URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Submission: On May 31 via manual from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 64.72.147.220, located in United States and belongs to EXPEDIENT, US. The main domain is rochester.t2hosted.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 6th 2023. Valid for: a year.
This is the only time rochester.t2hosted.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 64.72.147.220 17054 (EXPEDIENT)
3 2a02:6ea0:c70... 60068 (CDN77 _)
6 156.146.33.138 60068 (CDN77 _)
3 2600:1f14:5db... 16509 (AMAZON-02)
25 4
Apex Domain
Subdomains
Transfer
13 t2hosted.com
rochester.t2hosted.com
3 MB
12 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3155
api.userway.org — Cisco Umbrella Rank: 3077
106 KB
25 2
Domain Requested by
13 rochester.t2hosted.com rochester.t2hosted.com
9 cdn.userway.org rochester.t2hosted.com
cdn.userway.org
3 api.userway.org cdn.userway.org
25 3

This site contains links to these domains. Also see Links.

Domain
rochester.edu
www.rochester.edu
Subject Issuer Validity Valid
*.t2hosted.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-06 -
2024-07-25
a year crt.sh
1667503734.rsc.cdn77.org
R3
2024-05-07 -
2024-08-05
3 months crt.sh
api.userway.org
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh

This page contains 1 frames:

Primary Page: https://rochester.t2hosted.com/cmn/email_recover.aspx
Frame ID: D96228B85541E8654E9219537AF87F7D
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

University of Rochester - Recover lost ID and Password

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

2839 kB
Transfer

3182 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request email_recover.aspx
rochester.t2hosted.com/cmn/
27 KB
28 KB
Document
General
Full URL
https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab74f8c9635a21bec7edf3527abf9ea438062518bce11238c380627cffe54727

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Length
27990
Content-Type
text/html; charset=utf-8
Date
Fri, 31 May 2024 16:26:23 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-UA-Compatible
IE=edge
Bundle
rochester.t2hosted.com/Content/AjaxControlToolkit/Styles/
63 KB
64 KB
Stylesheet
General
Full URL
https://rochester.t2hosted.com/Content/AjaxControlToolkit/Styles/Bundle?v=FDBVOkOPr_cBjdVOMFWml5TXJYdiNvOL409jlglEoH81
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ae7c4be4dc7052c16576dba97214d863217c5a231b4ed556b48a20e451e58e0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 16:26:23 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Last-Modified
Fri, 31 May 2024 16:26:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
64990
X-UA-Compatible
IE=edge
FlexPortStyles
rochester.t2hosted.com/bundles/
156 KB
157 KB
Stylesheet
General
Full URL
https://rochester.t2hosted.com/bundles/FlexPortStyles?v=c27YpMEKrZ__i9E-f6esPuYDpZFUULtnWRdHBCisRB01
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0e48cd32e8ed35b1e66d32923de0726b224b7066780da243998f9ddb7068299

