URL: https://payments.kingston.ac.uk/
Submission: On October 11 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700::6810:c40d, located in United States and belongs to CLOUDFLARENET, US. The main domain is payments.kingston.ac.uk.
TLS certificate: Issued by GEANT OV RSA CA 4 on November 7th 2023. Valid for: a year.
This is the only time payments.kingston.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::64 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 52.184.215.111 8075 (MICROSOFT...)
22 6
Apex Domain
Subdomains
Transfer
15 wpmeducation.com
cdn.wpmeducation.com — Cisco Umbrella Rank: 652648
270 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
j.clarity.ms — Cisco Umbrella Rank: 16621
28 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
177 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 kingston.ac.uk
payments.kingston.ac.uk
4 KB
22 5
Domain Requested by
15 cdn.wpmeducation.com payments.kingston.ac.uk
2 www.clarity.ms payments.kingston.ac.uk
www.clarity.ms
2 www.googletagmanager.com payments.kingston.ac.uk
www.googletagmanager.com
1 j.clarity.ms www.clarity.ms
1 region1.google-analytics.com www.googletagmanager.com
1 payments.kingston.ac.uk
22 6

This site contains links to these domains. Also see Links.

Domain
www.kingston.ac.uk
www.youtube.com
Subject Issuer Validity Valid
payments.kingston.ac.uk
GEANT OV RSA CA 4
2023-11-07 -
2024-12-07
a year crt.sh
cdn.wpmeducation.com
E5
2024-08-16 -
2024-11-14
3 months crt.sh
*.google-analytics.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://payments.kingston.ac.uk/
Frame ID: 563DCD813D852427ECF20577BB36811D
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Kingston University | Open

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

22
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

480 kB
Transfer

1241 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payments.kingston.ac.uk/
9 KB
4 KB
Document
General
Full URL
https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b70e3f38051c68d863280b4ba612143ccc42905a14c87d63be8b95c66f08bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8d1237944bf0bbcd-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 11 Oct 2024 22:16:53 GMT
expires
Fri, 11 Oct 2024 22:15:53 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pp-id
3-04
x-xss-protection
1; mode=block
polyfills.js
cdn.wpmeducation.com/43454e/js/
2 KB
1 KB
Script
General
Full URL
https://cdn.wpmeducation.com/43454e/js/polyfills.js?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6662c437c5e478ec78375d1992388b6456749ebf31a65b245ddf8c84fc0060e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
137630
x-content-type-options
nosniff
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838b8d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
jquery-3.7.1.min.js
cdn.wpmeducation.com/43454e/js/
103 KB
33 KB
Script
General
Full URL
https://cdn.wpmeducation.com/43454e/js/jquery-3.7.1.min.js?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb409e0a26958ffa3c117493f4c20a7fd777308bd1880be65987714d4763bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
136356
x-content-type-options
nosniff
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c6d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
jquery-ui.min.js
cdn.wpmeducation.com/43454e/js/
249 KB
68 KB
Script
General
Full URL
https://cdn.wpmeducation.com/43454e/js/jquery-ui.min.js?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b30d2234d5e63896d085816e0bd385da43a50f929029ed72e657c19f80bd4a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
136356
x-content-type-options
nosniff
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c4d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
core.js
cdn.wpmeducation.com/43454e/js/
55 KB
17 KB
Script
General
Full URL
https://cdn.wpmeducation.com/43454e/js/core.js?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f346215e07b542492621f956970e248c8b3d9b5cbc8de7301abebdb2d0769db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"08b86cb9014db1:0"
age
138028
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 06:03:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c3d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
keyPad.js
cdn.wpmeducation.com/43454e/js/
9 KB
3 KB
Script
General
Full URL
https://cdn.wpmeducation.com/43454e/js/keyPad.js?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7441c8e7bf91023662c1ef768a5de6593dbdf284e40fec1ea94c184948e3c53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
137777
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838bdd2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
wpm.js
cdn.wpmeducation.com/504757/includes/js/
22 KB
6 KB
Script
General
Full URL
https://cdn.wpmeducation.com/504757/includes/js/wpm.js?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
394e810a3db74657c4a6eba437ddaeb3e4abcd650b795c37fba7bdcbe4c8ba98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"08b86cb9014db1:0"
age
135085
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 06:03:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838bfd2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
css_23_6E16-7ADF-41CA-AD4D-A98D.css
cdn.wpmeducation.com/504757/735be816fd/
795 B
692 B
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/504757/735be816fd/css_23_6E16-7ADF-41CA-AD4D-A98D.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d242b8c9ab01020ccb6764528eca5e6e3587b3c7a5ebddfdd2c7c89d2f7eda6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"32a1829dca2cd91:0"
age
18029
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
text/css
last-modified
Fri, 20 Jan 2023 12:27:52 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c0d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
jquery-ui.min.css
cdn.wpmeducation.com/43454e/css/
31 KB
8 KB
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/43454e/css/jquery-ui.min.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
137630
x-content-type-options
nosniff
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838bbd2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
normalize.css
cdn.wpmeducation.com/43454e/css/
7 KB
3 KB
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/43454e/css/normalize.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1ae2f32872eed416e3744a26662147d581f7ee61821d385b053f526bfa354a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
137630
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c1d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
skeleton.css
cdn.wpmeducation.com/43454e/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/43454e/css/skeleton.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1df0cdb178b6950d9731b1ad5e4e121044bbcc67b0c29a61966357b9994a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0bd391ee4e3da1:0"
age
137630
x-content-type-options
nosniff
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
text/css
last-modified
Thu, 01 Aug 2024 07:26:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c7d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
styles_v1.css
cdn.wpmeducation.com/504757/includes/css/
38 KB
9 KB
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/504757/includes/css/styles_v1.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b3b150b8b3e1d332327612fbe3873be05477e77b5db16c4180dbfc55b9704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
137629
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379838c9d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
9070-3400-4282-AA81-2738.jpg
cdn.wpmeducation.com/53544f/fd3304d0e0/
116 KB
116 KB
Image
General
Full URL
https://cdn.wpmeducation.com/53544f/fd3304d0e0/9070-3400-4282-AA81-2738.jpg
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c59436c5a546c2880ed8742c8cf87f79c55e5219af62b4c317011566c19305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

