payments.efundsforschools.com Open in urlscan Pro
12.15.90.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payments.wsdpc.org/
Effective URL:
https://payments.efundsforschools.com/v3/districts/56466
Submission: On January 21 via automatic, source certstream-suspicious (January 21st 2021, 6:33:30 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 12.15.90.71, located in Caledonia, United States and belongs to ATT-INTERNET4, US. The main domain is payments.efundsforschools.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 11th 2020. Valid for: a year.

This is the only time payments.efundsforschools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
11	12.15.90.71 12.15.90.71	7018 (ATT-INTER...) (ATT-INTERNET4)
2	12.15.90.105 12.15.90.105	7018 (ATT-INTER...) (ATT-INTERNET4)
2	51.107.59.180 51.107.59.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	12.15.90.15 12.15.90.15	7018 (ATT-INTER...) (ATT-INTERNET4)
16	4

1 141.193.213.10 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

payments.wsdpc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 12.15.90.71 (Caledonia, United States)

ASN7018 (ATT-INTERNET4, US)

payments.efundsforschools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 12.15.90.105 (Caledonia, United States)

ASN7018 (ATT-INTERNET4, US)

api.efundsforschools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 12.15.90.15 (Caledonia, United States)

ASN7018 (ATT-INTERNET4, US)
PTR: elb.mvpbanking.com

elb.mvpbanking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	efundsforschools.com payments.efundsforschools.com api.efundsforschools.com	728 KB
2	visualstudio.com dc.services.visualstudio.com	236 B
1	mvpbanking.com elb.mvpbanking.com	534 B
1	wsdpc.org 1 redirects payments.wsdpc.org	608 B
16	4

	Domain	Requested by
11	payments.efundsforschools.com	payments.efundsforschools.com
2	dc.services.visualstudio.com	payments.efundsforschools.com
2	api.efundsforschools.com	payments.efundsforschools.com
1	elb.mvpbanking.com	payments.efundsforschools.com
1	payments.wsdpc.org	1 redirects
16	5

This site contains no links.

Subject Issuer	Validity	Valid
payments.efundsforschools.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-11` - `2021-12-12`	a year	crt.sh
api.efundsforschools.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-11` - `2021-12-12`	a year	crt.sh
elb.mvpbanking.com DigiCert Global CA G2	`2019-05-31` - `2021-07-03`	2 years	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2021-01-19` - `2022-01-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://payments.efundsforschools.com/v3/districts/56466
Frame ID: C356D7AB962128C5A485E5F472CEBF89
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://payments.wsdpc.org/ HTTP 301
https://payments.efundsforschools.com/v3/districts/56466 Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

729 kB
Transfer

2699 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payments.wsdpc.org/ HTTP 301
https://payments.efundsforschools.com/v3/districts/56466 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 56466 Show response
payments.efundsforschools.com/v3/districts/
Redirect Chain

https://payments.wsdpc.org/
https://payments.efundsforschools.com/v3/districts/56466

2 KB
1 KB

431ms
158ms

Document
text/html

12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

971295c4cfab32c8ca38d7d1059e07c88517595580fdaec81150f9c3f4cc9312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: payments.efundsforschools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:11 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 685
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

Redirect headers

date: Thu, 21 Jan 2021 18:33:10 GMT
content-type: text/html
content-length: 162
set-cookie: __cfduid=da61074253bd0a720e5ef797bd74123251611253990; expires=Sat, 20-Feb-21 18:33:10 GMT; path=/; domain=.payments.wsdpc.org; HttpOnly; SameSite=Lax
location: https://payments.efundsforschools.com/v3/districts/56466
cf-cache-status: DYNAMIC
cf-request-id: 07c7d1daf30000088387a5b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SKNA%2B68bDIaNcs%2BJrxTcR%2BGuHcUZLl0WGghq5AD0%2FS6e9LiF3DAHwBnthJrbp%2BXFL612TEMPPxqo3Gr24ySvFvNkAhsKRipZCkDDwMBATvlCN%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 61531f3e5ae20883-CDG

GET
H/1.1 200
OK styles.css
payments.efundsforschools.com/v3/Content/ 124 KB
21 KB 142ms
141ms Stylesheet
text/css 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/Content/styles.css

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

28bd0f08ed65eb3ddfd4f2d6b2beae3bcd1e5d7551610fde182165e923660a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 20789
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0fa33dc32aed61:0-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK appdata Show response
payments.efundsforschools.com/v3/ 6 KB
7 KB 767ms
525ms Script
text/javascript 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/appdata?origin=districts/56466

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

4b379965c5460ca9357af571066f7ce19ff7fd3af606f36f54014a6dd21343d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 6364
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK polyfill.min.js Show response
payments.efundsforschools.com/v3/Scripts/babel-polyfill/ 60 KB
21 KB 410ms
147ms Script
application/javascript 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/Scripts/babel-polyfill/polyfill.min.js?v=5.1.1.1147

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

ac1d1471026da9407bd05a0f579e6c863a41ea7032819559995047be5fac2750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 21017
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0fa33dc32aed61:0-gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bundle.js Show response
payments.efundsforschools.com/v3/Scripts/ 2 MB
577 KB 419ms
156ms Script
application/javascript 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/Scripts/bundle.js?v=5.1.1.1147

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

0c9b7221111bcc002021f9873c69f04183d58ad34b7706fb2371caf98d962791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 02 Nov 2020 17:59:58 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0a3afa41b1d61:0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK efs-logo.svg
payments.efundsforschools.com/v3/content/images/ 26 KB
27 KB 387ms
136ms Image
image/svg+xml 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.efundsforschools.com/v3/content/images/efs-logo.svg

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/Content/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

23a7039c06118815ece7f830918fd079abae9b43bfe9cf11c26484eeaad267d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/Content/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 26574
ETag: "0fa33dc32aed61:0"
Keep-Alive: timeout=5, max=100

OPTIONS
H/1.1 200
OK Identity
api.efundsforschools.com/api/v3/ 0
0 403ms
137ms Other 12.15.90.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://api.efundsforschools.com/api/v3/Identity

Protocol

HTTP/1.1

Server

12.15.90.105 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,mwi-correlation-id
Origin: https://payments.efundsforschools.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://payments.efundsforschools.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,mwi-correlation-id
Request-Context: appId=cid-v1:cead203f-67d2-4b90-a79e-e548fd510683
Access-Control-Expose-Headers: Request-Context
X-Powered-By: ASP.NET
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK Identity Show response
api.efundsforschools.com/api/v3/ 695 B
2 KB 160ms
159ms XHR
application/json 12.15.90.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://api.efundsforschools.com/api/v3/Identity

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/Scripts/bundle.js?v=5.1.1.1147

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.105 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

841be1b13d450c98215e829c8878eaae081b21eae593f1f05eaa9eb2ff706bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://payments.efundsforschools.com/v3/districts/56466
Mwi-Correlation-Id: d56c3fb3-ef91-4910-88e2-28a0f5be5e5b
Authorization: Bearer EmOs-l9V-FBMT7GAYgyfeYspaMniZyFVL18S0R15VP4TNXDKdiXVhvK2ZkvSCqI_s42BtHLdMe_-H2SEOjys6uDPAihoUA7Z1-wlJkhW5dxNs91sgBsPZvIPzU3xUFXZSMDglYGw5zIC7jKL4CZF6EfL4kizAQ2zIarLajYrsyNgZgwHakDCRL3c0EdpLfCcsCfQZmAtMEHmVEeY6lgVmWvB7AdEbE8GJtZAtaQfYrg5IqNNP6Q3AAC-8daE-0dzdZUv26cdHU_6-FZAC5WxJl_ic3z1GUTS-xzVzry_hNRNMqFqYNnnaH1kJ-0IC47yf9qaZw

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Connection: Keep-Alive
Content-Length: 695
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:cead203f-67d2-4b90-a79e-e548fd510683
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DataServiceVersion,MaxDataServiceVersion,Link, Request-Context
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK Raleway-700.woff2
payments.efundsforschools.com/v3/Fonts/Raleway-700/ 15 KB
15 KB 131ms
131ms Font
application/font-woff2 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/Fonts/Raleway-700/Raleway-700.woff2

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/Content/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://payments.efundsforschools.com
Referer: https://payments.efundsforschools.com/v3/Content/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 15008
ETag: "0fa33dc32aed61:0"
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK Roboto-regular.woff2
payments.efundsforschools.com/v3/Fonts/Roboto-regular/ 10 KB
11 KB 132ms
131ms Font
application/font-woff2 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.efundsforschools.com/v3/Fonts/Roboto-regular/Roboto-regular.woff2

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/Content/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://payments.efundsforschools.com
Referer: https://payments.efundsforschools.com/v3/Content/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 10292
ETag: "0fa33dc32aed61:0"
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK efs-logo.svg
payments.efundsforschools.com/v3/Content/images/ 26 KB
27 KB 139ms
138ms Image
image/svg+xml 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.efundsforschools.com/v3/Content/images/efs-logo.svg

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

23a7039c06118815ece7f830918fd079abae9b43bfe9cf11c26484eeaad267d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 26574
ETag: "0fa33dc32aed61:0"
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK student-fees.jpg
payments.efundsforschools.com/v3/Content/images/ 9 KB
9 KB 137ms
136ms Image
image/jpeg 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.efundsforschools.com/v3/Content/images/student-fees.jpg

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

22c987b852d7fcb2f6471ac39d9fea8328d104e8629f193d2069e27ba34ca0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 8718
ETag: "0fa33dc32aed61:0"
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK optional-student-fees.jpg
payments.efundsforschools.com/v3/Content/images/ 10 KB
10 KB 138ms
137ms Image
image/jpeg 12.15.90.71
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.efundsforschools.com/v3/Content/images/optional-student-fees.jpg

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/districts/56466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.71 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

703ddc2c7c1ab40c46625d2f22151c6946edf206e8d72a80667f98290b506b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Oct 2020 20:34:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 9793
ETag: "0fa33dc32aed61:0"
Keep-Alive: timeout=5, max=100

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 263ms
143ms Other 51.107.59.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://payments.efundsforschools.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Thu, 21 Jan 2021 18:33:12 GMT
content-length: 0

POST
H/1.1 200
OK reports
elb.mvpbanking.com/csp/ 0
534 B 421ms
150ms Other
text/plain 12.15.90.15
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://elb.mvpbanking.com/csp/reports

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/Scripts/bundle.js?v=5.1.1.1147

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.15.90.15 Caledonia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

elb.mvpbanking.com

Software

mwi-csp/2.0.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Thu, 21 Jan 2021 18:33:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: mwi-csp/2.0.3
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.mvpbanking.com *.magicwrighter.com *.efundsforschools.com *.mwamplifi.com; report-uri https://elb.mvpbanking.com/csp/reports;
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
236 B 611ms
611ms XHR
application/json 51.107.59.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: payments.efundsforschools.com
URL: https://payments.efundsforschools.com/v3/Scripts/bundle.js?v=5.1.1.1147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa8506c5fd219f9ecba09e59116f1b3ba93147e02fbd4fdda5b25bbaf375dc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.efundsforschools.com/v3/districts/56466
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 3E068579-EA35-48E6-85AF-4AFE1DE7124B
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 21 Jan 2021 18:33:13 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			payments.efundsforschools.com/	1970-01-19 15:34:15	Name: ai_session Value: LP7Cq\|1611253992903.79\|1611253992903.79
			payments.efundsforschools.com/	1970-01-20 00:19:49	Name: ai_user Value: ACK53\|2021-01-21T18:33:12.499Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.efundsforschools.com
dc.services.visualstudio.com
elb.mvpbanking.com
payments.efundsforschools.com
payments.wsdpc.org
12.15.90.105
12.15.90.15
12.15.90.71
141.193.213.10
51.107.59.180
0c9b7221111bcc002021f9873c69f04183d58ad34b7706fb2371caf98d962791
22c987b852d7fcb2f6471ac39d9fea8328d104e8629f193d2069e27ba34ca0a2
23a7039c06118815ece7f830918fd079abae9b43bfe9cf11c26484eeaad267d1
28bd0f08ed65eb3ddfd4f2d6b2beae3bcd1e5d7551610fde182165e923660a49
4b379965c5460ca9357af571066f7ce19ff7fd3af606f36f54014a6dd21343d6
703ddc2c7c1ab40c46625d2f22151c6946edf206e8d72a80667f98290b506b6c
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7
841be1b13d450c98215e829c8878eaae081b21eae593f1f05eaa9eb2ff706bde
971295c4cfab32c8ca38d7d1059e07c88517595580fdaec81150f9c3f4cc9312
aa8506c5fd219f9ecba09e59116f1b3ba93147e02fbd4fdda5b25bbaf375dc0e
ac1d1471026da9407bd05a0f579e6c863a41ea7032819559995047be5fac2750
b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

payments.efundsforschools.com Open in urlscan Pro 12.15.90.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

729 kBTransfer

2699 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

payments.efundsforschools.com Open in urlscan Pro
12.15.90.71 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

729 kB
Transfer

2699 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions