login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:18::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sonoraquest.tuition.io/
Effective URL:
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097...
Submission: On January 25 via api (January 25th 2024, 11:09:44 pm UTC) from US — Scanned from US

Summary HTTP 68 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 68 HTTP transactions. The main IP is 2603:1036:3000:18::3, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 16th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	18.67.76.62 18.67.76.62	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.225.70.29 3.225.70.29	14618 (AMAZON-AES) (AMAZON-AES)
6	99.86.229.58 99.86.229.58	16509 (AMAZON-02) (AMAZON-02)
1	54.231.235.161 54.231.235.161	16509 (AMAZON-02) (AMAZON-02)
5	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	52.216.34.81 52.216.34.81	16509 (AMAZON-02) (AMAZON-02)
1 1	52.85.151.18 52.85.151.18	16509 (AMAZON-02) (AMAZON-02)
4	2603:1036:300... 2603:1036:3000:18::3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1f18:24e... 2600:1f18:24e6:b901:4066:ca37:bb63:d2fc	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b	15133 (EDGECAST) (EDGECAST)
10	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.24.147 40.126.24.147	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	() ()
1	2603:1037:1:8::4 2603:1037:1:8::4	() ()
68	21

10 18.67.76.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-62.iad89.r.cloudfront.net

sonoraquest.tuition.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.225.70.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-70-29.compute-1.amazonaws.com

tio-api.tuition.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.229.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-58.iad79.r.cloudfront.net

sonoraquest.legacy.tuition.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.235.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tuitionio-production-public-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

tio.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.34.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tuitionio-production-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-18.iad89.r.cloudfront.net

api.tuition.works	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:1036:3000:18::3 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:4066:ca37:bb63:d2fc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:21f:1b88:6342:f8de:86c:e98b (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.24.147 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:11f:1cb7:261b:1f9c:2074:3c (None, )

ASN- ()

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1037:1:8::4 (None, )

ASN- ()

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	tuition.io sonoraquest.tuition.io tio-api.tuition.io — Cisco Umbrella Rank: 903534 sonoraquest.legacy.tuition.io	9 MB
10	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 921	267 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2047 ekr.zdassets.com — Cisco Umbrella Rank: 2364	214 KB
5	zendesk.com tio.zendesk.com — Cisco Umbrella Rank: 771784	1 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	9 KB
4	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 11	29 KB
2	msauthimages.net aadcdn.msauthimages.net	83 KB
2	browser-intake-datadoghq.com browser-intake-datadoghq.com — Cisco Umbrella Rank: 1008	344 B
2	amazonaws.com tuitionio-production-public-assets.s3.amazonaws.com — Cisco Umbrella Rank: 846064 tuitionio-production-images.s3.amazonaws.com	13 KB
2	gstatic.com fonts.gstatic.com	65 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 63
1	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 943	48 KB
1	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6244
1	tuition.works 1 redirects api.tuition.works — Cisco Umbrella Rank: 898585	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	13 KB
68	16

	Domain	Requested by
10	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
10	sonoraquest.tuition.io	sonoraquest.tuition.io
7	static.zdassets.com	sonoraquest.tuition.io static.zdassets.com
6	sonoraquest.legacy.tuition.io	sonoraquest.tuition.io sonoraquest.legacy.tuition.io
6	tio-api.tuition.io	sonoraquest.tuition.io sonoraquest.legacy.tuition.io
5	tio.zendesk.com	static.zdassets.com
4	login.microsoftonline.com	sonoraquest.tuition.io aadcdn.msftauth.net aadcdn.msauth.net
4	fonts.googleapis.com	sonoraquest.tuition.io ajax.googleapis.com sonoraquest.legacy.tuition.io client
2	aadcdn.msauthimages.net
2	browser-intake-datadoghq.com	sonoraquest.tuition.io
2	fonts.gstatic.com	fonts.googleapis.com
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	aadcdn.msftauth.net	login.microsoftonline.com
1	rum-http-intake.logs.datadoghq.com	sonoraquest.legacy.tuition.io
1	api.tuition.works	1 redirects
1	tuitionio-production-images.s3.amazonaws.com	sonoraquest.legacy.tuition.io
1	cdn.jsdelivr.net	client
1	tuitionio-production-public-assets.s3.amazonaws.com
1	ekr.zdassets.com	static.zdassets.com
1	ajax.googleapis.com	sonoraquest.tuition.io
68	21

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
tuition.io Amazon RSA 2048 M02	`2023-02-26` - `2024-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
legacy.tuition.io Amazon RSA 2048 M02	`2023-10-17` - `2024-11-14`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
tio.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-11-16` - `2024-11-16`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-10-29` - `2024-10-29`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 08	`2024-01-11` - `2025-01-05`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true
Frame ID: 832761BEAA0C1C4F1066071EE657DB0F
Requests: 41 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: 7E4BE621B8C1BC0971F3360F8F17CFB7
Requests: 9 HTTP requests in this frame

Frame: https://sonoraquest.legacy.tuition.io/ember-start
Frame ID: 25DB785ABF3FD51787BEF13666E55494
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://sonoraquest.tuition.io/ Page URL
https://api.tuition.works/saml/sonoraquest/auth?redirect=https%3A%2F%2Fsonoraquest.tuition.io HTTP 302
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7Y... Page URL
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7Y... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

68
Requests

99 %
HTTPS

52 %
IPv6

16
Domains

21
Subdomains

21
IPs

2
Countries

9571 kB
Transfer

18104 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sonoraquest.tuition.io/ Page URL
https://api.tuition.works/saml/sonoraquest/auth?redirect=https%3A%2F%2Fsonoraquest.tuition.io HTTP 302
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D Page URL
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://api.tuition.works/saml/sonoraquest/auth?redirect=https%3A%2F%2Fsonoraquest.tuition.io HTTP 302
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
sonoraquest.tuition.io/ 4 KB
5 KB 404ms
89ms Document
text/html 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d9cd3dd27a7b407c58b78b1e479be8275532cc05dd2fc20a21f7de92228e6372

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 9567
cache-control: no-cache
content-length: 4202
content-type: text/html
date: Thu, 25 Jan 2024 20:30:10 GMT
etag: "071df94cd05f51d31bb672e0c18fc75c"
last-modified: Thu, 25 Jan 2024 19:26:31 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-amz-cf-id: 3eNDcONR9N7BIIcriwPq_R7WsPvdDYXO6uuGzZRM5-uxrIxVx7yqAw==
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 259ms
65ms Script
text/javascript 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:26:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 272ms
78ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 23:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 23:09:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 23:09:36 GMT

GET
H2 200 vendor-76c3c57a9dbda397c53888f8850496e5.css
sonoraquest.tuition.io/assets/ 22 KB
22 KB 118ms
110ms Stylesheet
text/css 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/vendor-76c3c57a9dbda397c53888f8850496e5.css

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

013aa3eae9756fbb72054eb158368bc855c0bdf6271884a75f76dd35c20d09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:08:22 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 75
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22091
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:30 GMT
server: AmazonS3
etag: "76c3c57a9dbda397c53888f8850496e5"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: qRy54nxL8JK66oxk6yIKqJH5Q0zsNPVlRiCsmGaMhSB6O8QQKMGFkw==

GET
H2 200 chunk.143.9bb2a04bbb66d4724aa7.css
sonoraquest.tuition.io/assets/ 1 KB
2 KB 127ms
119ms Stylesheet
text/css 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/chunk.143.9bb2a04bbb66d4724aa7.css

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:43:22 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12375
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1410
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:29 GMT
server: AmazonS3
etag: "44a53b841248ae85ad2ffb537b9c882f"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: I1zdSZIykxdj5xfg2us5fd1FEFK8uAPKzHd8Mk3pQElQhlHtyQ-K9g==

GET
H2 200 tailwind-2caeb9eca08e7aa914ecb6c46014a990.css
sonoraquest.tuition.io/assets/ 90 KB
91 KB 147ms
141ms Stylesheet
text/css 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/tailwind-2caeb9eca08e7aa914ecb6c46014a990.css

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ee913d0cfc26c4403ed5dc3738c7a33a924605a714996e368e021ac9906cc580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:43:22 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12375
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 92612
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:30 GMT
server: AmazonS3
etag: "2caeb9eca08e7aa914ecb6c46014a990"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: OcKeew_jhZRvgXEGXamCS0Uv_meWjVG8_Xtzs3FV-ot_V8yNnfXWmw==

GET
H2 200 tio-employee-667bffdd67c36fe255e4078a6b9b468e.css
sonoraquest.tuition.io/assets/ 407 B
911 B 205ms
199ms Stylesheet
text/css 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/tio-employee-667bffdd67c36fe255e4078a6b9b468e.css

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0b7c785345caadfa9928fb400863504520ef3203e9c7e96bb47960f23b74587d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 20:18:51 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 10246
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 407
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:30 GMT
server: AmazonS3
etag: "f54b3ab2f45834d4e3fb870bc4ca3ad5"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: fnTOOAE04C3XxBKWtxGK-np_CBiIfNh-6fS8TtWrxNXYVQTx5P9Rfg==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 265ms
73ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=b4a45fc6-354a-41ee-b685-57b33d687ad6

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:36 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9X4B0G1GWNB25PJG
age: 11
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: 4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtWpK%2FAXTYEZlWi7UtHSULu1c6HNdRb8uYinjb1ztFUXIWnd1KLsdC53qZ9EX4q6xsJVDH7IHUYcC8PORJ%2FhzIVfrdSb3HN%2F0U7qjVKcqXpXYcwo1h3AZo6OZF3TPNmQPQxwKhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 84b42f5049df8c4e-EWR

GET
H2 200 vendor-e1b2dcd7794dfa7a431ad5b649c2bc04.js Show response
sonoraquest.tuition.io/assets/ 2 MB
2 MB 211ms
205ms Script
application/javascript 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/vendor-e1b2dcd7794dfa7a431ad5b649c2bc04.js

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

27624e2dd51265987c759bc787b282a863d3e9f22fe869634df5f3d9a221c4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:43:22 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12375
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2367813
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:30 GMT
server: AmazonS3
etag: "5a8a571f2925d765b8a3b950831da63c"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: 5Ou9IFi4wVOR0aZzisHrhxH3VDR9YNVQ7W-N6zeC_WWmdX20hLHuOw==

GET
H2 200 chunk.647.a36ba7ae521219ced2c1.js Show response
sonoraquest.tuition.io/assets/ 2 MB
2 MB 336ms
331ms Script
application/javascript 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/chunk.647.a36ba7ae521219ced2c1.js

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f4e34221bf5c7eee3889cf603a3bf6b2111d4ae98426409551a2be564884ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:56:38 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40379
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2036097
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jan 2024 20:33:32 GMT
server: AmazonS3
etag: "3ff14414d626fda56c3e441eaa48328b"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: Tm0Hpl18KtgnHe6n7m2-_XrUDCSPEriIjq8FQIGCHRXnb2oRVJFsqg==

GET
H2 200 chunk.143.9bb2a04bbb66d4724aa7.js Show response
sonoraquest.tuition.io/assets/ 1 MB
1 MB 473ms
469ms Script
application/javascript 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/chunk.143.9bb2a04bbb66d4724aa7.js

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3e973dc15431008066fea811e20a6eabcc0842e5f007fe93d09d47ef090f5041

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:43:22 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12375
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1155208
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:29 GMT
server: AmazonS3
etag: "466c9a6b0c995a202f436838698861fb"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: nbkSqitXoptGZT0rsZxsv_Jozhx4Y7SBnhi1Xgsf0E8T9GQUMtoI6g==

GET
H2 200 tio-employee-389114fb3eb60ed55d70bacb1da290c0.js Show response
sonoraquest.tuition.io/assets/ 2 MB
2 MB 474ms
469ms Script
application/javascript 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/tio-employee-389114fb3eb60ed55d70bacb1da290c0.js

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8fa20829dfb28955a290a9a86bd168499506f85b79720a965ba7786bba118747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:43:22 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12375
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1780495
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:31 GMT
server: AmazonS3
etag: "2db15709bbd19696da6ef0b1842f09e4"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: zTgbUY25B44TYiAKRAhZJFWanEzc8aFG85lz8zODNqyvWhuQ5VvtbA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
731 B 66ms
58ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e62685bbd1ca36444e1bdf0e6ff951b5e876ece8129925122309f6eb202f289b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 23:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 22:42:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 23:09:36 GMT

GET
H2 200 tio-common-694d563f30e583420ac675a11c457b9c.css
sonoraquest.tuition.io/assets/ 2 KB
3 KB 899ms
892ms Stylesheet
text/css 18.67.76.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.tuition.io/assets/tio-common-694d563f30e583420ac675a11c457b9c.css

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/tio-employee-667bffdd67c36fe255e4078a6b9b468e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-62.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b609d701f9db1c8534dd6c0ecc42f4d54207c388cd4e585bcfacaec793a124d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/assets/tio-employee-667bffdd67c36fe255e4078a6b9b468e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:10 GMT
via: 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 27
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2372
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 19:26:30 GMT
server: AmazonS3
etag: "694d563f30e583420ac675a11c457b9c"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: IHxHVNDonQ_EvGLITuGT0lFNQREsMIRplO9dF1rgSDPlLrWnt7WuNg==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 253ms
71ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonoraquest.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:41:07 GMT
x-content-type-options: nosniff
age: 19710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:41:07 GMT

GET
H2 200 b4a45fc6-354a-41ee-b685-57b33d687ad6 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 263ms
155ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/b4a45fc6-354a-41ee-b685-57b33d687ad6

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b4a45fc6-354a-41ee-b685-57b33d687ad6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe39e61f951e4b107dc753315dc8b4a6d01c7d0b5ebe132676a2b68476ee4cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 830da5515f7a5206-SEA, 830da5515f7a5206-SEA
x-runtime: 0.003884
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fe39e61f951e4b107dc753315dc8b4a6"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duJ4KRjYFjK%2BlwL1BlQva7zcacYqE6lPUg159wm%2FvgLll56g%2BTEfNhbng2WaGxDixWYT8Anq0FaMjbslqTTt%2FZs68lBxrs2e9q5YU2bH7aC3lPcpopZSd7VacUbHHCoJNuo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 84b42f574d5e7c84-EWR

OPTIONS
H2 200 sonoraquest
tio-api.tuition.io/preregister/ Frame 0
0 182ms
83ms Preflight 3.225.70.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tio-api.tuition.io/preregister/sonoraquest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.70.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-70-29.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://sonoraquest.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
access-control-max-age: 7200
content-length: 0
date: Thu, 25 Jan 2024 23:09:37 GMT

GET
H2 200 sonoraquest Show response
tio-api.tuition.io/preregister/ 3 KB
3 KB 154ms
153ms Fetch
application/json 3.225.70.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tio-api.tuition.io/preregister/sonoraquest

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/chunk.647.a36ba7ae521219ced2c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.70.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-70-29.compute-1.amazonaws.com

Software

Resource Hash

51a3c349cc4a840e23f7a6fad800d1d9f5507e21a71d13a6b8a19f624084aa67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sonoraquest.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-api-key: S6WgFNjKzt6wl43B0okfd6ssM1dLFQXg43IUksx2

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-request-id: 57fc25f2-b4ea-406e-b15a-7550e54b3c33
x-runtime: 0.075788
referrer-policy: strict-origin-when-cross-origin
etag: W/"51a3c349cc4a840e23f7a6fad800d1d9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 7E4B 435 KB
137 KB 46ms
46ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b4a45fc6-354a-41ee-b685-57b33d687ad6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-amz-version-id: RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FSF5803D2MZ177K
age: 4479643
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"531e7cd49856ceac1ab739dee1bd9825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUgeQMPZmcHBok06ODrdbBRImwFSjBcfvPmWe6wTtGsGUjhLftgJZmbhKHoX75ArobtX8vSm3W7oVuG7%2BUrAF9NPYmrCXTL1zaExlB89tdyo0x6YJkVkzJH%2BiLkX4AwyNf43fTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84b42f595ed18c4e-EWR
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 conditions Show response
tio-api.tuition.io/preregister/sonoraquest/ 678 B
1 KB 47ms
46ms Fetch
application/json 3.225.70.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tio-api.tuition.io/preregister/sonoraquest/conditions

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/chunk.647.a36ba7ae521219ced2c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.70.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-70-29.compute-1.amazonaws.com

Software

Resource Hash

bd0b610012747ebdd50b04d5b14040c89d6185ad7d1cfa82211740f9e014f782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sonoraquest.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-api-key: S6WgFNjKzt6wl43B0okfd6ssM1dLFQXg43IUksx2

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-request-id: f9377a95-9314-471e-9124-0a4677cf9b75
x-runtime: 0.020785
referrer-policy: strict-origin-when-cross-origin
etag: W/"bd0b610012747ebdd50b04d5b14040c8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 conditions
tio-api.tuition.io/preregister/sonoraquest/ Frame 0
0 25ms
24ms Preflight 3.225.70.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tio-api.tuition.io/preregister/sonoraquest/conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.70.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-70-29.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://sonoraquest.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
access-control-max-age: 7200
content-length: 0
date: Thu, 25 Jan 2024 23:09:38 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 7E4B 16 KB
3 KB 36ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-amz-version-id: 0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS8D41MZJZMYG1B
age: 4479643
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: MlQYiQ2dqb9h/OIVYc60rdAWwzi2m98faLu/nzTPmQXpoeHOhtgWXpnmexReeLW5Qx210z3PGrY=
last-modified: Tue, 05 Dec 2023 00:28:38 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6OxeEk8BSzzOn0cAZEPRhpnLhqVJvaFKBgjhTAWM0gCXva75XI%2BUt3kZB8PYQDISBHmCIWu7jm%2FVBsAR%2F3PjvKyw3GFpLc6K7mfrvrv1ztFsgduJ%2FubYcN1cA36KEU1d5jUyDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84b42f5a1fa28c4e-EWR
expires: Wed, 04 Dec 2024 00:28:37 GMT

GET
H2 200 web-widget-4852-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 7E4B 139 KB
47 KB 62ms
61ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-amz-version-id: rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS6K6N3BED5C9DX
age: 4479643
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: mZYDmVwtmpMlbyBFUcvQAyVxK3nKNxXriZZENjdf3EjmZopRc63mtrIJzjjk+FTJoP0ZDs3BETM=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6QW7sbRXehqd7N3QQ%2Fnl8RzSSnpnBfbGL8Wn%2BUEOK8kHK0YFoM8KmqO8Lbt2tUcAtf8D2s0qhGY%2FlO5AJC5iho1cpY7PaGMtSJfK2k7G2EpLccVxrr5UIHUA0l7IoIRgnm0Czw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84b42f5a3fc48c4e-EWR
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-519-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 7E4B 24 KB
8 KB 59ms
58ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-amz-version-id: GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS3V2M4QJ2ZK33P
age: 4479643
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Wy0C%2FvDxwH7R8HDH%2F3NfFOGRvP%2BQQmZ8UJFE1bEGYz1AL1S1sCYIrQMNzccamWS5juKvvf0qo79Qn2RXPL5Ug4DU5Hly8%2BgWkJaTPFN8ViDV66LS02J%2B2TKEAhXEbwGgt%2Bc0JI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84b42f5a3fc78c4e-EWR
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-5178-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 7E4B 24 KB
7 KB 66ms
65ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-amz-version-id: NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS7C58SVHM9XWRN
age: 4479643
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UHe8in2/NNlJQ8+xqDERT39dCXeKxCJVrG2UC/shLH4h+ZNVARF4OnkmVkfqjVmg/Z5Cp8G4Dco=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6acf8Zm8MdMUjfq5ppHbMC%2BsOsNsw0dq6aqlh2sKC%2B0RqUdg3BAKKPixAr8fHKWgM6WrJvADLogh9U8TikOnFIzfAl%2B51cDTAk5l2urLHsWmmSYVmZWjmXxIYumEzSznbm4fHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84b42f5a3fc98c4e-EWR
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-9535-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 7E4B 15 KB
6 KB 58ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
x-amz-version-id: ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS0JNEYMFMYAKH2
age: 1126884
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KZ6JU9UjGIwkXQxX79VJPt5IBQz+RyTOOPzgoaj8Fyg4FIN4CX5ErJSJSDOj+qVg7hRI7zO5uEc=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0%2BRAD%2BWhX91rAj65oCAfixtIso2qgR39zWbH2%2BPAX%2FcwiarZ9qOiHpexAc%2FedOkPER9d%2B1lbwaM6ubFWIB36sYAbdG6hOV0%2F%2Fvq%2BsMoNAogxQfpAtMVnpy%2FEXOdrG29BN9uUO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84b42f5a3fcb8c4e-EWR
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 ember-start Show response
sonoraquest.legacy.tuition.io/ Frame 25DB 4 KB
2 KB 134ms
25ms Document
text/html 99.86.229.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.legacy.tuition.io/ember-start

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/tio-employee-389114fb3eb60ed55d70bacb1da290c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-58.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

27e6044507b675b3321bd14fcaa17cc48f5882b0aac4a5773be08db9ad93823f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sonoraquest.tuition.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3024
cache-control: no-cache
content-encoding: br
content-type: text/html
date: Thu, 25 Jan 2024 22:19:15 GMT
etag: W/"26e8f576c0c76900538c37bc5d9b000c"
last-modified: Tue, 23 Jan 2024 22:16:25 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
x-amz-cf-id: dHiH5tdH7cDE6ouDG-vGNT6PRnHf4XWzsnXVkmCtlBstuuuj3tQ6Nw==
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sonora_quest.png
tuitionio-production-public-assets.s3.amazonaws.com/uploads/2023/08/21/4632e935-7aad-42a2-8943-e0ea97783871/ 6 KB
7 KB 217ms
77ms Image
image/png 54.231.235.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tuitionio-production-public-assets.s3.amazonaws.com/uploads/2023/08/21/4632e935-7aad-42a2-8943-e0ea97783871/sonora_quest.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAYTIPZPK7R3AAJ4RV%2F20240125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240125T230938Z&X-Amz-Expires=900&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEOD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCylWWYbD75yN4XPABqkUgGiklo5S2sRfd7MM6TxFonHgIgJ5fpNhJmELaKuUH%2BFGBGPPVMQScn9FH5gFnJJ3Euj1sqkwUImP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAEGgw1OTExMjgwMDEyMTUiDOdt1bXONDDT%2BbcfgirnBE6w0J%2FPK4llC1CydrY5n%2BscpMLHg6sET6Gt7szLvZwjjdlnx0b343QsvLoLLQSlK3iR2nrBliQVQFmrfNHANTr2Saf4jwicVJpgHqZHaYQOJYaEzLdjh7rgRY5wzKTfYvho347WwRt0P0ItoaBTDFdB%2Fgx7LOKYT0W3OyC6MasdCw4e6idSYno9HgZe1qH65STNDd%2B%2Brd%2Fho5JvEf%2FUJRZACZgVmIzmGM9U%2B7ABl94PiaFOG0%2F7WpOx4QiOoSbUbAWculD6Yde052pGkZ9Be1gcutdiPHi3PsIDqI4njTE%2BkrG2Dg5BK95fw7VUU3xxcMY%2BjekwmTil7nJnN53ZeGuBM%2FbDG2ii1CIVyh582t3Q4P7xo%2F0fZnZpebiGrSYTNLuOBeN9IKHohwcNxTzHXObms0IFMXeKgA%2BFYfrOk7X8dKFd89Vj4HepMxzv%2B6vhyhxlJ%2BsH5mYINTlwMmu8%2FwjpS3lUacZF444rW1k0Wq5ubLQpZghMdUgcjISJpQbqC46poXY7E0JmwjQmeEb%2BUolnwF6oq%2Bfiit8pxA5%2FkQH2rPbJ47a5GX1BfvB%2BippG8mfCYc6zqeX%2Fq4OR0TbsHKwAtCedy5rPSL6rA5x0DNAY0FtJIpOmIxHvmKGgafFohW6TdFiyPOKhYKsfTUCPxvKgQMZ%2BilIYweJCEHve3mlY%2Bl4pCsbCI1m79Xh0brpuU0ybzbBfxTMK12r9lk4KGgYiB0t0klVK1ophlOm%2F538PWY1CXNZvkkjGFCEOC3mN9SOFIy0XZ5o8yf2yvFmZeXHsFaLcrR0kkio9jVGyGGtgE0geRjriwDCy1MutBjqaAVawuRXa%2FE5iTQY0JfN5ZvBGcBGNUn%2BItt63V%2BeW5n3i1UzQ8e6vxAjar18FyJtmiqPiwb5jbidcVL8%2BvC3REWFcHwc1IfpcBq6rgtQKrrlX%2BBibKJiwbxlfkNppvybU4bGtWVpI8zkIZWMLQS1Abt9xJyu46YVFAbyqYde9GesfwErdXzfrC22QHQLJmZjppVkW27Xpx601800%3D&X-Amz-SignedHeaders=host&X-Amz-Signature=cf2e35ab1d15fe11fa7e7849328fa1a65241de166ad6accf921cdcd73823807a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.235.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70ff2f211e5c6dcf8a22bea8e0e6d972c8dcc830768e9b81d8c2b2a9c4d583fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 23:09:39 GMT
Last-Modified: Mon, 21 Aug 2023 20:02:17 GMT
Server: AmazonS3
x-amz-request-id: VBN04K6F4FFXQSRJ
ETag: "12a49e599ebf85ac1a79a48b1fa25793"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6510
x-amz-id-2: uyTpHus4MSQFXqcNBglLLTr4Xkk26OoU02uhap48K/VmweaPcZHmLUw94uNDu7di6Wd9JgtbkAU=

OPTIONS
H2 204 pv
tio.zendesk.com/frontendevents/ Frame 0
0 185ms
73ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sonoraquest.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 84b42f5baab772bc-EWR
date: Thu, 25 Jan 2024 23:09:38 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey2BQaALFzF%2F8HZ%2Ba%2BuhiN6q2OiV6XfeHvRLjsBZS6v1ag%2Bp80jqy4A1F9HqycLESmrFHowKdx5%2FX%2BziytJqHBepHseM0lCK1TsBVmBM1Ywo2g80vKREMCz33InjSN5K9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 84b42f5baab772bc-EWR
x-zendesk-zorg: yes

POST
H2 200 pv
tio.zendesk.com/frontendevents/ Frame 7E4B 0
0 86ms
84ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjxETxqO8gqpuPiGu0MzkKqvqdHNZliPaf4ZQl%2Bw%2FF1jAv7czGPPotk%2FE0vxAsEq2T%2Bm3Q7pJveikVcarRxfIHdFkEHesl6w1TSfOgLDBtaxQJk2VmwGbBcn%2FZL9kDGSdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84b42f5c1b3d72bc-EWR
content-length: 0
x-request-id: 84b42f5c1b3d72bc-EWR

GET
H2 200 config Show response
tio.zendesk.com/embeddable/ Frame 7E4B 818 B
1 KB 216ms
105ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e877e8e7871469f0f2ad432c689102c8382847c92c76f149cea8b1cb2d666b41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-665cb45b6c-knk4f
x-cached: MISS
x-request-id: 84b42f5baab272bc-EWR
x-runtime: 0.002906
last-modified: Thu, 25 Jan 2024 23:05:40 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY4LVOgAgMTE%2Fp0jODoLobBizxbM2EcHcugNzcg%2BcNtoE5GjHsN4zMNAW%2FNHiyeANPrT1sLn2oVGn60xjPjIBByqNbyj%2BANA6BGk9maKyAxZ%2BoTSTAHfh73LcDF%2BUXYmHw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 84b42f5baab272bc-EWR

GET
H3 200 css
fonts.googleapis.com/ Frame 25DB 9 KB
975 B 45ms
42ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/ember-start

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ea2107bf656126005f1c080359c253eec21c21da412a7f6c8d1e7977ee3bda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 23:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 23:09:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 23:09:38 GMT

GET
H2 200 app.a3ce39840005dd2149a7.js Show response
sonoraquest.legacy.tuition.io/static/js/ Frame 25DB 2 MB
163 KB 76ms
74ms Script
application/javascript 99.86.229.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.legacy.tuition.io/static/js/app.a3ce39840005dd2149a7.js

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-58.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

