login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:60::16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bannerhealth.tuition.io/
Effective URL:
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00Eu...
Submission: On September 22 via api (September 22nd 2023, 12:59:27 pm UTC) from US — Scanned from US

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 16 domains to perform 69 HTTP transactions. The main IP is 2603:1036:3000:60::16, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 28.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 30th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	3.161.213.84 3.161.213.84	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
8	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
6	34.225.0.79 34.225.0.79	14618 (AMAZON-AES) (AMAZON-AES)
5	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	99.86.229.82 99.86.229.82	16509 (AMAZON-02) (AMAZON-02)
2	52.217.18.172 52.217.18.172	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:24e... 2600:1f18:24e6:b901:1e89:8cb4:9181:6321	14618 (AMAZON-AES) (AMAZON-AES)
2	104.192.142.23 104.192.142.23	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2600:1f18:24e... 2600:1f18:24e6:b900:b8:f69a:7375:53e1	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.85.151.52 52.85.151.52	16509 (AMAZON-02) (AMAZON-02)
2	2603:1036:300... 2603:1036:3000:60::16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.28.14 40.126.28.14	() ()
2	2606:2800:21f... 2606:2800:21f:3ab5:de35:a4f4:79e0:ff17	() ()
69	18

10 3.161.213.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-84.yul62.r.cloudfront.net

bannerhealth.tuition.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5f (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::5e (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.225.0.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-0-79.compute-1.amazonaws.com

tio-api.tuition.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.51.111 (United States)

ASN13335 (CLOUDFLARENET, US)

tio.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 99.86.229.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-82.iad79.r.cloudfront.net

bannerhealth.legacy.tuition.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.18.172 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tuitionio-production-public-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tuitionio-production-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:1e89:8cb4:9181:6321 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.192.142.23 (United States)

ASN14618 (AMAZON-AES, US)

q7n3gpmqhcp7.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:b8:f69a:7375:53e1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.52 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-52.iad89.r.cloudfront.net

api.tuition.works	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1036:3000:60::16 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.28.14 (None, )

ASN- ()

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:21f:3ab5:de35:a4f4:79e0:ff17 (None, )

ASN- ()

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	tuition.io bannerhealth.tuition.io tio-api.tuition.io bannerhealth.legacy.tuition.io	8 MB
10	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 2466	249 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3606 ekr.zdassets.com — Cisco Umbrella Rank: 4366	221 KB
5	zendesk.com tio.zendesk.com	1 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	9 KB
2	msauthimages.net aadcdn.msauthimages.net	197 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 28	26 KB
2	statuspage.io q7n3gpmqhcp7.statuspage.io — Cisco Umbrella Rank: 515296	6 KB
2	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 3890	305 B
2	amazonaws.com tuitionio-production-public-assets.s3.amazonaws.com tuitionio-production-images.s3.amazonaws.com	37 KB
2	gstatic.com fonts.gstatic.com	65 KB
1	live.com login.live.com
1	tuition.works 1 redirects api.tuition.works	1 KB
1	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 13849
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	13 KB
0	microsoftazuread-sso.com Failed autologon.microsoftazuread-sso.com Failed
69	16

	Domain	Requested by
10	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
10	bannerhealth.tuition.io	bannerhealth.tuition.io
9	bannerhealth.legacy.tuition.io	bannerhealth.tuition.io bannerhealth.legacy.tuition.io
7	static.zdassets.com	bannerhealth.tuition.io static.zdassets.com
6	tio-api.tuition.io	bannerhealth.tuition.io bannerhealth.legacy.tuition.io
5	tio.zendesk.com	static.zdassets.com
4	fonts.googleapis.com	bannerhealth.tuition.io ajax.googleapis.com bannerhealth.legacy.tuition.io client
2	aadcdn.msauthimages.net
2	login.microsoftonline.com	bannerhealth.tuition.io aadcdn.msauth.net
2	q7n3gpmqhcp7.statuspage.io	bannerhealth.legacy.tuition.io q7n3gpmqhcp7.statuspage.io
2	rum.browser-intake-datadoghq.com	bannerhealth.tuition.io
2	fonts.gstatic.com	fonts.googleapis.com
1	login.live.com	login.microsoftonline.com
1	api.tuition.works	1 redirects
1	rum-http-intake.logs.datadoghq.com	bannerhealth.legacy.tuition.io
1	tuitionio-production-images.s3.amazonaws.com	bannerhealth.legacy.tuition.io
1	cdn.jsdelivr.net	client
1	tuitionio-production-public-assets.s3.amazonaws.com
1	ekr.zdassets.com	static.zdassets.com
1	ajax.googleapis.com	bannerhealth.tuition.io
0	autologon.microsoftazuread-sso.com Failed
69	21

This site contains no links.

Subject Issuer	Validity	Valid
tuition.io Amazon RSA 2048 M02	`2023-02-26` - `2024-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tio.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-14` - `2024-04-13`	a year	crt.sh
legacy.tuition.io Amazon RSA 2048 M02	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
*.statuspage.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-26` - `2024-08-23`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-08-30` - `2024-08-30`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-07-29` - `2024-07-29`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-07-02` - `2024-07-02`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02	`2023-03-08` - `2024-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true
Frame ID: D1AB8B91A5E4BDD32635DC76716D8488
Requests: 37 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Frame ID: B05773AD28B541BB5E91930EB9F870F4
Requests: 9 HTTP requests in this frame

Frame: https://bannerhealth.legacy.tuition.io/ember-start
Frame ID: BAD9DCA1A883F3588B1AB4D0DAEE9C00
Requests: 17 HTTP requests in this frame

Frame: https://q7n3gpmqhcp7.statuspage.io/embed/frame
Frame ID: CAB5EED00CAB619592DC061097DDF1A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bannerhealth.tuition.io/ Page URL
https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io HTTP 302
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT... Page URL
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

69
Requests

99 %
HTTPS

50 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

9340 kB
Transfer

18440 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bannerhealth.tuition.io/ Page URL
https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io HTTP 302
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D Page URL
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io HTTP 302
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
bannerhealth.tuition.io/ 4 KB
5 KB 265ms
124ms Document
text/html 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

38ea669feefa27a2240b638998b8477e979602d39d718cbc8099903b46f6a5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 4187
content-type: text/html
date: Fri, 22 Sep 2023 12:59:23 GMT
etag: "b46c52bc860579a483b81c1ba581e54f"
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-amz-cf-id: U-MVtKe50PmHKUcbh6GClJYFndwhEgnS3ivmLvkgWv_9eOmnz4odMg==
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 114ms
36ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 16:30:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 118ms
47ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 12:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:59:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 12:59:22 GMT

GET
H2 200 tailwind-92b3264a00c8df86b9cf164f2dca3278.css
bannerhealth.tuition.io/assets/ 86 KB
86 KB 268ms
266ms Stylesheet
text/css 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/tailwind-92b3264a00c8df86b9cf164f2dca3278.css

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5b36f7c33d4ec4e54d733d11b14e08bd198099308f14db33ebc3eb76160c38d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 87802
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
etag: "92b3264a00c8df86b9cf164f2dca3278"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: unf_UdF1NCQog6ClEx6hmHPVTxiE0IZs0sI4ystspJ1owrSn_lrxiQ==

GET
H2 200 vendor-6a55574089aa7bda8bce9a25135a74c4.css
bannerhealth.tuition.io/assets/ 14 KB
15 KB 118ms
116ms Stylesheet
text/css 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/vendor-6a55574089aa7bda8bce9a25135a74c4.css

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aa782c7d5929cfde55b46473b7a28c0108d3554e26852c7f2a5601fc749a3383

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 14775
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
etag: "6a55574089aa7bda8bce9a25135a74c4"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: I9HHtrSk7i1OYT5ULRFGYLV4quboyueREjz47MyYW1d4D2XUe7CXdw==

GET
H2 200 chunk.143.7501c0c2b47dd66e9041.css
bannerhealth.tuition.io/assets/ 1 KB
2 KB 268ms
266ms Stylesheet
text/css 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/chunk.143.7501c0c2b47dd66e9041.css

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1410
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:09 GMT
server: AmazonS3
etag: "44a53b841248ae85ad2ffb537b9c882f"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: WJ7fa1cPUhlA-IgpZEV9ZDV1h2iS5d3a__Lc3RV_F4T-nmXvdl2tKA==

GET
H2 200 tio-employee-8b700748f32d694eb59c3ee6363f808c.css
bannerhealth.tuition.io/assets/ 406 B
901 B 268ms
266ms Stylesheet
text/css 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/tio-employee-8b700748f32d694eb59c3ee6363f808c.css

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

261e46cbc743d7c2942693a1758ff4e01b87d432412596cd3dd36bd936933d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 406
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
etag: "67ec1ddc5cbe6ae8232eb719ce28055e"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: XFbvE9QD6esHn8ie4nP9ndA6rBEAYrCP_6Eaak1a6apLuk-jndpeJA==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 87ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=b4a45fc6-354a-41ee-b685-57b33d687ad6

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:22 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG72W2QZVQMR1RD
age: 28
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GoVnoy2qF9Dk8kQ+MdMhKfghn0mARE7l9EgbJdLnNNuU43oimKcqsqzdesH+K0MfnzCSaDN4yLTxUfwJSR/6zQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3JoYQ9Y8gukDauDG8ijkspdf5jNwTSbqsxuWgHaWjF69Zfu9POY4ZIEbyTAMAKKJuE6Tm6KfrAsJZ0vslen0eWcJpk9HilYDANiGs1o8GRWZ43yGLAfN%2FNGSKz8T1vMGvPEDAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 80aab987b9d639ef-YYZ

GET
H2 200 vendor-8c3763193f72639a3a48f96488b6c1b7.js Show response
bannerhealth.tuition.io/assets/ 2 MB
2 MB 267ms
265ms Script
application/javascript 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/vendor-8c3763193f72639a3a48f96488b6c1b7.js

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c4f1d76175ef60559d04842f2a2d6449d52e0ad97dbe2bb4e8a730eae802bd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2363119
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
etag: "2d6e2dc6d87ea38ac5082cff4c3b47b4"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: v3ofUzhe8a-JqkvtT-sRYs-qIuw8ZrsprA18tgz8DERtHG8qyW82HQ==

GET
H2 200 chunk.766.dd0dbaf9e8d8b1eefe7e.js Show response
bannerhealth.tuition.io/assets/ 2 MB
2 MB 266ms
265ms Script
application/javascript 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/chunk.766.dd0dbaf9e8d8b1eefe7e.js

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

74152b74e39ae0cee923a4fe42ca0199de83a59804d4e6af90484f8d0cb85c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1945361
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:09 GMT
server: AmazonS3
etag: "57a5c2efeef91009f3548e7754f7cc1d"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: cmwliVpmo07ipvUL9Yv3Ux8XTT-X733d9u9lE0zExJe6Fv8NC3jNbA==

GET
H2 200 chunk.143.7501c0c2b47dd66e9041.js Show response
bannerhealth.tuition.io/assets/ 736 KB
738 KB 237ms
236ms Script
application/javascript 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/chunk.143.7501c0c2b47dd66e9041.js

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

667839eef07b4fb257a282c40d75f653383946a6ec66fdb7447e252099cc3f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 753956
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:09 GMT
server: AmazonS3
etag: "70befc30dac083612d2467d9c2866b21"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: niEiNVik_V8WB1LWeshKntqt4wHKHIHoj7ubAmX8JWzzs6lhxVBuSg==

GET
H2 200 tio-employee-92a2534bddd7c0b7aa409fe8d318f3db.js Show response
bannerhealth.tuition.io/assets/ 1 MB
1 MB 122ms
121ms Script
application/javascript 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/tio-employee-92a2534bddd7c0b7aa409fe8d318f3db.js

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

50a6d4f73938002e2e5d10863e6b53831ed0f85322c37bf40c81c9de602424d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1391876
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
etag: "606958383ea30a6c72523e1066756d23"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: 1VqqQPKag7eQWSr5Ewef377Ll0SB08FJ1uLPtrBP4uw4GeIf9uOaLw==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
681 B 46ms
45ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45303ee70360a339ff987b487dcdc74f484912228fd2d544c2138e9eb91c81de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 12:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 12:59:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 105ms
34ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bannerhealth.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 03:28:15 GMT
x-content-type-options: nosniff
age: 293467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 03:28:15 GMT

GET
H2 200 tio-common-ab5d81d9af5801e5b8846fc20db692f9.css
bannerhealth.tuition.io/assets/ 2 KB
2 KB 121ms
120ms Stylesheet
text/css 3.161.213.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.tuition.io/assets/tio-common-ab5d81d9af5801e5b8846fc20db692f9.css

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/tio-employee-8b700748f32d694eb59c3ee6363f808c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.84 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-213-84.yul62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f9d1bf31fdb6f2915cd5444236c0569e9a8efab69a2dd99b532264854057c273

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/assets/tio-employee-8b700748f32d694eb59c3ee6363f808c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2052
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 14:51:10 GMT
server: AmazonS3
etag: "ab5d81d9af5801e5b8846fc20db692f9"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: Ish_TcSsPtOAqMZXUKaRlCXKXahdQscj9Nfxs_9KM4hTTyJlGrQP2A==

GET
H2 200 b4a45fc6-354a-41ee-b685-57b33d687ad6 Show response
ekr.zdassets.com/compose/ 1 KB
2 KB 161ms
111ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/b4a45fc6-354a-41ee-b685-57b33d687ad6

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b4a45fc6-354a-41ee-b685-57b33d687ad6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e50bd3b2de69f4c825296e31de7a341a525b2ac8669b3980798f27d9b6dc27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:22 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 80a21f2a398c52d7-SEA, 80a21f2a398c52d7-SEA
x-runtime: 0.003393
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4e50bd3b2de69f4c825296e31de7a341"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxKW9gmvveG7x8%2FL8gVdbIfDj1RCL9kakvwn6Rn2FND0hagsJv1CGF1CexvPVrDbsH73eFz4jMSiJuDr%2BgkwSTfP%2F7HfDo2sTiUrMNzXOcCTeTUPY%2BD%2Bw88XfrRLGMGONug%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 80aab98a5d3ea20a-YYZ

OPTIONS
H2 200 bannerhealth
tio-api.tuition.io/preregister/ Frame 0
0 194ms
44ms Preflight 34.225.0.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tio-api.tuition.io/preregister/bannerhealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.0.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-0-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://bannerhealth.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
access-control-max-age: 7200
content-length: 0
date: Fri, 22 Sep 2023 12:59:23 GMT

GET
H2 200 bannerhealth Show response
tio-api.tuition.io/preregister/ 3 KB
3 KB 171ms
171ms Fetch
application/json 34.225.0.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tio-api.tuition.io/preregister/bannerhealth

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/chunk.766.dd0dbaf9e8d8b1eefe7e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.0.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-0-79.compute-1.amazonaws.com

Software

Resource Hash

688fd4894001f7c2131a5991b6b7a64162eed60287f44cbda2932c35486b450c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-api-key: S6WgFNjKzt6wl43B0okfd6ssM1dLFQXg43IUksx2

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 36e32ba7-f5ed-4f0f-829c-638ae67f6f0b
x-runtime: 0.124746
referrer-policy: strict-origin-when-cross-origin
etag: W/"688fd4894001f7c2131a5991b6b7a641"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B057 453 KB
143 KB 45ms
45ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b4a45fc6-354a-41ee-b685-57b33d687ad6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:22 GMT
x-amz-version-id: buuqfOo_4CCc42mcfHh3348fXV_AyXJg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGEA960H2ZYQF44
age: 198599
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nw3jyuhiq3zL/h04RVNKDMzpavlZMPFzJXiZC5xtbC4ZLP8wNgKfpJUyfAiDJwTxU4G8dpyWlQs/4zNcj7R8Pg==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"39c5d5a29a88c9c1a9f281848ad16b16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48msTJ7oag3paDVHX8sEwgEIEBNV9ev1HEDBXBMOVxTEBvGpOkbR9EYsyAS9O5tRC95t1Qs4YmsgievUIdIjbDtT1kurQq6sYek2fSRSXvo99RmJFUdkNLTs3BtITLgvfzTig1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80aab98bef9f39ef-YYZ
expires: Fri, 23 Aug 2024 03:43:40 GMT

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame B057 16 KB
3 KB 34ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-amz-version-id: Gb950S5306bStT2XGhy0_xYQToJJizIu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG5JY3ZKNAS3HE4
age: 198604
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: oNG5Ntj5cIQX9pB+KpoQsWttJQwfnlmqXVnKqc4qOFacRRgtvMtYAbbyB0VHIxcp6lc+OesNPZ4=
last-modified: Thu, 24 Aug 2023 03:43:43 GMT
server: cloudflare
etag: W/"8f649b5684cbdc6de706c3ee378b158a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dphDFmG204ZDeHyWheQCm6eEvt%2Fvdrp5At1zAyCOu6k3KJjrvgq0RJKHrqyfY%2BuGUzCZY9uWUtAW4A0d84T0LSm1U1QYeszCMcJb5sGgfJ79O5jdhlc0GSoVTCSCiBp1Z9weV98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80aab98cd8f839ef-YYZ
expires: Fri, 23 Aug 2024 03:43:42 GMT

GET
H2 200 web-widget-4852-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B057 139 KB
47 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-amz-version-id: nYMPFR.iqtfU72nwkjhPOt8gBbfBzGZl
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGCP8S6B2XHPP58
age: 198604
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: AuT+oKybN4nB5Mvkx1hJIyPo2uNmw4h+GFcZ09JrDffOSm6DbgfQvsDA+ZajPKAAAef06dsu/WA=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"537006977bee3c56b5a5b9900b593d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZqxAi0HKxVvkzk%2FpGUNVJA4Q3iY8XuTaGT1OBtHt6cM%2FPEQEV0jsDWAIU%2FxoPP4EPu5DWwr2kPhBGJ2q9HPbePaUXEcWbLdNWp7NS%2FWm8xhz10RvK8WerNyPNEXcpqBHRjDWvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80aab98cd8fb39ef-YYZ
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-519-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B057 24 KB
8 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-amz-version-id: lxotykkgECMc9LkwVmT9pOhbgN52rwSH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG8J2NZWKC5THX8
age: 198604
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: R7DnfRkHNkNeVzf133PKau52x0bbYErXE9ARK3reS7ZhFughyXOdFEnoYN+aeR8JiM228VrwMk8=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BEQPdO6kdQuKQ7yQpwTiX%2B8x6kugqBW8S6lF3SmZ10mLPewXK2nLV2RrgSJU0zx9%2BDtxABVQ4vYH5x20X%2BkaU8TMdjGmlRauDSliEiN5oEPP9bOy9Fb%2BvIFFMIxSTXJNy%2FjxB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80aab98cd8fc39ef-YYZ
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-5178-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B057 24 KB
7 KB 32ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-amz-version-id: sSav_AkeQS.PdbhOQG5COPnxKLj812h0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG3251STKFQ9FKM
age: 198604
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: h7XGjSKoVV1NTu0NySH/96sHkYopZS8N0VkC4t8Z+gHYYPwTQw8ywrZSrKAYnqVLFFQD4+G2uW0=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPl%2FKlHKVOlJf6BuOh165licKaYwsDrwf%2BjoiI0iikjAMLICiFLkdVYs0kUSGogBTuotwnUjzwmjteldBU9ovx4DpJQov5Ak9gQ%2F%2BT9WuG6%2B9pVimGcagKZ0mx3SfZd%2BdwnBv4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80aab98ce8fd39ef-YYZ
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-9535-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B057 15 KB
6 KB 35ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-amz-version-id: TQwoJrATHBNX6IVnB55aFvI.RS16xjhS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGAMQ4077S2XA66
age: 198604
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uViUx8KmoHCTjqqY2bcVTYL28P1ozHM2jacPeOgTeFTjovWO5ldg/Z/3mt5UGZdrnKSMg+plaf9VHSj1hAlQKA==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"e3df43ad3700a0c6a03da6179cd57460"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s3QfUePcYaNVdCYISwbdm24R5SU0fHb9oDeRsB62zJ5DplUeB3jdhlTjZQi0w28QL7vJHa39%2Fi%2BNKgDtPZN0stDoj%2FwKWlNog%2B79YmEQ0o%2Fxh0u%2FDy3nhv4gUHNR4z0Ef%2FUaUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80aab98ce8ff39ef-YYZ
expires: Fri, 23 Aug 2024 03:43:40 GMT

OPTIONS
H2 204 pv
tio.zendesk.com/frontendevents/ Frame 0
0 126ms
65ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bannerhealth.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 80aab98d8e69a1ea-YYZ
date: Fri, 22 Sep 2023 12:59:23 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtJZ0BBDtlqGEc1YkTSD39ewpZSfct6v1RNr49M7CyW2uAnhXZLvhbPQmoJkmPlf5zXvSfWzK79ujDqmEouT0VnTEe6vim3OSUj3IQmKtM0Vqhm2KRnv95IEnLn1BYGKQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 80aab98d8e69a1ea-YYZ
x-zendesk-zorg: yes

POST
H2 200 pv
tio.zendesk.com/frontendevents/ Frame B057 0
0 59ms
58ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNsg9AwxAI6R%2BBmcu%2FUWwLOMmeIiguFRprRzuMEXv67Vk40DQiPzSeiOmsLMmtuL%2FjJv9zlh%2BjLHGVYzscYlqYoWJAx4VbZq42pwKn74wHyH3cZ4S4oA9lznKEabKlVmcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 80aab98dff00a1ea-YYZ
content-length: 0
x-request-id: 80aab98dff00a1ea-YYZ

GET
H2 200 config Show response
tio.zendesk.com/embeddable/ Frame B057 965 B
1 KB 137ms
76ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94d53ef0708ec00743d9e0c35ab499a23aed440bb025f9f10e5f796a44c0672

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5f964646b6-xxbrg
x-cached: MISS
x-request-id: 80aab98d8e6ba1ea-YYZ
x-runtime: 0.003036
last-modified: Fri, 22 Sep 2023 05:48:08 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0%2FC1gbawQw1QE4a7UGOwGaObM3o8jXyw%2Bnhh7d7oPL%2F%2ByWUPm81ZFk90zImuCFnAHb5uMtFf3TCsPpRnBw54r%2BfB4x0qP6clbj%2FRK1JGzoqCH141iIayxF5ylRfVPzD0w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 80aab98d8e6ba1ea-YYZ

GET
H2 200 conditions Show response
tio-api.tuition.io/preregister/bannerhealth/ 678 B
1 KB 75ms
74ms Fetch
application/json 34.225.0.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tio-api.tuition.io/preregister/bannerhealth/conditions

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/chunk.766.dd0dbaf9e8d8b1eefe7e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.0.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-0-79.compute-1.amazonaws.com

Software

Resource Hash

bd0b610012747ebdd50b04d5b14040c89d6185ad7d1cfa82211740f9e014f782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-api-key: S6WgFNjKzt6wl43B0okfd6ssM1dLFQXg43IUksx2

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: aef73282-a9b5-432c-93c1-5322f9e418b5
x-runtime: 0.022598
referrer-policy: strict-origin-when-cross-origin
etag: W/"bd0b610012747ebdd50b04d5b14040c8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 conditions
tio-api.tuition.io/preregister/bannerhealth/ Frame 0
0 45ms
44ms Preflight 34.225.0.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tio-api.tuition.io/preregister/bannerhealth/conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.0.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-0-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://bannerhealth.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
access-control-max-age: 7200
content-length: 0
date: Fri, 22 Sep 2023 12:59:23 GMT

GET
H2 200 ember-start Show response
bannerhealth.legacy.tuition.io/ Frame BAD9 4 KB
2 KB 241ms
36ms Document
text/html 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/ember-start

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/tio-employee-92a2534bddd7c0b7aa409fe8d318f3db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bbb9df9d0ef6dc90c98a36788a209b743f9a5114d0a0d60195a7e2cda30720e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.tuition.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 774
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 22 Sep 2023 12:46:30 GMT
etag: W/"1d85ddc90b93bc5cc1888dcdeacd2e6f"
last-modified: Thu, 24 Aug 2023 22:37:27 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
x-amz-cf-id: 6HiSkIi5BIiYUAk3KA9AfpAdNe3hdowrfEkgaaFUL2SAoPdBu-MTWw==
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK banner_health_logo.svg.png
tuitionio-production-public-assets.s3.amazonaws.com/uploads/2023/08/25/4a5cc40c-5832-4302-adac-f0562ac35fd8/ 31 KB
31 KB 157ms
70ms Image
image/png 52.217.18.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tuitionio-production-public-assets.s3.amazonaws.com/uploads/2023/08/25/4a5cc40c-5832-4302-adac-f0562ac35fd8/banner_health_logo.svg.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAYTIPZPK7652AQOO6%2F20230922%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230922T125923Z&X-Amz-Expires=900&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEB0aCXVzLWVhc3QtMSJGMEQCIEKj%2Fi0LszEL5JX%2BLr8lSCGwqWB08WZFpwvkhmIDc2zuAiBbfO4EkDfrpuD0WDXMAvTwvbC5BwIKjROoo45OmuyQpSqKBQgWEAQaDDU5MTEyODAwMTIxNSIMms%2F6kdkYfargatrMKucEnub6iXaj%2BgIrbYY1aTS%2BKiSzeZAm38qsc9NkdNu8QvTb1KXE73aadqq%2FT7PES%2B5egjBLtM3DaN0ZW%2BSu3OsOxnEICZwG6ZpX0QudO8MbDcbJ08bK4NHfMXvBgTMdS%2FLsy5S7Up5Yto8EtWUMnJUOtQ1rTqQoLYl4G%2BI%2Bo2KlP084JUqxBqeHYopdNUkYPCCeSzgnFiW7CFJ0jb2GAqlyB0MRIT%2BSbfdSl8yEoHCods0ELZZ40eR7oSH0kw1wtBZGmN%2Fn6dzNDU7mX1jlo7py1Gt6MgsC89JLPoIWii5sY4OhrzpPYjYdt9Jde4yTIKuqlO82VXBVJ0dWshgeAUPvoFHiygK1qBykWl4vwYI4nM9tTIm74%2FwTkB119sIygD5Mk1f9TTKBkDNqrfUNHz5aaZntU5mjxj3fhkvElZNxTuMp%2FtdXImDwK%2FEzIdUJJ9y56LUR75%2B%2B5uf%2FUao3Ti0bWpBWC2CvB%2BXiVV6kJrvhN31jtwW%2BgPGDe0ASNS81n90Z9MyN8AIqILrAm85cRrAGl%2FPUk%2FS%2BBRbAKDGWMVDujF2rvhJInN3ucT%2FbylZHgwIVzCBW%2B4OmRJsN501oBi43br0wXf3Wt3pRd8ZgM2MD3X6nCe0ddQDjnQrgQ%2FCdceWppADBsD9A6Wj%2B2rZ%2FRAqqzUEKtQen24PemHi%2BvZAaZ3fapX35LuDjJGneR255OlRiji4eGDI2vc01%2BlkgPTL47hWVU58Qxu18BSnNNmqfUu%2BLv3f%2FxoZb4qC%2FBKSdpLI3Mer1hrPW4CXvf3n%2Br5qsIGdZq%2Bu41oAmB2NFsk5jHW4OmWl7gMx5MKuftqgGOpsBvSO%2B8tCEHrdT5IKkOiWdu5PhIpbwB0leacf0cO4W97GftuvEMxIni%2FxhPC5tAE%2B9K5DuXsTfzdxy%2B%2FKG5FI8MFgr%2FerL0QNI%2FZpCN0iu6d8%2BJVCB%2FE30X11fn3YXcNtvLV4tqf4V5Y5BJ7pxJH7uAnP7K59nezZJ%2FZuSPJ6Uq%2BZ9GMXMFFuajCfpKu5YfQM5X%2FpzVnXMl44M%2BBg%3D&X-Amz-SignedHeaders=host&X-Amz-Signature=6d66deec9e89164d7770e558ecc22b6b191973fd459fb7b849db66cafb52e076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.172 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13c225901578165f30739f352a04bf47db44fc14bbd535ded28e1304fbc26947

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 12:59:24 GMT
Last-Modified: Fri, 25 Aug 2023 17:37:38 GMT
Server: AmazonS3
x-amz-request-id: X04ZYD3HYG6G64VG
ETag: "7afacf3210f9831d70ff76cec5d04c84"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 31811
x-amz-id-2: 4NnUB78WFSIJSTNPYWBSZ4UIxnToN77cZYEi0T0qz4ShxsfOv5inu5Z9GcHa3icIlHgsd6v7Hi8=

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 53 B
305 B 297ms
75ms Fetch
application/json 2600:1f18:24e6:b901:1e89:8cb4:9181:6321
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.48.2%2Capi%3Afetch&dd-api-key=pub2b0a5007df194a17333ea4bc92733249&dd-evp-origin-version=4.48.2&dd-evp-origin=browser&dd-request-id=3f352c15-8873-4651-b721-756dc0dc9da1&batch_time=1695387563584

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/chunk.766.dd0dbaf9e8d8b1eefe7e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:1e89:8cb4:9181:6321 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bannerhealth.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 css
fonts.googleapis.com/ Frame BAD9 9 KB
975 B 48ms
47ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ea2107bf656126005f1c080359c253eec21c21da412a7f6c8d1e7977ee3bda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 12:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:59:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 12:59:23 GMT

GET
H2 200 app.03242217381fb8044271.js Show response
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 2 MB
203 KB 44ms
43ms Script
application/javascript 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/js/app.03242217381fb8044271.js

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a07a9cfe67bdc784095618e768e7bc86cdb517ad755fc8564c6b4e23b034f1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 05:40:46 GMT
content-encoding: br
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 26318
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:29 GMT
server: AmazonS3
etag: W/"cde6ffea0c5ce57945553ecac05c240d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: US_yoPuYaR7UzwGgD_DWtxS9f4jkdYfHEI5MndaIC-AhSBD3wns96w==

GET
H2 200 1.f6aad8bf4429568ef3c4.js Show response
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 7 MB
2 MB 162ms
160ms Script
application/javascript 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/js/1.f6aad8bf4429568ef3c4.js

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cdffb83ce343c48f78a6583df54956aee5c7502a446f9af1955b56fd508cbbb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 05:40:46 GMT
content-encoding: gzip
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 26318
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:29 GMT
server: AmazonS3
etag: W/"312691029401884ec2ae316a871ab6bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: eubZAe-g-XHPONVWtdkMCA1ZQEEHloV3rlW5ZlGrdIpZVNWJ263Gyg==

GET
H2 200 script.js Show response
q7n3gpmqhcp7.statuspage.io/embed/ Frame BAD9 2 KB
2 KB 285ms
103ms Script
text/javascript 104.192.142.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://q7n3gpmqhcp7.statuspage.io/embed/script.js

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.192.142.23 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

AtlassianEdge /

Resource Hash

b035c3f43c618433403abffd2ac4e6f9d0177dd4b3a4d1ca4a2dae39c894b33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:59:23 GMT
strict-transport-security: max-age=259200
x-content-type-options: nosniff
nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
x-permitted-cross-domain-policies: none
atl-traceid: 8f6a0eac4eb63cb5
x-statuspage-skip-logging: true
x-cache: HIT
x-statuspage-version: e0e9b97dce0e593238cc8925aeab3bd63b7caf13
content-length: 1627
x-xss-protection: 1; mode=block
x-runtime: 0.043588
referrer-policy: strict-origin-when-cross-origin
server: AtlassianEdge
etag: W/"b035c3f43c618433403abffd2ac4e6f9"
x-download-options: noopen
vary: Accept,Accept-Encoding,X-Forwarded-Host,X-Forwarded-Scheme,X-Forwarded-Proto,Fastly-SSL
report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3, public
x-edge-cache-ttl: 3
accept-ranges: bytes
x-pollinator-metadata-service: status-page-web-pages

GET
H2 200 2.c5f9b8b5c27757d5cf41.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 0
43 KB 139ms
138ms Other
application/javascript 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/js/2.c5f9b8b5c27757d5cf41.js

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 05:40:46 GMT
content-encoding: gzip
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 26318
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:29 GMT
server: AmazonS3
etag: W/"fcddedea70aa2e9ecd35193ed9e54d3e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: TSIdJp7i5wauWxYtVDIwf4qrXb3lN67GWBBq8cDfdvci8QnxKShVSQ==

GET
H2 200 3.33690ef00a949c59df16.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 0
8 KB 149ms
148ms Other
application/javascript 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/js/3.33690ef00a949c59df16.js

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 05:40:46 GMT
content-encoding: gzip
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 26318
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:29 GMT
server: AmazonS3
etag: W/"d4846ba3a5825b6e8064e947dcb312e2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: dJ1c4gWLjgu7sbRlAcY6Cz87uGXHFiNl0qJRqfpglUsltoBYo25byA==

GET
H2 200 4.ebde1e0f78179fc49b69.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 0
42 KB 153ms
152ms Other
application/javascript 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/js/4.ebde1e0f78179fc49b69.js

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 05:40:46 GMT
content-encoding: gzip
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 26318
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:29 GMT
server: AmazonS3
etag: W/"f1dcd7c8bd4ac48fd3cbe0e492fd0441"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: CrDb2NLkhmxBX-XvgIDL9qYHqu5UobDPtqlZqz9v2nWoUIrvmq4fzA==

GET
H2 200 frame
q7n3gpmqhcp7.statuspage.io/embed/ Frame CAB5 12 KB
4 KB 114ms
114ms Document
text/html 104.192.142.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://q7n3gpmqhcp7.statuspage.io/embed/frame

Requested by

Host: q7n3gpmqhcp7.statuspage.io
URL: https://q7n3gpmqhcp7.statuspage.io/embed/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.192.142.23 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

AtlassianEdge /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.legacy.tuition.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
atl-traceid: 80e47be5c3aec16f
cache-control: max-age=3, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 12:59:24 GMT
etag: W/"b4b8cee8b12baa17c8aa2484968b901d"
nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
server: AtlassianEdge
strict-transport-security: max-age=259200
vary: Accept,Accept-Encoding,X-Forwarded-Host,X-Forwarded-Scheme,X-Forwarded-Proto,Fastly-SSL
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-edge-cache-ttl: 3
x-permitted-cross-domain-policies: none
x-pollinator-metadata-service: status-page-web-pages
x-runtime: 0.117272
x-statuspage-skip-logging: true
x-statuspage-version: e0e9b97dce0e593238cc8925aeab3bd63b7caf13
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame BAD9 7 KB
850 B 45ms
45ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Material+Icons

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 12:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:59:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 12:59:24 GMT

GET
H2 200 all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.9.0/css/ Frame BAD9 55 KB
13 KB 101ms
32ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.9.0/css/all.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 22 Sep 2023 12:59:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3152180
x-jsd-version: 5.9.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12372
x-served-by: cache-fra-eddf8230123-FRA, cache-nyc-kteb1890028-NYC
x-jsd-version-type: version
etag: W/"da9f-LEMUj333gOi0CjqwnHcPA62/Ea8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK growth.svg
tuitionio-production-images.s3.amazonaws.com/staticImages/mousai/ Frame BAD9 6 KB
6 KB 306ms
70ms Image
image/svg+xml 52.217.18.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tuitionio-production-images.s3.amazonaws.com/staticImages/mousai/growth.svg
Requested by: Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.172 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bannerhealth.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 12:59:25 GMT
x-amz-version-id: avGpWmiw6VRsJFUSTd4.lT.IJT09ZgvY
Last-Modified: Tue, 14 Jul 2020 22:24:58 GMT
Server: AmazonS3
x-amz-request-id: BDKK6ENP7MAB78QH
ETag: "52db0343aebe1456781c0e724a213f62"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5746
x-amz-id-2: KQV9vDtpR6SYrBbLNdm1cOMCjWFwERAZThsbv0s0TMoS6/3kZzeK2uxlGfRmWfszSKcDo5MtfCM=

GET
H2 200 Montserrat-SemiBold.woff2
bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame BAD9 79 KB
79 KB 38ms
37ms Font
font/woff2 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/Montserrat-SemiBold.woff2

