07bc8cc88f338f6525390
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
8451db4b2634c71304af2eb3475949450faa829df3849862d8381b038d4e423f
99366d8e20bc22ebd193b5093963670c433196d8852121f8f633ea08903c8dd7
997af8a1eea77a67dc4921c717205117bd824ef2bcd89399b7af236ee7c3e49e
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
9b97ad3ac162261c05c3e3a9661f86da7a5f6403177e712a4d88283b596c73cf
9c72b080b6c8dc3e0dd3dd7851e898a0f2e9a6213b3898e7f32816ad663a6da1
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c72d18b9c0efac5a6844a75651a7ab5163152cf5e371e4cff8750b447dec9e98
c9dabe15cfa0b3269043496e9e8cd0d77e4b1237ad390a3a6fb72da20461051e
d931592736a274e3f9d65866fdc8fea584039a037b1375055e965de32132baee
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
ea381a0305c6c3af55a478ab8ad1d024da9173b46ef852eae49da348950852b9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa