schoolsuite.schoolpay.co.ug Open in urlscan Pro
109.75.172.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://schoolsuite.schoolpay.co.ug/
Effective URL:
https://schoolsuite.schoolpay.co.ug/site/login
Submission: On January 05 via automatic, source certstream-suspicious (January 5th 2021, 12:19:04 pm UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 109.75.172.194, located in United Kingdom and belongs to NODE4-AS, GB. The main domain is schoolsuite.schoolpay.co.ug.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time schoolsuite.schoolpay.co.ug was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	109.75.172.194 109.75.172.194		31727 (NODE4-AS) (NODE4-AS)
10	2

11 109.75.172.194 (United Kingdom) 1 redirects

ASN31727 (NODE4-AS, GB)

schoolsuite.schoolpay.co.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	schoolpay.co.ug 1 redirects schoolsuite.schoolpay.co.ug	408 KB
10	1

	Domain	Requested by
11	schoolsuite.schoolpay.co.ug	1 redirects schoolsuite.schoolpay.co.ug
10	1

This site contains no links.

Subject Issuer	Validity	Valid
schoolsuite.schoolpay.co.ug R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://schoolsuite.schoolpay.co.ug/site/login
Frame ID: B92EEEB6CB05FE48BF40EC4781635B30
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://schoolsuite.schoolpay.co.ug/ HTTP 302
https://schoolsuite.schoolpay.co.ug/site/login Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/yii\.(?:validation|activeForm)\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /\/yii\.(?:validation|activeForm)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

407 kB
Transfer

581 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://schoolsuite.schoolpay.co.ug/ HTTP 302
https://schoolsuite.schoolpay.co.ug/site/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response schoolsuite.schoolpay.co.ug/site/ Redirect Chain https://schoolsuite.schoolpay.co.ug/ https://schoolsuite.schoolpay.co.ug/site/login	7 KB 2 KB	69ms 69ms	Document text/html	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `9cde01fde7f6b68fe803e2e29ab57d5e29284ef0fa882cc4a191d1dc9a0500dd` Request headers :method GET :authority schoolsuite.schoolpay.co.ug :scheme https :path /site/login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie PHPSESSID=f60m5oqdfa3om4rr2s68riops1; _csrf=e1a696a05f40700b54b41f579f5f666a4432eb74d9fad3c995cecf6d2ba7281fa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%224dwY0N8OecYduNhIw-7aQDcS-tVRTG7W%22%3B%7D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Tue, 05 Jan 2021 12:18:48 GMT content-type text/html; charset=UTF-8 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-encoding gzip Redirect headers server nginx date Tue, 05 Jan 2021 12:18:48 GMT content-type text/html; charset=UTF-8 location https://schoolsuite.schoolpay.co.ug/site/login set-cookie PHPSESSID=f60m5oqdfa3om4rr2s68riops1; path=/ _csrf=e1a696a05f40700b54b41f579f5f666a4432eb74d9fad3c995cecf6d2ba7281fa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%224dwY0N8OecYduNhIw-7aQDcS-tVRTG7W%22%3B%7D; path=/; HttpOnly expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache
GET H2	200	bootstrap.css schoolsuite.schoolpay.co.ug/assets/f861e88d/css/	194 KB 35 KB	45ms 42ms	Stylesheet text/css	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/assets/f861e88d/css/bootstrap.css Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT content-encoding gzip last-modified Tue, 05 Jan 2021 09:11:30 GMT server nginx etag W/"5ff42d42-30660" content-type text/css
GET H2	200	site.css schoolsuite.schoolpay.co.ug/css/	14 KB 3 KB	56ms 53ms	Stylesheet text/css	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/css/site.css Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `2208b1f4134274399944e54d7e5d7c09cb2e0130fb57bab30d0ed02394b8dba0` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT content-encoding gzip last-modified Thu, 29 Oct 2020 22:09:16 GMT server nginx etag W/"5f9b3d8c-3829" content-type text/css
GET H2	200	PNG1.png schoolsuite.schoolpay.co.ug/web/img/	7 KB 7 KB	79ms 77ms	Image image/png	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL https://schoolsuite.schoolpay.co.ug/web/img/PNG1.png Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `80f73442a0e9655a13403dd3ce807704563b4c74db3cc2de52145dfc9b2ddba0` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT last-modified Thu, 29 Oct 2020 22:09:18 GMT server nginx accept-ranges bytes etag "5f9b3d8e-1d6c" content-length 7532 content-type image/png
GET H2	200	captcha schoolsuite.schoolpay.co.ug/site/	3 KB 3 KB	79ms 77ms	Image image/png	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL https://schoolsuite.schoolpay.co.ug/site/captcha?v=5ff45928636a32.86774243 Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `3bfb4cad6dbca53906d5d680e972d0aaceb94066c327b2381cfcf34de458ba03` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Tue, 05 Jan 2021 12:18:48 GMT cache-control must-revalidate, post-check=0, pre-check=0 content-transfer-encoding binary server nginx content-type image/png expires 0
GET H2	200	jquery.js Show response schoolsuite.schoolpay.co.ug/assets/5d06e48c/	281 KB 281 KB	61ms 58ms	Script application/javascript	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/assets/5d06e48c/jquery.js Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT last-modified Tue, 05 Jan 2021 09:11:30 GMT server nginx accept-ranges bytes etag "5ff42d42-4638e" content-length 287630 content-type application/javascript
GET H2	200	yii.js Show response schoolsuite.schoolpay.co.ug/assets/c1b35df/	20 KB 21 KB	78ms 76ms	Script application/javascript	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/assets/c1b35df/yii.js Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT last-modified Tue, 05 Jan 2021 09:11:30 GMT server nginx accept-ranges bytes etag "5ff42d42-51c6" content-length 20934 content-type application/javascript
GET H2	200	yii.validation.js Show response schoolsuite.schoolpay.co.ug/assets/c1b35df/	16 KB 16 KB	78ms 76ms	Script application/javascript	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/assets/c1b35df/yii.validation.js Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `9dfc50020dc8d966ecad3b9d80b71c8bdbc55860d3ea77bb89633c8525924a5d` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT last-modified Tue, 05 Jan 2021 09:11:30 GMT server nginx accept-ranges bytes etag "5ff42d42-4015" content-length 16405 content-type application/javascript
GET H2	200	yii.captcha.js Show response schoolsuite.schoolpay.co.ug/assets/c1b35df/	2 KB 2 KB	78ms 76ms	Script application/javascript	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/assets/c1b35df/yii.captcha.js Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `33b2ef68729e9d637d5f082356938bdf03c2ef7b2b3dd09398bc9c53e1c0f56e` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT last-modified Tue, 05 Jan 2021 09:11:30 GMT server nginx accept-ranges bytes etag "5ff42d42-807" content-length 2055 content-type application/javascript
GET H2	200	yii.activeForm.js Show response schoolsuite.schoolpay.co.ug/assets/c1b35df/	36 KB 36 KB	78ms 77ms	Script application/javascript	109.75.172.194 NODE4-AS
General Check archive.org Show headers Download Go to Full URL https://schoolsuite.schoolpay.co.ug/assets/c1b35df/yii.activeForm.js Requested by Host: schoolsuite.schoolpay.co.ug URL: https://schoolsuite.schoolpay.co.ug/site/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.75.172.194 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software nginx / Resource Hash `7da9c7a26030fc76f3f91bdec11cae4c54dfcc403504dfc4f50b89887bfc9719` Request headers Referer https://schoolsuite.schoolpay.co.ug/site/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 05 Jan 2021 12:18:48 GMT last-modified Tue, 05 Jan 2021 09:11:30 GMT server nginx accept-ranges bytes etag "5ff42d42-8e27" content-length 36391 content-type application/javascript
GET DATA	200 OK	truncated /	168 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b87fbf1b2b78214eeaaafbaee7521c2c8c5c221082f0535394aa60e020cdc4f7` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| yii

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			schoolsuite.schoolpay.co.ug/	1969-12-31 23:59:59	Name: _csrf Value: e1a696a05f40700b54b41f579f5f666a4432eb74d9fad3c995cecf6d2ba7281fa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%224dwY0N8OecYduNhIw-7aQDcS-tVRTG7W%22%3B%7D
			schoolsuite.schoolpay.co.ug/	1969-12-31 23:59:59	Name: PHPSESSID Value: f60m5oqdfa3om4rr2s68riops1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

schoolsuite.schoolpay.co.ug
109.75.172.194
2208b1f4134274399944e54d7e5d7c09cb2e0130fb57bab30d0ed02394b8dba0
2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733
33b2ef68729e9d637d5f082356938bdf03c2ef7b2b3dd09398bc9c53e1c0f56e
3bfb4cad6dbca53906d5d680e972d0aaceb94066c327b2381cfcf34de458ba03
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
7da9c7a26030fc76f3f91bdec11cae4c54dfcc403504dfc4f50b89887bfc9719
80f73442a0e9655a13403dd3ce807704563b4c74db3cc2de52145dfc9b2ddba0
9cde01fde7f6b68fe803e2e29ab57d5e29284ef0fa882cc4a191d1dc9a0500dd
9dfc50020dc8d966ecad3b9d80b71c8bdbc55860d3ea77bb89633c8525924a5d
b87fbf1b2b78214eeaaafbaee7521c2c8c5c221082f0535394aa60e020cdc4f7