invoices.easy4u.school Open in urlscan Pro
52.208.146.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://invoices.easy4u.school/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 22 via api (October 22nd 2024, 8:38:58 am UTC) from IT — Scanned from IT

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 52.208.146.156, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is invoices.easy4u.school.
TLS certificate: Issued by E5 on October 21st 2024. Valid for: 3 months.

This is the only time invoices.easy4u.school was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	52.208.146.156 52.208.146.156	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	54.229.43.142 54.229.43.142	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.26 18.173.154.26	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
11	6

4 52.208.146.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-146-156.eu-west-1.compute.amazonaws.com

invoices.easy4u.school	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.43.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-43-142.eu-west-1.compute.amazonaws.com

backend.paytsoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-26.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	easy4u.school invoices.easy4u.school	970 KB
3	paytsoftware.com backend.paytsoftware.com	13 KB
2	gstatic.com fonts.gstatic.com	36 KB
1	stripe.com js.stripe.com — Cisco Umbrella Rank: 1102	164 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
11	5

	Domain	Requested by
4	invoices.easy4u.school	invoices.easy4u.school
3	backend.paytsoftware.com	invoices.easy4u.school
2	fonts.gstatic.com	fonts.googleapis.com
1	js.stripe.com	invoices.easy4u.school
1	fonts.googleapis.com	invoices.easy4u.school
11	5

This site contains links to these domains. Also see Links.

Domain
paytsoftware.com

Subject Issuer	Validity	Valid
invoices.easy4u.school E5	`2024-10-21` - `2025-01-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.paytsoftware.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-18`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-08-29` - `2024-12-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://invoices.easy4u.school/
Frame ID: 4FAA18FA5F4C40F581E6305E60289D4F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Check Invoices

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

11
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

1185 kB
Transfer

5688 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://paytsoftware.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
invoices.easy4u.school/ 570 B
1 KB 241ms
64ms Document
text/html 52.208.146.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoices.easy4u.school/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.146.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-146-156.eu-west-1.compute.amazonaws.com

Software

Caddy Nespresso / coffee

Resource Hash

e0478ac967bab5585290cdde0ccf4b66ded0efbfa72376335fa3b9fbd4f8f3aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' .paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' .paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' *.paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' *.paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
content-type: text/html
date: Tue, 22 Oct 2024 08:38:53 GMT
etag: W/"67175f21-23a"
last-modified: Tue, 22 Oct 2024 08:15:29 GMT
referrer-policy: no-referrer
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
server: Caddy Nespresso
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: coffee
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 runtime-main.8d1fc618.js Show response
invoices.easy4u.school/static/js/ 5 MB
945 KB 65ms
64ms Script
application/javascript 52.208.146.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoices.easy4u.school/static/js/runtime-main.8d1fc618.js

Requested by

Host: invoices.easy4u.school
URL: https://invoices.easy4u.school/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.146.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-146-156.eu-west-1.compute.amazonaws.com

Software

Caddy, Nespresso / coffee

Resource Hash

128be2aae3bd2d8f2dcbff78cbd8cb5873a865f0d651eeddad11ef0f59bc30be

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' .paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' .paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
etag: W/"67175f21-4ad44e"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000
date: Tue, 22 Oct 2024 08:38:53 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 08:15:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' *.paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' *.paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
referrer-policy: no-referrer
x-xss-protection: 1; mode=block
x-powered-by: coffee
server: Caddy, Nespresso

GET
H2 200 main.4aaccf82.css
invoices.easy4u.school/static/css/ 131 KB
22 KB 127ms
127ms Stylesheet
text/css 52.208.146.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoices.easy4u.school/static/css/main.4aaccf82.css

Requested by

Host: invoices.easy4u.school
URL: https://invoices.easy4u.school/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.146.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-146-156.eu-west-1.compute.amazonaws.com

Software

Caddy, Nespresso / coffee

Resource Hash

f471ac85bef3b086a538980967adef5ef7964b35183c10be448e1246b52f7f53

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' .paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' .paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
etag: W/"67175f21-20da0"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000
date: Tue, 22 Oct 2024 08:38:53 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 08:15:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' *.paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' *.paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
referrer-policy: no-referrer
x-xss-protection: 1; mode=block
x-powered-by: coffee
server: Caddy, Nespresso

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 145ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: invoices.easy4u.school
URL: https://invoices.easy4u.school/static/css/main.4aaccf82.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

580f1091a740e122b230cab6d46837483575aa528ea553318908f22143f104f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 08:38:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 08:38:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 07:27:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

OPTIONS
H2 200 graphql
backend.paytsoftware.com/ 0
0 187ms
59ms Preflight 54.229.43.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.paytsoftware.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.43.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-43-142.eu-west-1.compute.amazonaws.com

Software

Nespresso / coffee

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src .paytsoftware.com; font-src 'self' data: https://fonts.gstatic.com; form-action 'self'; frame-src .paytsoftware.com; frame-ancestors .paytsoftware.com; img-src 'self' .payt.nl data: https://download.paytsoftware.com https://ideal.pay.nl; manifest-src 'none'; media-src 'none'; object-src self; script-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authentication,content-type,domain,verification
Access-Control-Request-Method: POST
Origin: https://invoices.easy4u.school
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication,content-type,domain,verification
access-control-allow-methods: POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src *.paytsoftware.com; font-src 'self' data: https://fonts.gstatic.com; form-action 'self'; frame-src *.paytsoftware.com; frame-ancestors *.paytsoftware.com; img-src 'self' *.payt.nl data: https://download.paytsoftware.com https://ideal.pay.nl; manifest-src 'none'; media-src 'none'; object-src self; script-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
date: Tue, 22 Oct 2024 08:38:54 GMT
referrer-policy: strict-origin-when-cross-origin
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
server: Nespresso
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-powered-by: coffee
x-robots-tag: noindex, nofollow, nosnippet, noarchive

POST
H2 200 graphql Show response
backend.paytsoftware.com/ 380 B
2 KB 108ms
107ms Fetch
application/json 54.229.43.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.paytsoftware.com/graphql

Requested by

Host: invoices.easy4u.school
URL: https://invoices.easy4u.school/static/js/runtime-main.8d1fc618.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.43.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-43-142.eu-west-1.compute.amazonaws.com

Software

Nespresso / coffee

Resource Hash

b2e496041b4b6bf8e6fdf265772af605ebb888325fa211ee06f2febb8b662764

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src .paytsoftware.com; font-src 'self' data: https://fonts.gstatic.com; form-action 'self'; frame-src .paytsoftware.com; frame-ancestors .paytsoftware.com; img-src 'self' .payt.nl data: https://download.paytsoftware.com https://ideal.pay.nl; manifest-src 'none'; media-src 'none'; object-src self; script-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

domain: invoices.easy4u.school
verification: {}
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
authentication: null
content-type: application/json

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
access-control-max-age: 7200
x-request-id: 6b4490d6-33f5-49f7-94f1-ae24b4a036f1
access-control-expose-headers
etag: W/"b2e496041b4b6bf8e6fdf265772af605"
x-permitted-cross-domain-policies: none
access-control-allow-methods: POST, OPTIONS, HEAD
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 08:38:54 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src *.paytsoftware.com; font-src 'self' data: https://fonts.gstatic.com; form-action 'self'; frame-src *.paytsoftware.com; frame-ancestors *.paytsoftware.com; img-src 'self' *.payt.nl data: https://download.paytsoftware.com https://ideal.pay.nl; manifest-src 'none'; media-src 'none'; object-src self; script-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
content-length: 380
x-xss-protection: 0
x-powered-by: coffee
server: Nespresso

GET
H2 200 v3 Show response
js.stripe.com/ 673 KB
164 KB 166ms
52ms Script
text/javascript 18.173.154.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: invoices.easy4u.school
URL: https://invoices.easy4u.school/static/js/runtime-main.8d1fc618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-26.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bd8ef90dd1116cca8d24aa74df983b5581b830ddfe4d15b5205112e7b04a9510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: W/"318b5ae9f574d9ba2f637581c44a824a"
age: 53
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 8hWQOpm9Vw253wa4T041TVynP1sty94twj2oPttjRtEfvf_eQGZ_Jw==
date: Tue, 22 Oct 2024 08:38:08 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 21 Oct 2024 23:14:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: MUC50-P3
server: Cloudfront

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c92f675d9f663b65cb303b38b498e2fbb9689992f033e87daa71b267c71a97b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 102ms
52ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://invoices.easy4u.school
Referer: https://fonts.googleapis.com/

Response headers

age: 37593
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 22:12:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 22:12:21 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 86ms
37ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://invoices.easy4u.school
Referer: https://fonts.googleapis.com/

Response headers

age: 536621
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:35:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:35:13 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 851fbe15-be76-45fb-b7e9-d83158b6851e
backend.paytsoftware.com/inzien/debtor_portal_logo/ 9 KB
11 KB 229ms
114ms Image
image/png 54.229.43.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://backend.paytsoftware.com/inzien/debtor_portal_logo/851fbe15-be76-45fb-b7e9-d83158b6851e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.43.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-43-142.eu-west-1.compute.amazonaws.com

Software

Nespresso / coffee

Resource Hash

411da1db0cc193577a60856abc131841ad1186972e5a816c32e7f45fc50dc7cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src .paytsoftware.com; font-src 'self' data: https://fonts.gstatic.com; form-action 'self'; frame-src .paytsoftware.com; frame-ancestors .paytsoftware.com; img-src 'self' .payt.nl data: https://download.paytsoftware.com https://ideal.pay.nl; manifest-src 'none'; media-src 'none'; object-src self; script-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-request-id: 0b7c40f0-e2e1-4dae-ab2d-762e7aba14df
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Oct 2024 08:38:54 GMT
content-type: image/png
content-disposition: attachment; filename="CTS_Logo_Footer-1_%281%29.png"; filename*=UTF-8''CTS_Logo_Footer-1_%281%29.png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src *.paytsoftware.com; font-src 'self' data: https://fonts.gstatic.com; form-action 'self'; frame-src *.paytsoftware.com; frame-ancestors *.paytsoftware.com; img-src 'self' *.payt.nl data: https://download.paytsoftware.com https://ideal.pay.nl; manifest-src 'none'; media-src 'none'; object-src self; script-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://backend.paytsoftware.com https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
cache-control: no-store
pragma: no-cache
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
content-length: 9548
x-xss-protection: 0
x-powered-by: coffee
server: Nespresso

GET
H2 200 favicon.ico
invoices.easy4u.school/ 1 KB
1 KB 58ms
57ms Other
image/x-icon 52.208.146.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoices.easy4u.school/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.146.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-146-156.eu-west-1.compute.amazonaws.com

Software

Caddy, Nespresso / coffee

Resource Hash

07e0eb8d70b220ff93110dbfcbfd447310017a027007dcab4892d18341bc2598

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' .paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' .paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
etag: "67175ece-47e"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000
date: Tue, 22 Oct 2024 08:38:54 GMT
content-type: image/x-icon
last-modified: Tue, 22 Oct 2024 08:14:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
reporting-endpoints: csp-report-endpoint="https://payt.report-uri.com/r/d/csp/reportOnly"
content-security-policy: default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' *.paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' *.paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
referrer-policy: no-referrer
accept-ranges: bytes
content-length: 1150
x-xss-protection: 1; mode=block
x-powered-by: coffee
server: Caddy, Nespresso

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			backend.paytsoftware.com/	1970-01-21 00:36:31	Name: AWSALBTGCORS Value: t2KVJogS1mAB80WPQqc00OgF+VuigtU+eO58hYrFfJQXsXHW43lDOh7G5OpzyTM0TesqDOrUDS9rJ562YYW9WIo7Uk2jEJB1vpqq/j5apxozIYu6AYfUeksVOmNMS1ypRL/Ns2F9LpEFpWhPsCDsH08U4lqAPvw/T6y5YMCZjtmr
			backend.paytsoftware.com/	1970-01-21 00:36:31	Name: AWSALBCORS Value: f3OpdU7o2v21/XQVtvPxkAEh1x1yUS7SsaJoOU0fOcE2zK/hHlc/+bNmSZ3sJuEvIHsco3kxr+62L1UM0L24z7+w4Rt1UmTvMb8Kihr+zPOvG/0K7cVvkgMHA3w9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; child-src 'none'; connect-src 'self' .paytsoftware.com https://api.stripe.com https://appsignal-endpoint.net https://js.stripe.com; font-src 'self' https://fonts.gstatic.com; form-action 'none'; frame-src https://b.stripecdn.com https://hooks.stripe.com https://js.stripe.com; frame-ancestors 'self'; img-src 'self' .paytsoftware.com data: https://ideal.pay.nl; manifest-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' https://b.stripecdn.com https://js.stripe.com; style-src 'self' 'sha256-Ds1HqcTMEIMCslhLbJq1kKQdEJlYZ5VGqBf9uVkGMnA=' 'unsafe-hashes' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; report-uri https://payt.report-uri.com/r/d/csp/reportOnly; report-to csp-report-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backend.paytsoftware.com
fonts.googleapis.com
fonts.gstatic.com
invoices.easy4u.school
js.stripe.com
142.250.184.227
18.173.154.26
2a00:1450:4001:827::200a
52.208.146.156
54.229.43.142
07e0eb8d70b220ff93110dbfcbfd447310017a027007dcab4892d18341bc2598
128be2aae3bd2d8f2dcbff78cbd8cb5873a865f0d651eeddad11ef0f59bc30be
2c92f675d9f663b65cb303b38b498e2fbb9689992f033e87daa71b267c71a97b
411da1db0cc193577a60856abc131841ad1186972e5a816c32e7f45fc50dc7cd
580f1091a740e122b230cab6d46837483575aa528ea553318908f22143f104f4
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b2e496041b4b6bf8e6fdf265772af605ebb888325fa211ee06f2febb8b662764
bd8ef90dd1116cca8d24aa74df983b5581b830ddfe4d15b5205112e7b04a9510
e0478ac967bab5585290cdde0ccf4b66ded0efbfa72376335fa3b9fbd4f8f3aa
f471ac85bef3b086a538980967adef5ef7964b35183c10be448e1246b52f7f53

invoices.easy4u.school Open in urlscan Pro 52.208.146.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

1185 kBTransfer

5688 kBSize

2 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

invoices.easy4u.school Open in urlscan Pro
52.208.146.156 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

1185 kB
Transfer

5688 kB
Size

2
Cookies

11 HTTP transactions
1 data transactions