urlscan.io logo urlscan.io
SecurityTrails logo

passwordstate-dev.lsa.umich.edu Open in urlscan Pro
141.211.211.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://passwordstate-dev.lsa.umich.edu/
Effective URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx
Submission: On September 04 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 141.211.211.157, located in Chelsea, United States and belongs to UMICH-AS-5, US. The main domain is passwordstate-dev.lsa.umich.edu.
TLS certificate: Issued by R11 on July 18th 2024. Valid for: 3 months.
This is the only time passwordstate-dev.lsa.umich.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 141.211.211.157 36375 (UMICH-AS-5)
15 1
Apex Domain
Subdomains		 Transfer
16 umich.edu
passwordstate-dev.lsa.umich.edu
372 KB
15 1
Domain Requested by
16 passwordstate-dev.lsa.umich.edu 1 redirects passwordstate-dev.lsa.umich.edu
15 1

This site contains no links.

Subject Issuer Validity Valid
passwordstate-dev.lsa.umich.edu
R11		 2024-07-18 -
2024-10-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx
Frame ID: D71146FA96D741FE3808BCAA7F28F2D2
Requests: 12 HTTP requests in this frame

Frame: https://passwordstate-dev.lsa.umich.edu/logins/sessionstatus.aspx
Frame ID: D4FC74841235C1896A49EB94A4A08659
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

U-M LSA Passwordstate TEST INSTANCE

Page URL History Show full URLs

  1. https://passwordstate-dev.lsa.umich.edu/ HTTP 302
    https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

372 kB
Transfer

839 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://passwordstate-dev.lsa.umich.edu/ HTTP 302
    https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request loginadan.aspx
passwordstate-dev.lsa.umich.edu/logins/
Redirect Chain
  • https://passwordstate-dev.lsa.umich.edu/
  • https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
602cd55555a061fae647a8b0451077f9b69b250c5e1d411630565efbe85352bd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private,max-age=0, no-cache, must-revalidate
content-length
26111
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 15:34:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

cache-control
private,max-age=0, no-cache, must-revalidate
content-length
140
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 15:34:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
/logins/loginadan.aspx?
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
stylesheet-9000.css
passwordstate-dev.lsa.umich.edu/App_Themes/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/App_Themes/stylesheet-9000.css
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
8a15343b91104d07d3be79024d1d7ac692098754978971e05ca5762261aaf151
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Thu, 10 Jun 2021 04:49:34 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:44 GMT
etag
"3aa8412b45dd71:0"
content-type
text/css
cache-control
max-age=0, no-cache, must-revalidate
accept-ranges
bytes
content-length
22720
expires
Thu, 01 Jan 1970 00:00:00 GMT
jquery.min.js
passwordstate-dev.lsa.umich.edu/App_JScript/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/App_JScript/jquery.min.js
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Mon, 04 Mar 2024 21:03:16 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:44 GMT
etag
"242c9860776eda1:0"
content-type
application/javascript
cache-control
max-age=0, no-cache, must-revalidate
accept-ranges
bytes
content-length
89503
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs_library-9606.min.js
passwordstate-dev.lsa.umich.edu/App_JScript/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/App_JScript/cs_library-9606.min.js
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
008bcab8a28e05bf5088da901d993c0a83b948927cabd0515e8c6541192c9842
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Tue, 15 Nov 2022 23:43:44 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:44 GMT
etag
"b31242194cf9d81:0"
content-type
application/javascript
cache-control
max-age=0, no-cache, must-revalidate
accept-ranges
bytes
content-length
8460
expires
Thu, 01 Jan 1970 00:00:00 GMT
custom.css
passwordstate-dev.lsa.umich.edu/App_Themes/ 		11 B
148 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/App_Themes/custom.css
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
aeb842333a6c9bcabd479b9a11517be32a0227c3ef8fbfd45b4d6a346d8ff1a9
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Thu, 05 Aug 2021 01:09:52 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:44 GMT
etag
"9b17e989689d71:0"
content-type
text/css
cache-control
max-age=0, no-cache, must-revalidate
accept-ranges
bytes
content-length
11
expires
Thu, 01 Jan 1970 00:00:00 GMT
WebResource.axd
passwordstate-dev.lsa.umich.edu/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=oblvhdSbobZC1bFBW3necJZEf-dV598Xxj51ockQB7cfChL1BjMGbdkquAOWvXA3liCmbJ2zqwTIXicPjpoia8ufpmML29wy564Mgzd70G1umA4OwSB5GoIkfCuuUjNxAk9W6BsjrPj4gnV17obeuw2&t=638254859607431002
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
17d8eb5236cca61b7c00d3ba4ab25a3dfc4f7faeb5cd032550614227705c81cc
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 21 Jul 2023 01:39:20 GMT
date
Wed, 04 Sep 2024 15:34:44 GMT
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public,max-age=0, no-cache, must-revalidate
content-length
4445
x-xss-protection
1; mode=block
expires
Thu, 04 Sep 2025 15:34:44 GMT,Thu, 01 Jan 1970 00:00:00 GMT
WebResource.axd
passwordstate-dev.lsa.umich.edu/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=2Oe3LYhaNNcQRxAt8aO8YtISjn_tAqTL7GgwfM1DCAx8FFV6gFW6lG-UnVc-kP9F_4283rote30WTIVO80vAoViPY0vJWpmCnALnwA9PW4b17FKPkuE43Zq19DwgWxi7KpWrNJc_7vc3ydA5u8LRlmDxW5Nw_Lu3tMNaj0nuB001&t=638254859604530802
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
fe093ba63451200f30ba9f0073218e1086c75250ebfbfb9886e20e66c88fd177
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 21 Jul 2023 01:39:20 GMT
date
Wed, 04 Sep 2024 15:34:44 GMT
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public,max-age=0, no-cache, must-revalidate
content-length
2158
x-xss-protection
1; mode=block
expires
Thu, 04 Sep 2025 15:34:44 GMT,Thu, 01 Jan 1970 00:00:00 GMT
WebResource.axd
passwordstate-dev.lsa.umich.edu/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZApUNMAkSL1dcfQkeb2lQG19rRQ9zijBbw1LoZOhJRLfTfkR5QWb50ICMsu511EUCg2&t=638563127773552689
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 20:39:37 GMT
date
Wed, 04 Sep 2024 15:34:44 GMT
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public,max-age=0, no-cache, must-revalidate
content-length
23063
x-xss-protection
1; mode=block
expires
Thu, 04 Sep 2025 15:34:44 GMT,Thu, 01 Jan 1970 00:00:00 GMT
Telerik.Web.UI.WebResource.axd
passwordstate-dev.lsa.umich.edu/ 		460 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3aceece802-cb39-4409-a6c9-bfa3b2c8bf10%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2023.1.323.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a7d83c500-cd89-4120-abd9-f540845b969f%3a16e4e7cd%3aed16cbdc%3a33715776%3af7645509%3a24ee1bba%3ac128760b%3a1e771326%3a88144a7a%3aeaae47ab
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
8bfc2964a23bba5a427aa16d5fc9341e7849eb9e78aa0d71efda9ffd85c1c4ba
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Thu, 04 Sep 2025 15:34:44 GMT,Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
date
Wed, 04 Sep 2024 15:34:44 GMT
content-length
125077
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
referrer-policy
same-origin
last-modified
Thu, 23 Mar 2023 00:00:00 GMT
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000,max-age=0, no-cache, must-revalidate
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
pstestdashboard.png
passwordstate-dev.lsa.umich.edu/images/logos/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passwordstate-dev.lsa.umich.edu/images/logos/pstestdashboard.png
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
86e5a11e2e7453504aabb438e2148e36d3f1fbe5622ec326a4e4583530aad62f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Fri, 20 Aug 2021 16:13:48 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:44 GMT
etag
"e5bc75bde95d71:0"
content-type
image/png
cache-control
max-age=0, no-cache, must-revalidate
accept-ranges
bytes
content-length
15564
expires
Thu, 01 Jan 1970 00:00:00 GMT
sessionstatus.aspx
passwordstate-dev.lsa.umich.edu/logins/ Frame D4FC 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/logins/sessionstatus.aspx
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
fc408a967a04b7f285dac336944c2da4fac3a06c74cfbb792939fdfce670680e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private,max-age=0, no-cache, must-revalidate
content-length
2991
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 15:34:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
WebResource.axd
passwordstate-dev.lsa.umich.edu/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=0XUhdENMh5wtLWEvr_GSVQO41KNWzitf1WtZxWrYPWlQmKC1WcNEbKxO0KALiEtXsixfmHMNif2xkCvnwUNc_MYggAJTI-ON38pLEgTQvbOERGVx41yl9cVeM4dJkj9UVXi7CxiAU6ZX1aJcOKXQrdP2hs89YMVkOdziaBEF9kY1&t=638254859604530802
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=2Oe3LYhaNNcQRxAt8aO8YtISjn_tAqTL7GgwfM1DCAx8FFV6gFW6lG-UnVc-kP9F_4283rote30WTIVO80vAoViPY0vJWpmCnALnwA9PW4b17FKPkuE43Zq19DwgWxi7KpWrNJc_7vc3ydA5u8LRlmDxW5Nw_Lu3tMNaj0nuB001&t=638254859604530802
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
706cf7684b978592d5609fe9f065e1402d3402e52c1ec7e648d1adebb81f3092
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=2Oe3LYhaNNcQRxAt8aO8YtISjn_tAqTL7GgwfM1DCAx8FFV6gFW6lG-UnVc-kP9F_4283rote30WTIVO80vAoViPY0vJWpmCnALnwA9PW4b17FKPkuE43Zq19DwgWxi7KpWrNJc_7vc3ydA5u8LRlmDxW5Nw_Lu3tMNaj0nuB001&t=638254859604530802
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 21 Jul 2023 01:39:20 GMT
date
Wed, 04 Sep 2024 15:34:46 GMT
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public,max-age=0, no-cache, must-revalidate
content-length
15913
x-xss-protection
1; mode=block
expires
Thu, 04 Sep 2025 15:34:46 GMT,Thu, 01 Jan 1970 00:00:00 GMT
WebResource.axd
passwordstate-dev.lsa.umich.edu/ Frame D4FC 		23 KB
29 B 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZApUNMAkSL1dcfQkeb2lQG19rRQ9zijBbw1LoZOhJRLfTfkR5QWb50ICMsu511EUCg2&t=638563127773552689
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/sessionstatus.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

If-Modified-Since
Thu, 11 Jul 2024 20:39:37 GMT
Referer
https://passwordstate-dev.lsa.umich.edu/logins/sessionstatus.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Thu, 04 Sep 2025 15:34:44 GMT,Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Thu, 11 Jul 2024 20:39:37 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:46 GMT
cache-control
public,max-age=0, no-cache, must-revalidate
x-ua-compatible
IE=edge
Telerik.Web.UI.WebResource.axd
passwordstate-dev.lsa.umich.edu/ Frame D4FC 		143 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3aceece802-cb39-4409-a6c9-bfa3b2c8bf10%3aea597d4b%3ab25378d2%3a76254418
Requested by
Host: passwordstate-dev.lsa.umich.edu
URL: https://passwordstate-dev.lsa.umich.edu/logins/sessionstatus.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
/
Resource Hash
6b816547fb6ef3103f1b5ec2c58fbfd2de44946f20ef3fc762146f769c3b2904
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/sessionstatus.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Thu, 04 Sep 2025 15:34:46 GMT,Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
date
Wed, 04 Sep 2024 15:34:46 GMT
content-length
35625
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
referrer-policy
same-origin
last-modified
Thu, 23 Mar 2023 00:00:00 GMT
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000,max-age=0, no-cache, must-revalidate
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
favicon.ico
passwordstate-dev.lsa.umich.edu/images/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://passwordstate-dev.lsa.umich.edu/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.211.211.157 Chelsea, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
lsa-ps-app-d.lsait.lsa.umich.edu
Software
Microsoft-IIS/10.0 /
Resource Hash
df443559f7aaa48b4ae520889a8521f21b2164f8d38dcccdfbfd8c1d851f1223
Security Headers
Name Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';

Request headers

Referer
https://passwordstate-dev.lsa.umich.edu/logins/loginadan.aspx?
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
pragma
no-cache
strict-transport-security
max-age=31536000
content-security-policy
connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
x-content-security-policy
connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
last-modified
Thu, 10 Jun 2021 04:49:37 GMT
server
Microsoft-IIS/10.0
date
Wed, 04 Sep 2024 15:34:46 GMT
etag
"133a554b45dd71:0"
content-type
image/x-icon
cache-control
max-age=0, no-cache, must-revalidate
accept-ranges
bytes
content-length
7406
expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| _0xd39f function| getRegexCount function| HandleKeyPress function| MM_openBrWindow function| Left function| RowMouseOver function| goURL function| InitiateNewAuditEvent function| displayPopupMessage function| init function| GridActionsIndexChanging function| changecss function| XORDecryption function| Chr function| Mid function| GetBrowser function| clickLogonButton function| clickLogonButton2 function| updateStatus object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find object| commonScripts function| Type object| Sys object| _events object| Telerik object| $telerik object| TelerikCommonScripts string| callBackFrameUrl object| __TsmHiddenField object| RadAjaxManager1 object| jQuery1124063844438987086

2 Cookies

Domain/Path Name / Value
passwordstate-dev.lsa.umich.edu/ Name: ASP.NET_SessionId
Value: yyfgvhyfbvq1dh5dunh1ovjr
passwordstate-dev.lsa.umich.edu/ Name: __RequestVerificationToken
Value: F8MJfYBQTNA4uMIuV_MXU3yaGc0V7sUBmsIKcXwLM5dJoAsBOGMSc6XaVABd1HURfMrtbmDI7481MHRpuH0Qwh6bNiwk1tjUQCiUYgPyWCw1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' api.pwnedpasswords.com wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy connect-src 'self' wss:; img-src 'self' data:; media-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block