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.legacy.tuition.io/ember-start
Origin: https://bannerhealth.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:53:37 GMT
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 72348
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80428
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:28 GMT
server: AmazonS3
etag: "350f79f75959112c709596dfb4193a00"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: rKjEK6RxjZyPY4hy-XqQ_cfQEWnNd6BMZRNezzcfDEqEWdpWk78nQw==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame BAD9 32 KB
32 KB 35ms
34ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bannerhealth.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 03:28:15 GMT
x-content-type-options: nosniff
age: 293469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 03:28:15 GMT

GET
H2 200 Montserrat-Medium.woff2
bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame BAD9 79 KB
80 KB 41ms
40ms Font
font/woff2 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/Montserrat-Medium.woff2

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.legacy.tuition.io/ember-start
Origin: https://bannerhealth.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:53:37 GMT
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 72348
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80908
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:28 GMT
server: AmazonS3
etag: "d8599180ae87d0ecadfe8f086cc51a83"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: I4VDwx-msgfBeOJNmeVM7bwjMhHBihjd35roMJKC9vqG1ttLfoUWiw==

OPTIONS
H2 200 bannerhealth
tio-api.tuition.io/preregister/ Frame 0
0 45ms
44ms Preflight 34.225.0.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tio-api.tuition.io/preregister/bannerhealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.0.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-0-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://bannerhealth.legacy.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
access-control-max-age: 7200
content-length: 0
date: Fri, 22 Sep 2023 12:59:24 GMT

GET
H2 200 bannerhealth
tio-api.tuition.io/preregister/ Frame BAD9 3 KB
3 KB 123ms
123ms XHR
application/json 34.225.0.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tio-api.tuition.io/preregister/bannerhealth

Requested by

Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/static/js/1.f6aad8bf4429568ef3c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.0.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-0-79.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bannerhealth.legacy.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-api-key: S6WgFNjKzt6wl43B0okfd6ssM1dLFQXg43IUksx2

Response headers

date: Fri, 22 Sep 2023 12:59:25 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c71ce7b7-3e89-4a51-93e9-3c7373db76be
x-runtime: 0.076197
referrer-policy: strict-origin-when-cross-origin
etag: W/"a2c8d27da802898ad1f322cce12e6695"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

POST
H2 200 pv
tio.zendesk.com/frontendevents/ Frame B057 0
0 54ms
54ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Sep 2023 12:59:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8v5PsA0yayhfBxk%2BuAWIxevFIzpX00Nrbo%2Bc%2BmFcwJUy8VtdNXAl%2BCR3Czfjr%2BdDxaXy3I7Z2SBy0SVLOKpcJ27pQVpScqaqF5zlaMIb05apT4J5p%2BI3oo6OCWkT4zMOw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 80aab99a1e5ca1ea-YYZ
content-length: 0
x-request-id: 80aab99a1e5ca1ea-YYZ

OPTIONS
H2 204 pv
tio.zendesk.com/frontendevents/ Frame 0
0 65ms
64ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bannerhealth.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 80aab999add7a1ea-YYZ
date: Fri, 22 Sep 2023 12:59:25 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6jZs5jOR0aR1cXFLkyK5B%2FfHAQMtC7Qdv0MY3vRzUoMaCA1GQ%2FWl3ulo5sxTYsQRgsJHkv1TZjJcyQB5HflL1ELUrF5eOZ4C56zg2fTLCPH7f4GSUgR%2FKsjCL6CVXjE%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 80aab999add7a1ea-YYZ
x-zendesk-zorg: yes

GET
H2 200 Montserrat-Regular.woff2
bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame BAD9 79 KB
80 KB 36ms
36ms Font
font/woff2 99.86.229.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/Montserrat-Regular.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-82.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bannerhealth.legacy.tuition.io/ember-start
Origin: https://bannerhealth.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:53:37 GMT
via: 1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 72349
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80876
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 22:37:28 GMT
server: AmazonS3
etag: "a336ad9a19a7a11bb291721ea55db804"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: vWvYrmrYAnHWmVLCWImjnVEZOBW5amgLPegF0KhIu2RAGKYttYwrzQ==

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 139ms
70ms Ping
application/json 2600:1f18:24e6:b901:1e89:8cb4:9181:6321
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.48.2%2Capi%3Abeacon&dd-api-key=pub2b0a5007df194a17333ea4bc92733249&dd-evp-origin-version=4.48.2&dd-evp-origin=browser&dd-request-id=9a4c9c56-b1d4-41f0-badb-3fc5c02b851e&batch_time=1695387565608
Requested by: Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/chunk.766.dd0dbaf9e8d8b1eefe7e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:1e89:8cb4:9181:6321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bannerhealth.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 pub2b0a5007df194a17333ea4bc92733249
rum-http-intake.logs.datadoghq.com/v1/input/ Frame BAD9 0
0 197ms
127ms Ping
application/json 2600:1f18:24e6:b900:b8:f69a:7375:53e1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub2b0a5007df194a17333ea4bc92733249?ddsource=browser&ddtags=sdk_version%3A2.8.1&batch_time=1695387565610&m_time=1695387565611
Requested by: Host: bannerhealth.legacy.tuition.io
URL: https://bannerhealth.legacy.tuition.io/static/js/1.f6aad8bf4429568ef3c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:b8:f69a:7375:53e1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bannerhealth.legacy.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/
Redirect Chain

https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FD...

20 KB
10 KB

301ms
160ms

Document
text/html

2603:1036:3000:60::16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D

Requested by

Host: bannerhealth.tuition.io
URL: https://bannerhealth.tuition.io/assets/tio-employee-92a2534bddd7c0b7aa409fe8d318f3db.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1036:3000:60::16 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d2bcbb363967a7ba88c125dc69f0791c5e07a147f32caf7707066227fbf13f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bannerhealth.tuition.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8917
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Sep 2023 12:59:25 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
x-ms-ests-server: 2.1.16314.5 - NCUS ProdSlices
x-ms-request-id: 7633268a-844b-41dd-8d9c-f614dcfbb500

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: tio-auth-token,tio-algolia-token,tio-refresh-token
content-length: 2356
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 12:59:25 GMT
location: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D
vary: Accept
via: 1.1 4db130e87be66fce9731567ae0669c56.cloudfront.net (CloudFront)
x-amz-apigw-id: LqNjNHkmIAMFvkA=
x-amz-cf-id: oQ3gN1yFZKIFAwYUS5aAKPpEl6x9jJZoQtzpWWaYIGW2Wk6JB-uMtw==
x-amz-cf-pop: IAD89-C3
x-amzn-remapped-content-length: 2356
x-amzn-requestid: 6f466a3a-8453-45a7-896e-7f9a6a4e474a
x-amzn-trace-id: Root=1-650d8fad-5304761a4c0391cd38f415c9;Sampled=0;lineage=4ce009ee:0
x-cache: Miss from cloudfront

GET
H2 200 BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msauth.net/shared/1.0/content/js/ 135 KB
48 KB 296ms
38ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:26 GMT
content-encoding: gzip
x-azure-ref-originshield: 0KSsLZQAAAAAwA2IpNSrwS6Jf2U6jCTl1TU5aMjIxMDYwNjExMDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: Mwomsrfm/E5wVC4ntDZsmw==
x-cache: TCP_HIT
content-length: 48719
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 10:42:33 GMT
etag: 0x8DB82C4B32A50A1
x-azure-ref: 0ro8NZQAAAAC2duG+99V3SIWJ/geE80rGTU5aMjIxMDYwNjE0MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 75f5408b-001e-006b-4bd2-eb5046000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/ 38 KB
16 KB 127ms
127ms Document
text/html 2603:1036:3000:60::16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1036:3000:60::16 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

462777e36dbf87252ae56cdf45ff2446d588be6c2382dee0334501418d00e06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14974
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Sep 2023 12:59:26 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
x-ms-ests-server: 2.1.16314.5 - SCUS ProdSlices
x-ms-request-id: dde8cdf1-7e71-4cbb-ba62-44600640f800

GET
H2 200 converged.v2.login.min_prc91eyu9sqvbxj8tusclg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 109 KB
20 KB 37ms
37ms Stylesheet
text/css 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_prc91eyu9sqvbxj8tusclg2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: afc0898b6e7779ecd64b6a5a5b2626284d3e0316ad79cc45662c6d0158f4b2a1

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:26 GMT
content-encoding: gzip
x-azure-ref-originshield: 0iRoLZQAAAACdCEfopSY8TZbUh4MlSjFGTU5aMjIxMDYwNjEyMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: 130lE3UdeNphf/ypsCLZsw==
x-cache: TCP_HIT
content-length: 20154
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 17:23:18 GMT
etag: 0x8DB99C67D4E04C3
x-azure-ref: 0ro8NZQAAAAA+wSPrGRj8QJGOJRht+NwnTU5aMjIxMDYwNjE0MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6698aca3-401e-006f-484e-e6fc4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 416 KB
115 KB 39ms
38ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2be1191aa91480113eb1796254bf719489de2a478fe0331c78ee7abedb18bd89

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:26 GMT
content-encoding: gzip
x-azure-ref-originshield: 0iRoLZQAAAADWH490C9/HTKWdh2Ze2SzPTU5aMjIxMDYwNjEyMDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: cRDtsBBXh0TgnayAPZMUCw==
x-cache: TCP_HIT
content-length: 117260
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 21:02:39 GMT
etag: 0x8DB99E521F6C34B
x-azure-ref: 0ro8NZQAAAADB5y12DFv8QZ041Q3jgU6NTU5aMjIxMDYwNjE0MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: babdbd7a-001e-007b-549c-e7e064000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 49 KB
15 KB 38ms
38ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:26 GMT
content-encoding: gzip
x-azure-ref-originshield: 0YRQLZQAAAAAwOxmJo5koRI8p6oye341GTU5aMjIxMDYwNjEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: F796jFOPcfyA2yQHgXtB1w==
x-cache: TCP_HIT
content-length: 14540
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 00:28:45 GMT
etag: 0x8DB83381EAF7708
x-azure-ref: 0ro8NZQAAAADwlb5pGrBbTLoIcUOJoy/rTU5aMjIxMDYwNjE0MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7e68f889-001e-0003-699b-e94a75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 296ms
80ms Other
text/html 40.126.28.14

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.28.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_ad69b2c2408c2332edca.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 150ms
43ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_ad69b2c2408c2332edca.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b85f390f8f63c126bf0b6ab72f161ba9793a7f49ead022c97c63ea03ef573a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
content-encoding: gzip
x-azure-ref-originshield: 0GVkLZQAAAAAjZD1XwlAWTKs9QLb1+1YbTU5aMjIxMDYwNjEyMDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: DW8hm6vrNrL3sPWuwsGLoQ==
x-cache: TCP_HIT
content-length: 32264
x-ms-lease-status: unlocked
last-modified: Tue, 01 Aug 2023 23:22:37 GMT
etag: 0x8DB92E631B1EEB2
x-azure-ref: 0r48NZQAAAAC2EY8rYCikRrLMXyI+ghOXTU5aMjIxMDYwNjE0MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0fc0ecdc-001e-0057-3ff1-eb854e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pfetchsessionsprogress_ae8e0b1c20216cc1fee1.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 42ms
42ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae8e0b1c20216cc1fee1.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b44a061481079728bec82d167bc0c663c861e02f111d7ca1a8bc82e90135acce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
content-encoding: gzip
x-azure-ref-originshield: 0qQMLZQAAAAC8dh668Gf5R74xVIohM7+yTU5aMjIxMDYwNjEyMDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: VtWEdEV+G0a30zVTSLUE2A==
x-cache: TCP_HIT
content-length: 5511
x-ms-lease-status: unlocked
last-modified: Fri, 04 Aug 2023 05:51:53 GMT
etag: 0x8DB94AEE7657732
x-azure-ref: 0r48NZQAAAADkeHzNoLDFRY1pAFEaqfAMTU5aMjIxMDYwNjE0MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7687e584-001e-0057-60c6-eb854e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 43ms
42ms Image
image/gif 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
x-azure-ref-originshield: 0vkwLZQAAAACMkzfnM3gySJvZnEurxnHwTU5aMjIxMDYwNjExMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
x-cache: TCP_HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 0r48NZQAAAAAa4652nO71SZFe/O7aM0/RTU5aMjIxMDYwNjE0MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 1c590ddf-d01e-0092-0ad2-eb8600000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 42ms
42ms Image
image/gif 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
x-azure-ref-originshield: 0UwwLZQAAAACv85gKlcQ+QYKshNdsHYIOTU5aMjIxMDYwNjEyMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
x-cache: TCP_HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 0r48NZQAAAACMI4rWbNNhQLYWoS1FOm1nTU5aMjIxMDYwNjE0MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 3511830a-901e-003e-06b8-e6b47f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 illustration
aadcdn.msauthimages.net/dbd5a2dd-hncn8sieuzk0k1g9y-ezsg2qcbgw8m6zyydoi7ohpxc/logintenantbranding/0/ 193 KB
193 KB 155ms
36ms Image
image/* 2606:2800:21f:3ab5:de35:a4f4:79e0:ff17

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/dbd5a2dd-hncn8sieuzk0k1g9y-ezsg2qcbgw8m6zyydoi7ohpxc/logintenantbranding/0/illustration?ts=637329375009955729
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:3ab5:de35:a4f4:79e0:ff17 -, , ASN (),
Reverse DNS
Software: ECAcc (nyb/471B) /
Resource Hash: 40cde6def4fc61c6b62f84cb6b0e108c8b42362970dc9b3a14d14db1abb40361

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
content-md5: Vva7A87LXzLsGxXVsXglKw==
age: 82680
x-cache: HIT
content-length: 197526
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 17:45:01 GMT
server: ECAcc (nyb/471B)
etag: 0x8D83FB09AC56D34
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 55e01cfd-501e-0001-6194-ec1c3e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-hncn8sieuzk0k1g9y-ezsg2qcbgw8m6zyydoi7ohpxc/logintenantbranding/0/ 4 KB
4 KB 220ms
101ms Image
image/* 2606:2800:21f:3ab5:de35:a4f4:79e0:ff17