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 16:26:23 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Last-Modified
Fri, 31 May 2024 16:26:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
160004
X-UA-Compatible
IE=edge
FlexPortScripts
rochester.t2hosted.com/bundles/
1 MB
1 MB
Script
General
Full URL
https://rochester.t2hosted.com/bundles/FlexPortScripts?v=F9PZq0Bt93juW0ty0BZINp6RsF1f8rUGrHxJ_disDsI1
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06f5841fc8cad6f9025019095bc61c79b0daa68311ac79ef1e5b93de532ea58d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 16:26:23 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Last-Modified
Fri, 31 May 2024 16:26:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
1190948
X-UA-Compatible
IE=edge
WebResource.axd
rochester.t2hosted.com/
23 KB
23 KB
Script
General
Full URL
https://rochester.t2hosted.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZPHu0WfbOtTrKdyCoXJs-hO3g7zsdG0-Q7voPuzwrhVF_V4mR_LMXwjKt3q2H6Qp2A2&t=638459680569584809
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-UA-Compatible
IE=edge
Date
Fri, 31 May 2024 16:26:23 GMT
Last-Modified
Thu, 14 Mar 2024 03:07:36 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
23063
Expires
Sat, 31 May 2025 09:08:30 GMT
ScriptResource.axd
rochester.t2hosted.com/
26 KB
6 KB
Script
General
Full URL
https://rochester.t2hosted.com/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1Ko7TOZe_lquErexTJKgYFVhMAIdTIE-WkbHjY7vB061B7bvho_CcVef9e_KvUbwx0X93sidSN_ajUyQuzH_VfFAammY0RGJN9e_Vf0mePwQllnFtFHLlaDoA9M_XN46lQ2&t=ffffffffa8ad04d3
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 09:09:43 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2024 09:09:43 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
5479
X-UA-Compatible
IE=edge
ScriptResource.axd
rochester.t2hosted.com/
100 KB
25 KB
Script
General
Full URL
https://rochester.t2hosted.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvvtUmdzgu2E1lmWoYefI2KCVpI1gCLhnLMMNwz4IJQAEgleCnzI0gmsON4Wjow65iP4d0ho-Jva2aZOlMg8DO1xlBldA6Gww9wAU0FLv3-Rem_8z0jdxolb58gbFu8pck4wLv5wk_aomuzEa84VRBck1&t=74258c30
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 09:08:30 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2024 09:08:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
25609
X-UA-Compatible
IE=edge
ScriptResource.axd
rochester.t2hosted.com/
39 KB
10 KB
Script
General
Full URL
https://rochester.t2hosted.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OPp_9vuw2v9FYG7CB31RfTNivHOw_z_gW-pWNg0b29tqmKEUJDnp7RsPvsXZVreY_7PUT1OrhscxZt5q0AeudKeWe7Igbn8C9oOi0m7WWE9AkAl2BnvdnW6Tzd6Hp3gzxbN4hWExYBtFjeP-y74Jn4U1&t=74258c30
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 09:08:30 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2024 09:08:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
9984
X-UA-Compatible
IE=edge
Bundle
rochester.t2hosted.com/Scripts/AjaxControlToolkit/
1 MB
1 MB
Script
General
Full URL
https://rochester.t2hosted.com/Scripts/AjaxControlToolkit/Bundle?v=3q2jHDb0FFsHJRx2Y_4Dqm7e42Wa687IGMNEI508bNU1
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c373863ac1fb27207c551ee224fe1b9d7390d998c1a9de7d5c8ae9bd710b59fb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Sat, 31 May 2025 16:26:23 GMT
Date
Fri, 31 May 2024 16:26:23 GMT
Last-Modified
Fri, 31 May 2024 16:26:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
1244292
X-UA-Compatible
IE=edge
GetSessionTimeout
rochester.t2hosted.com//api/webMethods/sessions.aspx/
22 B
257 B
XHR
General
Full URL
https://rochester.t2hosted.com//api/webMethods/sessions.aspx/GetSessionTimeout
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/bundles/FlexPortScripts?v=F9PZq0Bt93juW0ty0BZINp6RsF1f8rUGrHxJ_disDsI1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b31c329399aa22eb7d71fca9388a1b6ddd313c06053ce23673ad41e279a6b53

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Basic apiToken={%22secure%22:true%2C%22sameSite%22:%22none%22}; path=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
*/*
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/json; charset=utf-8
Date
Fri, 31 May 2024 16:26:27 GMT
Cache-Control
private, max-age=0
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
22
X-UA-Compatible
IE=edge
e99493f7-9338-49cd-975e-5187e2de63a9
rochester.t2hosted.com/shared/Carousel/Image/
18 KB
18 KB
Image
General
Full URL
https://rochester.t2hosted.com/shared/Carousel/Image/e99493f7-9338-49cd-975e-5187e2de63a9
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fdf7a045d2d281c6c9fc4063083901bfbef21e14e240d4d5fb7ef740b4e4712d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Fri, 31 May 2024 16:56:28 GMT
Date
Fri, 31 May 2024 16:26:28 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 31 May 2024 16:26:28 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
public, max-age=1800
Content-Length
18092
X-UA-Compatible
IE=edge
glyphicons-halflings-regular.woff
rochester.t2hosted.com/fonts/
23 KB
23 KB
Font
General
Full URL
https://rochester.t2hosted.com/fonts/glyphicons-halflings-regular.woff
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/bundles/FlexPortStyles?v=c27YpMEKrZ__i9E-f6esPuYDpZFUULtnWRdHBCisRB01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/bundles/FlexPortStyles?v=c27YpMEKrZ__i9E-f6esPuYDpZFUULtnWRdHBCisRB01
Origin
https://rochester.t2hosted.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 31 May 2024 16:26:28 GMT
Last-Modified
Wed, 27 Sep 2023 17:26:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0e0fbd67f1d91:0"
X-Powered-By
ASP.NET
Content-Type
application/x-font-woff
Accept-Ranges
bytes
Content-Length
23320
X-UA-Compatible
IE=edge
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: rochester.t2hosted.com
URL: https://rochester.t2hosted.com/cmn/email_recover.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
424ac40c4ddf91cd7f05282b1210b81a1623d3908c0087a6933dbf220d5da962

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:30 GMT
via
1.1 18a0c3f5e09e58d51d2e5d6f596d202e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
792
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
2750
x-accel-date
1717170040
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3vgoAAAwB1GY4EQH3FQAAAA
x-accel-expires
@1717173640
x-77-age
2750
last-modified
Fri, 31 May 2024 08:26:04 GMT
server
CDN77-Turbo
etag
W/"f34a1b5ccb973fce20580f4e344349f4"
x-77-nzt-ray
f6587a1d337c532e36fa5966dcd96c2e
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
9gXiBjd1dSw-V5PLQvi_-aQi_YRisack1nf0jcS9olSbPN8joBtjEg==
widget_app_base_1717143841488.js
cdn.userway.org/widgetapp/2024-05-31-08-24-01/
153 KB
44 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
37899059a1a3a5ab139f69619a3d42c6fa873f64bf99ed64a17304060800328e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Origin
https://rochester.t2hosted.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:30 GMT
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
789
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
27936
x-accel-date
1717144854
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3IG0AAAwBJRPCNAH3FQAAAA
x-accel-expires
@1743064833
x-77-age
27936
last-modified
Fri, 31 May 2024 08:25:59 GMT
server
CDN77-Turbo
etag
W/"5c5f427ab83dd18ed7f2940cc40bfab5"
x-77-nzt-ray
f6587a1d386d2e3536fa59666fc44837
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
c8F8XejicrFwvemfWRykcS7VnV0BC7MZxnEcKDXbmVtwSz6yagfV8A==
JEdqjh4z98
api.userway.org/api/tunings/
3 KB
3 KB
XHR
General
Full URL
https://api.userway.org/api/tunings/JEdqjh4z98
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:bbda:e449:515b:1d32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32ed748776121cb389d9492b39bc3ee00624825ef5fbea7a8582efd7d0448b85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 31 May 2024 16:26:31 GMT
etag
W/"b55-E/6Nl2RI5PKoZDNvXecxLX/SIBs"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr3bdd1e3e4d45414
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
2901
x-service-version
uw-pr
favicon.ico
rochester.t2hosted.com/inc/clientResources/images/
198 B
473 B
Other
General
Full URL
https://rochester.t2hosted.com/inc/clientResources/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.72.147.220 , United States, ASN17054 (EXPEDIENT, US),
Reverse DNS
IP-64-72-147-220.nframe.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0440e7d15581a65e03fa66d893a4349cdc989efa402fbad1284bdd136ca630a3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/cmn/email_recover.aspx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 31 May 2024 16:26:30 GMT
Last-Modified
Wed, 27 Sep 2023 17:26:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0e0fbd67f1d91:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
198
X-UA-Compatible
IE=edge
en-US.json
cdn.userway.org/widgetapp/2024-05-31-08-24-01/locales/
621 B
1010 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:31 GMT
via
1.1 e66d620a027773b405a4087e80172660.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
BRU50-P1
age
780
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
27928
x-accel-date
1717144863
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3GG0AAAwBnJIhJwH3HAAAAA
x-accel-expires
@1743064835
x-77-age
27928
last-modified
Fri, 31 May 2024 08:25:59 GMT
server
CDN77-Turbo
etag
W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray
f6587a1d386d6d5337fa5966dee5c222
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
AmZw613cIv1JeMdP1xVoipWM4kZsUua54SSdTxn6Z11VasbYs8ytaQ==
remediation_1717143841488.js
cdn.userway.org/widgetapp/2024-05-31-08-24-01/remediation/
102 KB
29 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/remediation/remediation_1717143841488.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2c7893564444d772941ce03a4e653b697d153a17522b2bf4b69b7d5a509b44fb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Origin
https://rochester.t2hosted.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:32 GMT
via
1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
779
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
27934
x-accel-date
1717144858
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3Hm0AAAwBJRPCLgH3FQAAAA
x-accel-expires
@1743064837
x-77-age
27934
last-modified
Fri, 31 May 2024 08:25:59 GMT
server
CDN77-Turbo
etag
W/"8f4e53803f8025c21ec13850ffe9db58"
x-77-nzt-ray
f6587a1d386d216a38fa5966a7c80d05
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
vj1zzD11xICr5KBbZYWCHTIyF24OqBBhFFs7cw4rAXXDUbwA0KWtSQ==
3Y1ImT236SYyk1bB.json
cdn.userway.org/remediations/consolidated/1284972/
1 KB
1 KB
XHR
General
Full URL
https://cdn.userway.org/remediations/consolidated/1284972/3Y1ImT236SYyk1bB.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
1accdf5bcf1642c3593ef029b09dd1395f52d038414635fc0a88ae26ffa38546

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:32 GMT
via
1.1 25e3b69fde079d7590d799e5f23bf9d6.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
BRU50-P1
age
10982
x-amz-server-side-encryption
AES256
x-77-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-77-nzt
EggBnJIhiAFBCAGckiEfAYE
x-accel-expires
@1748708792
last-modified
Thu, 18 Jan 2024 00:14:14 GMT
server
CDN77-Turbo
etag
W/"793c5f4f9bf1c3fda5901f776cb3dc8e"
x-77-nzt-ray
f6587a1d386d2b6a38fa5966ec621b05
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
xE7lt-3_6jSnNS20PTeko0CupbVZ38S6fQ7C4FSFGyk2vTZJGUR11g==
body_wh.svg
cdn.userway.org/widgetapp/images/
4 KB
3 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:32 GMT
via
1.1 9857ab0da41c7a88865f55b9cdc654ac.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
BRU50-P1
age
589
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
27937
x-accel-date
1717144855
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3IW0AAAwBnJIhHwH3FwAAAA
x-accel-expires
@1743064832
x-77-age
27937
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
f6587a1d337c532e38fa5966fbcccd05
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
hA6F9PpTVUuZ8d0kXvex_kCkHEH0h1WFetJ9tZUm0tLa6kf100oY_w==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:32 GMT
via
1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
587
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
27937
x-accel-date
1717144855
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3IW0AAAwB1GY4EQH3FwAAAA
x-accel-expires
@1743064832
x-77-age
27937
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
f6587a1d337c532e38fa59669577d405
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
PU1m_M53r4dLVHgqFX7-ISaAB5DwacVuE_BaXXmaOCJFBqrFO2Wixw==
remediation-tool.js
cdn.userway.org/remediation/2024-05-31-08-24-01/paid/
58 KB
21 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-05-31-08-24-01/paid/remediation-tool.js?ts=1717143841488
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
8d5861c48a576edc397b0bf2e220e3f78b6ad36213715ad6982d078856f11c0b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Origin
https://rochester.t2hosted.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:32 GMT
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
778
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
27934
x-accel-date
1717144858
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiAH3Hm0AAAwBJRPCNAH3FQAAAA
x-accel-expires
@1743064837
x-77-age
27934
last-modified
Fri, 31 May 2024 08:26:03 GMT
server
CDN77-Turbo
etag
W/"cfa5f88254d7b736d1ff05bbbdfbfcdd"
x-77-nzt-ray
f6587a1d386d5f6c38fa5966be2cbc07
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
6lhkEVl19kKlggkvINUtZMC1rQWZ4YNiIH-oppsmnRVRCLlNlouGUA==
3Y1ImT236SYyk1bB.json
cdn.userway.org/remediations/consolidated/1284972/
1 KB
0
Fetch
General
Full URL
https://cdn.userway.org/remediations/consolidated/1284972/3Y1ImT236SYyk1bB.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-05-31-08-24-01/paid/remediation-tool.js?ts=1717143841488
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
1accdf5bcf1642c3593ef029b09dd1395f52d038414635fc0a88ae26ffa38546

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 31 May 2024 16:26:32 GMT
via
1.1 25e3b69fde079d7590d799e5f23bf9d6.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
BRU50-P1
age
10982
x-amz-server-side-encryption
AES256
x-77-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-77-nzt
EggBnJIhiAFBCAGckiEfAYE
x-accel-expires
@1748708792
last-modified
Thu, 18 Jan 2024 00:14:14 GMT
server
CDN77-Turbo
etag
W/"793c5f4f9bf1c3fda5901f776cb3dc8e"
x-77-nzt-ray
f6587a1d386d2b6a38fa5966ec621b05
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
xE7lt-3_6jSnNS20PTeko0CupbVZ38S6fQ7C4FSFGyk2vTZJGUR11g==
1284972
api.userway.org/api/br-links/v0/contribute/
51 B
429 B
Fetch
General
Full URL
https://api.userway.org/api/br-links/v0/contribute/1284972
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-05-31-08-24-01/paid/remediation-tool.js?ts=1717143841488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:bbda:e449:515b:1d32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 16:26:32 GMT
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
51
x-service-version
apps-ddb67952
1284972
api.userway.org/api/br-links/v0/links/
805 B
1 KB
Fetch
General
Full URL
https://api.userway.org/api/br-links/v0/links/1284972
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-05-31-08-24-01/paid/remediation-tool.js?ts=1717143841488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:bbda:e449:515b:1d32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f5ebc6a457c809aee39e74d9ff7f79a6a0f4ed59c6ec6078305b8ecc9db6bf3e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rochester.t2hosted.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 16:26:33 GMT
etag
W/"325-/xQEYISiZYCfBuO7G9qMS6Zk3mw"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
vary
Accept-Encoding
access-control-allow-headers
*
content-length
805
x-service-version
apps-ddb67952

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| authTokenHandler object| pubsub object| urlHandler function| adjustValidationSummary function| ajaxComplete function| showLoadingDialog function| hideLoadingDialog object| t2eb object| PermitNow object| API object| t2tablesort object| t2PermitQueue object| t2AddressControl object| t2EventSearch undefined| backCompat undefined| dataSpace function| _normalizeArguments function| standardSpeed undefined| rvertical undefined| rpositivemotion function| $ function| jQuery object| html5 object| Modernizr function| Cookies object| L object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| MaskedEditSetMessage function| MaskedEditMessageShow function| MaskedEditSetCssClass function| MaskedEditValidatorDateTime function| MaskedEditValidatorPartTime function| MaskedEditValidatorPartDate function| MaskedEditValidatorDate function| MaskedEditValidatorTime function| MaskedEditValidatorNumber function| MaskedEditValidatorNone function| callbackSuccessStub function| callbackErrorStub boolean| isUnminified object| $AA object| ComboBox_Elements object| HtmlEditorExtender_editableDivs number| QUOTA number| MIN_PIXEL_RATIO number| browser number| browserVer boolean| subpixelRenders boolean| useCanvas object| CommonToolkitScripts object| $common function| ajaxClientUploadComplete object| Seadragon string| SIGNAL function| WebForm_OnSubmit object| Page_Validators object| ctl00_ctl01_MainContentPlaceHolder_T2Main_reqValEmail object| ctl00_ctl01_MainContentPlaceHolder_T2Main_regValEmail boolean| Page_ValidationActive function| ValidatorOnSubmit object| Page_ValidationSummaries object| UserWayWidgetApp function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| UserWay function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

3 Cookies

Domain/Path Name / Value
rochester.t2hosted.com/ Name: ASP.NET_SessionId
Value: biwyzpkt5wcmbm5y05uu2ao0
rochester.t2hosted.com/ Name: EBBasket_D4EEF5DC9E565C5FA7CB45689D23E6B2
Value: 8b2a840b-f5c9-41ee-8936-79367f1528e0
rochester.t2hosted.com/ Name: apiToken
Value: {%22secure%22:true%2C%22sameSite%22:%22none%22}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
rochester.t2hosted.com
156.146.33.138
2600:1f14:5db:eb11:bbda:e449:515b:1d32
2a02:6ea0:c700::17
64.72.147.220
0440e7d15581a65e03fa66d893a4349cdc989efa402fbad1284bdd136ca630a3
06f5841fc8cad6f9025019095bc61c79b0daa68311ac79ef1e5b93de532ea58d
1accdf5bcf1642c3593ef029b09dd1395f52d038414635fc0a88ae26ffa38546
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2ae7c4be4dc7052c16576dba97214d863217c5a231b4ed556b48a20e451e58e0
2c7893564444d772941ce03a4e653b697d153a17522b2bf4b69b7d5a509b44fb
32ed748776121cb389d9492b39bc3ee00624825ef5fbea7a8582efd7d0448b85
37899059a1a3a5ab139f69619a3d42c6fa873f64bf99ed64a17304060800328e
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b31c329399aa22eb7d71fca9388a1b6ddd313c06053ce23673ad41e279a6b53
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
424ac40c4ddf91cd7f05282b1210b81a1623d3908c0087a6933dbf220d5da962
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
8d5861c48a576edc397b0bf2e220e3f78b6ad36213715ad6982d078856f11c0b
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
ab74f8c9635a21bec7edf3527abf9ea438062518bce11238c380627cffe54727
c373863ac1fb27207c551ee224fe1b9d7390d998c1a9de7d5c8ae9bd710b59fb
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
e0e48cd32e8ed35b1e66d32923de0726b224b7066780da243998f9ddb7068299
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f5ebc6a457c809aee39e74d9ff7f79a6a0f4ed59c6ec6078305b8ecc9db6bf3e
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fdf7a045d2d281c6c9fc4063083901bfbef21e14e240d4d5fb7ef740b4e4712d