38d38c696a96de2971e90d5c2625f1b22a52874f2d9c517c84f5f0d319a51a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 22:47:49 GMT
content-encoding: br
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 1310
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2024 22:25:51 GMT
server: AmazonS3
etag: W/"fe3db6233987c3504ae853a25463a426"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: jk3F1hhXJvIEAH1iUy5EOKeE0VzxjfKnPrSF-BEerPaGAZA2E65-0g==

GET
H2 200 1.e81cbb49629258290646.js Show response
sonoraquest.legacy.tuition.io/static/js/ Frame 25DB 6 MB
1 MB 115ms
114ms Script
application/javascript 99.86.229.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.legacy.tuition.io/static/js/1.e81cbb49629258290646.js

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-58.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9c5bb37f1007c276953e8eba2fcfaa8b9ce69f95730df6c3b661c8b3d27016a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.legacy.tuition.io/ember-start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 22:20:12 GMT
content-encoding: br
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2967
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jan 2024 22:16:26 GMT
server: AmazonS3
etag: W/"7351ace02ee971a03e14f4d57fbf4234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: BsEzc48pZiH7J28xDbuxpUAllkxUekZObLrgJzqgkA3HgcAQi-HUCg==

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
344 B 316ms
67ms Fetch
application/json 2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Afetch&dd-api-key=pub2b0a5007df194a17333ea4bc92733249&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=a8265483-1fd4-4768-9aaa-a15f0b92bcb3&batch_time=1706224178595

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/chunk.647.a36ba7ae521219ced2c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ab65e307d2c6c6d24ccdace319df07733fed27931cbd36ce66ca78f9d65697e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonoraquest.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 23:09:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: a8265483-1fd4-4768-9aaa-a15f0b92bcb3

GET
H3 200 css
fonts.googleapis.com/ Frame 25DB 7 KB
850 B 44ms
44ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Material+Icons

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b75f29dd29d58fbccbcc35a32fd6e0eafb9f3c463eb7f766a772e645ed704a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 23:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 23:09:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 23:09:39 GMT

GET
H2 200 all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.9.0/css/ Frame 25DB 55 KB
13 KB 174ms
37ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.9.0/css/all.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 23:09:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6890543
x-jsd-version: 5.9.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12372
x-served-by: cache-fra-eddf8230123-FRA, cache-ewr18128-EWR
x-jsd-version-type: version
etag: W/"da9f-LEMUj333gOi0CjqwnHcPA62/Ea8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK growth.svg
tuitionio-production-images.s3.amazonaws.com/staticImages/mousai/ Frame 25DB 6 KB
6 KB 193ms
54ms Image
image/svg+xml 52.216.34.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tuitionio-production-images.s3.amazonaws.com/staticImages/mousai/growth.svg
Requested by: Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/ember-start
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.34.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sonoraquest.legacy.tuition.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 23:09:40 GMT
x-amz-version-id: avGpWmiw6VRsJFUSTd4.lT.IJT09ZgvY
Last-Modified: Tue, 14 Jul 2020 22:24:58 GMT
Server: AmazonS3
x-amz-request-id: C410MJCQEKNB2BMG
ETag: "52db0343aebe1456781c0e724a213f62"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5746
x-amz-id-2: H/UD+0qnoGI++II59iu7RPlQJIqWRrr5kTFk2RnfS5AESfVI0BRLjhLW6TFjabmd1ma/2K2LHY0=

GET
H2 200 Montserrat-SemiBold.woff2
sonoraquest.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame 25DB 79 KB
79 KB 44ms
42ms Font
font/woff2 99.86.229.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.legacy.tuition.io/static/fonts/Montserrat-woff2/Montserrat-SemiBold.woff2

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-58.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sonoraquest.legacy.tuition.io/ember-start
Origin: https://sonoraquest.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 14:38:14 GMT
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30686
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80428
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jan 2024 22:16:25 GMT
server: AmazonS3
etag: "350f79f75959112c709596dfb4193a00"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: zBn0zBYVRJ358r2P6QIo4eAsuUsqZ_8Ho7V3g4EOwvkEGfzw1pHZiA==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 25DB 32 KB
32 KB 65ms
63ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonoraquest.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:41:07 GMT
x-content-type-options: nosniff
age: 19712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:41:07 GMT

GET
H2 200 Montserrat-Medium.woff2
sonoraquest.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame 25DB 79 KB
80 KB 61ms
60ms Font
font/woff2 99.86.229.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.legacy.tuition.io/static/fonts/Montserrat-woff2/Montserrat-Medium.woff2

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/ember-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-58.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sonoraquest.legacy.tuition.io/ember-start
Origin: https://sonoraquest.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 14:38:14 GMT
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30686
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80908
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jan 2024 22:16:25 GMT
server: AmazonS3
etag: "d8599180ae87d0ecadfe8f086cc51a83"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: ebMrPYS_dUiUn9A1Z4VqjSgebNP5yVY6bbwQ9Z42ncaCCxDEm058pQ==

GET
H2 200 sonoraquest
tio-api.tuition.io/preregister/ Frame 25DB 3 KB
3 KB 112ms
112ms XHR
application/json 3.225.70.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tio-api.tuition.io/preregister/sonoraquest

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/static/js/1.e81cbb49629258290646.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.70.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-70-29.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://sonoraquest.legacy.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-api-key: S6WgFNjKzt6wl43B0okfd6ssM1dLFQXg43IUksx2

Response headers

date: Thu, 25 Jan 2024 23:09:39 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-request-id: 1ad5f4ee-5e9b-44ad-9dfd-7ba0c86f30f2
x-runtime: 0.075889
referrer-policy: strict-origin-when-cross-origin
etag: W/"f2333d32106679cbc6fe9634992fb552"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 sonoraquest
tio-api.tuition.io/preregister/ Frame 0
0 65ms
65ms Preflight 3.225.70.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tio-api.tuition.io/preregister/sonoraquest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.70.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-70-29.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://sonoraquest.legacy.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Authorization, tio-auth-token
access-control-max-age: 7200
content-length: 0
date: Thu, 25 Jan 2024 23:09:39 GMT

GET
H2 200 Montserrat-Regular.woff2
sonoraquest.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame 25DB 79 KB
80 KB 34ms
33ms Font
font/woff2 99.86.229.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sonoraquest.legacy.tuition.io/static/fonts/Montserrat-woff2/Montserrat-Regular.woff2

Requested by

Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.229.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-229-58.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sonoraquest.legacy.tuition.io/ember-start
Origin: https://sonoraquest.legacy.tuition.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:44:43 GMT
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48297
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80876
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jan 2024 18:11:19 GMT
server: AmazonS3
etag: "a336ad9a19a7a11bb291721ea55db804"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: ZOK-JjtvkiSnMv6e4MDK5tGE2dk6asB9CpPaVW2I7KA9bO-kX6Z9KQ==

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/
Redirect Chain

https://api.tuition.works/saml/sonoraquest/auth?redirect=https%3A%2F%2Fsonoraquest.tuition.io
https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38...

21 KB
10 KB

381ms
116ms

Document
text/html

2603:1036:3000:18::3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D

Requested by

Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/tio-employee-389114fb3eb60ed55d70bacb1da290c0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cc63e1729cabcda540d0223e9767bba82ec67495e29d756697a8cdb9ca785c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sonoraquest.tuition.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8973
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Jan 2024 23:09:41 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17122.2 - WUS3 ProdSlices
x-ms-request-id: 42e3641a-5f33-4cb5-8f2c-78cb404f7600

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: tio-auth-token,tio-algolia-token,tio-refresh-token
content-length: 2298
content-type: text/html; charset=utf-8
date: Thu, 25 Jan 2024 23:09:41 GMT
location: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D
vary: Accept
via: 1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront)
x-amz-apigw-id: SHmIRG_jIAMEJMw=
x-amz-cf-id: HGG9qOQGT8IXCeJw4hCsOh_fwJYv_xvBxEcab0TSc7akO9kojNj5yg==
x-amz-cf-pop: IAD89-C3
x-amzn-remapped-content-length: 2298
x-amzn-requestid: aa2cd217-a057-4f3f-8769-e64f2362e135
x-amzn-trace-id: Root=1-65b2ea34-4754a1813c762cdc7ecdeb3e;Sampled=0;lineage=4ce009ee:0
x-cache: Miss from cloudfront

POST
H2 202 rum
browser-intake-datadoghq.com/api/v2/ 0
0 331ms
73ms Ping
application/json 2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Abeacon&dd-api-key=pub2b0a5007df194a17333ea4bc92733249&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=919feb0a-205b-474c-af19-4e53530053ea&batch_time=1706224180339
Requested by: Host: sonoraquest.tuition.io
URL: https://sonoraquest.tuition.io/assets/chunk.647.a36ba7ae521219ced2c1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sonoraquest.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 dl
tio.zendesk.com/frontendevents/ Frame 7E4B 0
0 145ms
145ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 23:09:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jz0McZyk5fTV9ZNpwNHdHzJKMHmAVg7rimVpkjaFB7ZpRmdCH4xdajXYi2%2B93aSk7Z6QPVJvhRvneUPOAmPikig1ExwdbQ0hVGGxGhtydQwC8HvdPNysbmJ9wyG7tpaXeg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84b42f67faf072bc-EWR
content-length: 0
x-request-id: 84b42f67faf072bc-EWR

POST
H2 200 pub2b0a5007df194a17333ea4bc92733249
rum-http-intake.logs.datadoghq.com/v1/input/ Frame 25DB 0
0 329ms
59ms Ping
application/json 2600:1f18:24e6:b901:4066:ca37:bb63:d2fc
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub2b0a5007df194a17333ea4bc92733249?ddsource=browser&ddtags=sdk_version%3A2.8.1&batch_time=1706224180340&m_time=1706224180340
Requested by: Host: sonoraquest.legacy.tuition.io
URL: https://sonoraquest.legacy.tuition.io/static/js/1.e81cbb49629258290646.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:4066:ca37:bb63:d2fc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sonoraquest.legacy.tuition.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 204 dl
tio.zendesk.com/frontendevents/ Frame 0
0 123ms
122ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tio.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sonoraquest.tuition.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 84b42f6739d172bc-EWR
date: Thu, 25 Jan 2024 23:09:40 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oagXQtBKsvkp4dAqAFn0euE2zLUGANThXPdP6wf%2FhNWNCsK6uKyhDi7NzmP0NplDy0A31VIxR9s83xhfKX423DuxHTxuHfXbz27Esm%2BMM%2BJAXnDHZ7BmHVLkMkbux%2F11gw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 84b42f6739d172bc-EWR
x-zendesk-zorg: yes

POST rum
browser-intake-datadoghq.com/api/v2/ 0
0

GET
H2 200 BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 136 KB
48 KB 348ms
31ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (phd/FD1C) /
Resource Hash

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:42 GMT
content-encoding: gzip
content-md5: wFzpduTSkmnT+dqkuOoEjg==
age: 2349207
x-cache: HIT
content-length: 49102
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 23:52:14 GMT
server: ECAcc (phd/FD1C)
etag: 0x8DC034905B0FBE6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66ae0351-201e-0059-6f85-3a4a06000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H/1.1 200
OK reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 71ms
70ms Ping
application/json 2603:1036:3000:18::3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1900&client-request-id=c0fa4912-2a5e-4d79-8884-0d98081adb9d&hpgrequestid=42e3641a-5f33-4cb5-8f2c-78cb404f7600

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 25 Jan 2024 23:09:41 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Content-Type: application/json; charset=utf-8
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 79167427-0065-46ba-ab31-c5b6a2e27201
Cache-Control: no-store, no-cache
Content-Length: 265
x-ms-ests-server: 2.1.17184.3 - SCUS ProdSlices
X-XSS-Protection: 0
Expires: -1

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/ 38 KB
16 KB 190ms
120ms Document
text/html 2603:1036:3000:18::3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c393eae6388f6b1b97a14dc410abb90100e42d7709e98aad2013e4bb3524e3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14665
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Jan 2024 23:09:41 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17122.2 - EUS ProdSlices
x-ms-request-id: 422ab989-e69b-4e9b-9ad1-a18c7c0f3800

GET
H2 200 converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 110 KB
20 KB 199ms
37ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:42 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 20314
x-ms-lease-status: unlocked
last-modified: Wed, 27 Dec 2023 18:18:12 GMT
etag: 0x8DC07082FBB8D2B
x-azure-ref: 20240125T230942Z-fnktdn02r52kf14cdr1zuq3gn000000000e000000001ghr3
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8db30c30-c01e-0023-68b1-4fdb46000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 421 KB
117 KB 199ms
39ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f46a9d9c96d9343a0774ff88e584a2f41c67144cca542a0c006a7d7ded45b8da

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:42 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 118619
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 23:52:31 GMT
etag: 0x8DC03490FDF9383
x-azure-ref: 20240125T230942Z-fnktdn02r52kf14cdr1zuq3gn000000000e000000001ghr5
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b9e7117-d01e-006e-74b1-4fd74c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en.min_pwhoosk_q-bz40xlez3ihq2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 52 KB
15 KB 199ms
38ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pwhoosk_q-bz40xlez3ihq2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 03779f821cf3d1898257b5b8a372790d1535c8a37248fd099a2e2995b15f966d

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:42 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 15186
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 23:23:14 GMT
etag: 0x8DBF77B7C50F281
x-azure-ref: 20240125T230942Z-fnktdn02r52kf14cdr1zuq3gn000000000e000000001ghr4
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0da4de37-401e-0083-42b1-4f1d20000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 292ms
61ms Other
text/html 40.126.24.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.24.147 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 oneDs_f2e0f4a029670f10d892.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 186 KB
60 KB 202ms
72ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 61052
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 17:22:47 GMT
etag: 0x8DB5D44A8CEE4F4
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000tyk8
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 22288c72-a01e-009d-1b1b-4f0f1f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 153 KB
34 KB 39ms
37ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4d950c649876fb897ae9732dc13e17fd19303c2bbe7fb628141c096c9f02949

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 34606
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 07:51:22 GMT
etag: 0x8DC02C2CA538961
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000tymd
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 955d06de-e01e-001d-1086-4a584a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_f0fabc6618095076a644.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 109ms
109ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_f0fabc6618095076a644.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5cd0bde775a1d72da0a15a121d3b16c53bbfc06e64ad79d5deb11a965711e8a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 5516
x-ms-lease-status: unlocked
last-modified: Sat, 09 Dec 2023 02:52:36 GMT
etag: 0x8DBF861E6341ED5
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000tyn6
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 47fffd86-901e-003e-4be2-4eb47f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 109ms
108ms Image
image/gif 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000tyn7
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 77eab5de-401e-0043-5ffe-4e9964000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 109ms
109ms Image
image/gif 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000tyn8
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 68b9a1b3-b01e-0094-481b-4f7c0c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 illustration
aadcdn.msauthimages.net/dbd5a2dd-xolb7qf40nmihtx0iirszfvud6ftqq22lqy2dacx384/logintenantbranding/0/ 77 KB
77 KB 638ms
357ms Image
image/* 2606:2800:11f:1cb7:261b:1f9c:2074:3c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/dbd5a2dd-xolb7qf40nmihtx0iirszfvud6ftqq22lqy2dacx384/logintenantbranding/0/illustration?ts=636801418396405031
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 99f1ec640ceb60e82f7589b6f86624e24f711177caa4fcdef7e00abad8902582

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
last-modified: Tue, 11 Dec 2018 16:17:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: wSyVozKxR1rVeK6XAH7AdQ==
etag: 0x8D65F8420995CA6
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 46833f6d-901e-0031-6fe3-4fa2f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 78788

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-xolb7qf40nmihtx0iirszfvud6ftqq22lqy2dacx384/logintenantbranding/0/ 6 KB
6 KB 632ms
351ms Image
image/* 2606:2800:11f:1cb7:261b:1f9c:2074:3c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/dbd5a2dd-xolb7qf40nmihtx0iirszfvud6ftqq22lqy2dacx384/logintenantbranding/0/bannerlogo?ts=636801418415526040
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a7862d4b0a0a8a9b594b38c32efa3b537b791cffc281765dfc95938835bb772d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
last-modified: Tue, 11 Dec 2018 16:17:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: D6/a2ZnNRMVEjNDnkFaE6A==
etag: 0x8D65F8421A800EB
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 608cae82-101e-004d-28e3-4f8c0e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 5659

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 134ms
133ms Image
image/gif 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000typu
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 77eab5de-401e-0043-5ffe-4e9964000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 134ms
133ms Image
image/gif 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jan 2024 23:09:43 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 20240125T230943Z-ra9n9cq9f15mzfs8e1kteqfp6w00000001r000000000typv
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 68b9a1b3-b01e-0094-481b-4f7c0c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/b178535e-10fa-45cc-bcb0-85ec097d6414/winauth/ 12 B
1 KB 567ms
88ms Image
image/png 2603:1037:1:8::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/b178535e-10fa-45cc-bcb0-85ec097d6414/winauth/ssoprobe?client-request-id=94e51eef-c006-402d-abfe-50cde51c205c&_=1706224183417

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1037:1:8::4 -, , ASN (),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 23:09:42 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: 91ca8160-cea8-4ffe-8b75-f9ddf95f3900
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17122.2 - EUS ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 55ms
54ms XHR
application/json 2603:1036:3000:18::3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::3 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4dc0055b35459693bc3ea3f66496cba18feb4bd225b49a3d876510f5b0f32e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: 422ab989-e69b-4e9b-9ad1-a18c7c0f3800
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
client-request-id: 94e51eef-c006-402d-abfe-50cde51c205c
canary: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-5BxwsVmyPMvu-FHAvtmx4MuiUA8Jh3vPpKo-7AL53h0amUWCxE2tbOCVLBZhnFGeLI_lVyk7zhKFdnXc6BXfQCdiAeVUhDzPjxwHeOtykQvOggO83fFr-XrQg4skWAvDvPMWSTwQx1ZSLrs4QY2RRuRixn9Gdy-dWUqflrjhKu-8z8ELYN2cI40m0rc8o8kmOmuU27HBWwdCVNk08N8e1CAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/b178535e-10fa-45cc-bcb0-85ec097d6414/saml2?SAMLRequest=lZJPT%2BMwEMW%2FSuR7YudvEysNKlRoK8FStd097AU5zgQsErvrcWD59rgBBBeQ9jp6b37znqY%2B%2BzcOwSNYVEYvSRwxctbUq8nd6x38nQBd4AUal2SymhuBCrkWIyB3ku9X11c8iRg%2FWuOMNAN5FXMU4%2FC9QyCCdZ5Jgt%2FvcD8nwWa9JLetyESVVGlXiVYURVpWbSm7vMySopN9vIA0l3nSF6z1BsQJNhqd0M7vYEkWsjhM8kOSclbxzEdKyz8kWPssSgs3o%2B6dOyKndDB3Skejktag6Z3Rg9IQSTPSNl6UeZpDGLNehFkuZdjKloVlDpJVi67I4oyeciYkWL2HuTAapxHsHuyjkvBrd%2FWBEkcVuUmdZNGTsQ84uykabayYm6ZCIgm2b12eK90pffd9je2rCPmPw2Ebbm%2F2B9LUp718rsU2%2F0EfwYmafjbXPz1ws96aQcnn4NLYUbiv74mjeJ6oLuxnKZ80HkGqXkHnSxoG83RhQThYEmcnILSp6edPa14A&RelayState=https%3A%2F%2Fsonoraquest.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EMDTMrMvBPLK4GoTV4Al7aQmWMSE1vkovYQHH7T89carMI1f6LGfhueAQVsqDuX5p0sTMaSWDYnqIp%2FZwtTx8WuvbCMNQ4sLAx4e2raguofekfR9j1R7WrvDwWjpCnLeJAULhyK63hC7C%2F7rNthqj%2FgdArovrNC6N%2Ff9FH8aQuS76e4Ag6QWCM3rDZYpXQLUmxhkQ6vUQ0qDrTOZiBqEAscHpX4kx%2FJtDR5Wlmd1jNeO4bUR67QhTQr7QINBd2eRTZSIGHXNU%2FWMin2%2FURfaT91zngZnDdwa0R5jLmOSBVMjM65hDkjaB8pQO1Vlo65m2Z91XnxuloIiKRXC1HzK6w%3D%3D&sso_reload=true
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 25 Jan 2024 23:09:43 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: 94e51eef-c006-402d-abfe-50cde51c205c
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 265
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: 422ab989-e69b-4e9b-9ad1-a18cb10f3800
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17122.2 - EUS ProdSlices
Expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: browser-intake-datadoghq.com
URL: https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Abeacon&dd-api-key=pub2b0a5007df194a17333ea4bc92733249&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=93bb6081-abd0-4c49-b541-2f0e818d8985&batch_time=1706224181871

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sonoraquest.legacy.tuition.io/	1970-01-20 17:57:05	Name: _dd_s Value: rum=1&id=3b59645e-5d75-4655-b47d-7edd31d73cf6&created=1706224179368&expire=1706225079368
sonoraquest.tuition.io/	1970-01-20 17:57:05	Name: _dd_s Value: rum=2&id=e1cf6ff0-45f5-45b5-94e3-413bb68f9105&created=1706224177837&expire=1706225077837
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-eRrZbwGTvFM Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Gcuw1IVtBw-_QG82c9eZgC1aoZJIYITs9V_kJEFothU8UPjDg2SJHZx94nGtRFASbYv7IOkDnaIN9oMNShjJvsREM75DgGCgg7FCcFNh-yPdEodWweM9a9OHMioWMR3Cf0hbAE_ZgcDUqjvhfTAZ0yAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 17:57:04	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 18:40:16	Name: buid Value: 0.AScAXlN4sfoQzEW8sIXsCX1kFFxay1NFantFq9CCiuoJ4QcnAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-lRoZ1yvhdBWIVElNM45LkLHFEhkoGPGGgFpWtV7ur7HEx07OASYwAZMO24rAtKBJJkc62GUXhgSL0b-tEdyseX7hFHqdFUdqgoqmwsbpAJggAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-yuW9Icec2KJUIGcxc8fQ8OPd-xJqQCD-I5lVhwaSl0fEHk1rH6OtJ5CczyB6afTcDAnB-RiJw2dIMX3uOIK5RpX2D8lpDF84rmvzdyjaEOzpqZRTBfyo7H_ukEF0wD_oOvD-D_3vNvxMDehA69ZwN0kLI6aajQsm_f-t0ulX8DcgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-UrfTqWUPYc Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-93SjUHZqXKGI_RvZ9JhMILW9XvJnqG17d5NyDW5cUC_FpH5wKMc7IYr048-3yA5RZYgohMJK1T8zpo_q-a7Eetppcxjt3UNTCKjJ_gxGuz0Hyum-OYa1YR91N6UXVG050vM1NLCvD1N_VXcvf5iggCAA
login.microsoftonline.com/	1970-01-20 18:40:16	Name: fpc Value: AkfBrQU82pNOig84xzH4nnMGDMHuAQAAADXhRN0OAAAA
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: dabede900f3e46df9df2f4e8f0710909
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1706224183&co=1
login.microsoftonline.com/	1970-01-21 02:42:40	Name: MicrosoftApplicationsTelemetryDeviceId Value: 9d2ce478-50f3-48a2-9879-0743d1a22cd7
.login.microsoftonline.com/	1970-01-21 03:18:40	Name: brcap Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/b178535e-10fa-45cc-bcb0-85ec097d6414/winauth/ssoprobe?client-request-id=94e51eef-c006-402d-abfe-50cde51c205c&_=1706224183417 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
aadcdn.msftauth.net
ajax.googleapis.com
api.tuition.works
autologon.microsoftazuread-sso.com
browser-intake-datadoghq.com
cdn.jsdelivr.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
rum-http-intake.logs.datadoghq.com
sonoraquest.legacy.tuition.io
sonoraquest.tuition.io
static.zdassets.com
tio-api.tuition.io
tio.zendesk.com
tuitionio-production-images.s3.amazonaws.com
tuitionio-production-public-assets.s3.amazonaws.com
browser-intake-datadoghq.com
104.16.53.111
104.18.70.113
104.18.72.113
18.67.76.62
2600:1f18:24e6:b901:4066:ca37:bb63:d2fc
2600:1f18:24e6:b902:6dd9:2bda:1df2:42cd
2603:1036:3000:18::3
2603:1037:1:8::4
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:2800:21f:1b88:6342:f8de:86c:e98b
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c19::5f
2620:1ec:bdf::40
2a04:4e42:400::485
3.225.70.29
40.126.24.147
52.216.34.81
52.85.151.18
54.231.235.161
99.86.229.58
013aa3eae9756fbb72054eb158368bc855c0bdf6271884a75f76dd35c20d09de
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
03779f821cf3d1898257b5b8a372790d1535c8a37248fd099a2e2995b15f966d
0b7c785345caadfa9928fb400863504520ef3203e9c7e96bb47960f23b74587d
27624e2dd51265987c759bc787b282a863d3e9f22fe869634df5f3d9a221c4b1
27e6044507b675b3321bd14fcaa17cc48f5882b0aac4a5773be08db9ad93823f
38d38c696a96de2971e90d5c2625f1b22a52874f2d9c517c84f5f0d319a51a31
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
3e973dc15431008066fea811e20a6eabcc0842e5f007fe93d09d47ef090f5041
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4dc0055b35459693bc3ea3f66496cba18feb4bd225b49a3d876510f5b0f32e49
51a3c349cc4a840e23f7a6fad800d1d9f5507e21a71d13a6b8a19f624084aa67
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5cd0bde775a1d72da0a15a121d3b16c53bbfc06e64ad79d5deb11a965711e8a8
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5ea2107bf656126005f1c080359c253eec21c21da412a7f6c8d1e7977ee3bda2
5f4e34221bf5c7eee3889cf603a3bf6b2111d4ae98426409551a2be564884ab5
70ff2f211e5c6dcf8a22bea8e0e6d972c8dcc830768e9b81d8c2b2a9c4d583fc
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8fa20829dfb28955a290a9a86bd168499506f85b79720a965ba7786bba118747
99f1ec640ceb60e82f7589b6f86624e24f711177caa4fcdef7e00abad8902582
9c5bb37f1007c276953e8eba2fcfaa8b9ce69f95730df6c3b661c8b3d27016a6
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a7862d4b0a0a8a9b594b38c32efa3b537b791cffc281765dfc95938835bb772d
ab65e307d2c6c6d24ccdace319df07733fed27931cbd36ce66ca78f9d65697e6
b609d701f9db1c8534dd6c0ecc42f4d54207c388cd4e585bcfacaec793a124d1
b75f29dd29d58fbccbcc35a32fd6e0eafb9f3c463eb7f766a772e645ed704a0b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd0b610012747ebdd50b04d5b14040c89d6185ad7d1cfa82211740f9e014f782
c393eae6388f6b1b97a14dc410abb90100e42d7709e98aad2013e4bb3524e3ad
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
cc63e1729cabcda540d0223e9767bba82ec67495e29d756697a8cdb9ca785c28
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d9cd3dd27a7b407c58b78b1e479be8275532cc05dd2fc20a21f7de92228e6372
e62685bbd1ca36444e1bdf0e6ff951b5e876ece8129925122309f6eb202f289b
e877e8e7871469f0f2ad432c689102c8382847c92c76f149cea8b1cb2d666b41
ee913d0cfc26c4403ed5dc3738c7a33a924605a714996e368e021ac9906cc580
f46a9d9c96d9343a0774ff88e584a2f41c67144cca542a0c006a7d7ded45b8da
f4d950c649876fb897ae9732dc13e17fd19303c2bbe7fb628141c096c9f02949
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
fe39e61f951e4b107dc753315dc8b4a6d01c7d0b5ebe132676a2b68476ee4cf1

login.microsoftonline.com Open in urlscan Pro 2603:1036:3000:18::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

52 %IPv6

16 Domains

21 Subdomains

21 IPs

2 Countries

9571 kBTransfer

18104 kBSize

15 Cookies

2 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:18::3 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

52 %
IPv6

16
Domains

21
Subdomains

21
IPs

2
Countries

9571 kB
Transfer

18104 kB
Size

15
Cookies

68 HTTP transactions
0 data transactions