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/dbd5a2dd-hncn8sieuzk0k1g9y-ezsg2qcbgw8m6zyydoi7ohpxc/logintenantbranding/0/bannerlogo?ts=637329379266606511
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:3ab5:de35:a4f4:79e0:ff17 -, , ASN (),
Reverse DNS
Software: ECAcc (nyb/46D7) /
Resource Hash: 3ef53705d23c72e645048b8312e8931f89f6cb11a2e38eaf19d0d404d369f03b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
content-md5: zUs6gAO+SNDKN+zZpXfNKQ==
age: 82680
x-cache: HIT
content-length: 3884
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 17:52:07 GMT
server: ECAcc (nyb/46D7)
etag: 0x8D83FB1986AB455
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 5441f1aa-901e-006c-2194-eca875000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 49ms
48ms Image
image/gif 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
x-azure-ref-originshield: 0vkwLZQAAAACMkzfnM3gySJvZnEurxnHwTU5aMjIxMDYwNjExMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
x-cache: TCP_HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 0r48NZQAAAAA+2kpXEyTeT7Tj0CFp8rNqTU5aMjIxMDYwNjE0MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 1c590ddf-d01e-0092-0ad2-eb8600000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 48ms
48ms Image
image/gif 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Sep 2023 12:59:27 GMT
x-azure-ref-originshield: 0UwwLZQAAAACv85gKlcQ+QYKshNdsHYIOTU5aMjIxMDYwNjEyMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
x-cache: TCP_HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 0r48NZQAAAACgiKlcHjzuQKH54rVTQPVbTU5aMjIxMDYwNjE0MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 3511830a-901e-003e-06b8-e6b47f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET ssoprobe
autologon.microsoftazuread-sso.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/winauth/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: autologon.microsoftazuread-sso.com
URL: https://autologon.microsoftazuread-sso.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/winauth/ssoprobe?client-request-id=9448c22c-8dfe-4175-860d-0374052b07fa&_=1695387567440

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bannerhealth.legacy.tuition.io/	1970-01-20 14:56:28	Name: _dd_s Value: rum=1&id=fd07c77b-a723-4087-8d02-c6c9691afd6d&created=1695387564519&expire=1695388464519
bannerhealth.tuition.io/	1970-01-20 14:56:28	Name: _dd_s Value: rum=2&id=818b52dd-aa50-4312-a906-2cd5765547f2&created=1695387562819&expire=1695388462819
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 14:56:27	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 15:39:39	Name: buid Value: 0.AQ0A0tzqra86NUiycx6-incm8cj-15w0DkZGrOx4w0Q8w8ANAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEP5bkiOp4sijanMo1m1GeY3iH5sJjqcgSmbpWh-S1lTXRqRgcjh02sHaZjI-5mbTE6BQ7B-_78A1cmmrIXQ2akLhgtn7OF1jFUZIaM2Ydn1SkgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPaYkYgBfAu6ien9V-0dyTWoxNE4PAt8X_Euzbo2CwAoYxpktAilLpt7kxfbwl11HIUeSAh83KraS8CUUHV2XW5j6j5h3w9vR-qZAfswa0vv53qgH1A3a1yZSR2Pj8Uz9DAi3L01A2HRHKYXA-PKzr158VcLBISKJ0OUc1xkd8W2JVlM9LbisSDH0dM4ptxn-sZGmDZc9UFTorlVafBfx5M_he3CCFznuo69dvUTKh3NEgAA
login.microsoftonline.com/	1970-01-20 15:39:39	Name: fpc Value: AjvTRaTra4VOoyTD8_9K8Qh8CQHHAQAAAK6Gn9wOAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
ajax.googleapis.com
api.tuition.works
autologon.microsoftazuread-sso.com
bannerhealth.legacy.tuition.io
bannerhealth.tuition.io
cdn.jsdelivr.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
q7n3gpmqhcp7.statuspage.io
rum-http-intake.logs.datadoghq.com
rum.browser-intake-datadoghq.com
static.zdassets.com
tio-api.tuition.io
tio.zendesk.com
tuitionio-production-images.s3.amazonaws.com
tuitionio-production-public-assets.s3.amazonaws.com
autologon.microsoftazuread-sso.com
104.16.51.111
104.18.70.113
104.192.142.23
2600:1f18:24e6:b900:b8:f69a:7375:53e1
2600:1f18:24e6:b901:1e89:8cb4:9181:6321
2603:1036:3000:60::16
2606:2800:21f:3ab5:de35:a4f4:79e0:ff17
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::5f
2620:1ec:29:1::40
2a04:4e42:400::485
3.161.213.84
34.225.0.79
40.126.28.14
52.217.18.172
52.85.151.52
99.86.229.82
13c225901578165f30739f352a04bf47db44fc14bbd535ded28e1304fbc26947
1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
261e46cbc743d7c2942693a1758ff4e01b87d432412596cd3dd36bd936933d7f
2be1191aa91480113eb1796254bf719489de2a478fe0331c78ee7abedb18bd89
38ea669feefa27a2240b638998b8477e979602d39d718cbc8099903b46f6a5ba
3ef53705d23c72e645048b8312e8931f89f6cb11a2e38eaf19d0d404d369f03b
40cde6def4fc61c6b62f84cb6b0e108c8b42362970dc9b3a14d14db1abb40361
45303ee70360a339ff987b487dcdc74f484912228fd2d544c2138e9eb91c81de
462777e36dbf87252ae56cdf45ff2446d588be6c2382dee0334501418d00e06f
4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d
4e50bd3b2de69f4c825296e31de7a341a525b2ac8669b3980798f27d9b6dc27c
50a6d4f73938002e2e5d10863e6b53831ed0f85322c37bf40c81c9de602424d5
5b36f7c33d4ec4e54d733d11b14e08bd198099308f14db33ebc3eb76160c38d6
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5ea2107bf656126005f1c080359c253eec21c21da412a7f6c8d1e7977ee3bda2
667839eef07b4fb257a282c40d75f653383946a6ec66fdb7447e252099cc3f17
688fd4894001f7c2131a5991b6b7a64162eed60287f44cbda2932c35486b450c
74152b74e39ae0cee923a4fe42ca0199de83a59804d4e6af90484f8d0cb85c89
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a07a9cfe67bdc784095618e768e7bc86cdb517ad755fc8564c6b4e23b034f1d4
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d
aa782c7d5929cfde55b46473b7a28c0108d3554e26852c7f2a5601fc749a3383
afc0898b6e7779ecd64b6a5a5b2626284d3e0316ad79cc45662c6d0158f4b2a1
b035c3f43c618433403abffd2ac4e6f9d0177dd4b3a4d1ca4a2dae39c894b33c
b44a061481079728bec82d167bc0c663c861e02f111d7ca1a8bc82e90135acce
b85f390f8f63c126bf0b6ab72f161ba9793a7f49ead022c97c63ea03ef573a87
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbb9df9d0ef6dc90c98a36788a209b743f9a5114d0a0d60195a7e2cda30720e9
bd0b610012747ebdd50b04d5b14040c89d6185ad7d1cfa82211740f9e014f782
c4f1d76175ef60559d04842f2a2d6449d52e0ad97dbe2bb4e8a730eae802bd5a
cdffb83ce343c48f78a6583df54956aee5c7502a446f9af1955b56fd508cbbb2
d2bcbb363967a7ba88c125dc69f0791c5e07a147f32caf7707066227fbf13f42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
f94d53ef0708ec00743d9e0c35ab499a23aed440bb025f9f10e5f796a44c0672
f9d1bf31fdb6f2915cd5444236c0569e9a8efab69a2dd99b532264854057c273

login.microsoftonline.com Open in urlscan Pro 2603:1036:3000:60::16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

50 %IPv6

16 Domains

21 Subdomains

18 IPs

2 Countries

9340 kBTransfer

18440 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:60::16 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

50 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

9340 kB
Transfer

18440 kB
Size

9
Cookies

69 HTTP transactions
0 data transactions