cf-cache-status
HIT
etag
"03179bf5b84d71:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
cf-polished
origSize=258224
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:53 GMT
content-type
image/jpeg
last-modified
Thu, 29 Jul 2021 09:26:02 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d123798b9a7d2d2-FRA
accept-ranges
bytes
content-length
118876
x-xss-protection
1; mode=block
server
cloudflare
styles_v1_550.css
cdn.wpmeducation.com/504757/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/504757/includes/css/styles_v1_550.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa681e9efcafea427386cae5739c51c8e024a2ea052d7adf7f0c0b8077c6a258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
137630
x-content-type-options
nosniff
x-pp-id
3-02
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d123799db8bd2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
print.css
cdn.wpmeducation.com/504757/includes/css/
1 KB
732 B
Stylesheet
General
Full URL
https://cdn.wpmeducation.com/504757/includes/css/print.css?B66A-A992-4877-AFD5-4F6D
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
715c6cea32eb1ecdfb1d74f58b3ed81f8c0a983c6c188d9f960e4717c0de6468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0788d1652d3da1:0"
age
136357
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 05:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d123799db90d2d2-FRA
x-xss-protection
1; mode=block
server
cloudflare
gtm.js
www.googletagmanager.com/
201 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ND2PHQS
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25fa383dcd21e2b4366ab401f62522fa7be976d740754efbdf1f34d2a900e515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 11 Oct 2024 22:16:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 11 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
73037
x-xss-protection
0
server
Google Tag Manager
gq230uge6b
www.clarity.ms/tag/
554 B
809 B
Script
General
Full URL
https://www.clarity.ms/tag/gq230uge6b
Requested by
Host: payments.kingston.ac.uk
URL: https://payments.kingston.ac.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba8d78d37684a52c86d8cba684f6921727a2357589328a4eee83434a794f8cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
554
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
application/x-javascript
x-azure-ref
20241011T221654Z-176d4fdd79chrddt35yyuwybzg00000010sg00000000uzcc
js
www.googletagmanager.com/gtag/
316 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KFJ79RDBSD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND2PHQS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48245cc2aa8f46908b4179b0877780cae56995c73b8a4dcca201cf3de5817022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 11 Oct 2024 22:16:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107453
x-xss-protection
0
server
Google Tag Manager
clarity.js
www.clarity.ms/s/0.7.48/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.48/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gq230uge6b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

x-azure-ref
20241011T221654Z-176d4fdd79chrddt35yyuwybzg00000010sg00000000uzdg
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCE961488285A1"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
c05fb4bd-e01e-003c-02b5-1b071c000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 10 Oct 2024 19:25:21 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KFJ79RDBSD&gtm=45je4a90v9123598439z89133092170za200zb9133092170&_p=1728685014040&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101533421~101671035~101686685&cid=616579189.1728685014&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728685014&sct=1&seg=0&dl=https%3A%2F%2Fpayments.kingston.ac.uk%2F&dt=Kingston%20University%20%7C%20Open&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1483
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFJ79RDBSD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://payments.kingston.ac.uk
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
text/plain
server
Golfe2
favicon.ico
cdn.wpmeducation.com/43454e/images/
0
216 B
Other
General
Full URL
https://cdn.wpmeducation.com/43454e/images/favicon.ico?B66A-A992-4877-AFD5-4F6D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://payments.kingston.ac.uk/

Response headers

cf-cache-status
HIT
etag
"05e98f9514db1:0"
age
138139
x-content-type-options
nosniff
x-pp-id
3-01
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 22:16:54 GMT
content-type
image/x-icon
last-modified
Wed, 02 Oct 2024 06:37:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=172800
cf-ray
8d12379cfa43d2d2-FRA
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
collect
j.clarity.ms/
12 B
370 B
XHR
General
Full URL
https://j.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
78000ad5f2cd2cdfd10e5f8700c7bd9b666959881203c8f52d773eb3f0386ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://payments.kingston.ac.uk/

Response headers

Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://payments.kingston.ac.uk
Date
Fri, 11 Oct 2024 22:16:54 GMT
Content-Type
text/plain; charset=utf-8
Vary
Origin
Server
nginx

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| ClientDataCaptured function| ObtainAuthentication function| DOMPurify function| Spinner object| wpm function| wpmKeypad function| RemoveKeyPad object| dataLayer function| clarity object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
payments.kingston.ac.uk/ Name: AWSALB
Value: 6XVLVyPZT9zOdKiVblYkiZpiEQLK6WTOaLxeME+pW7lAwaQUm1FQB/UEcuNyt2xUEhhQ11MhPy82fkJ5G+aIHRC6ku4JBJrV4s7/rk68Ak7jisxUm2zJKBKbM6Qc
payments.kingston.ac.uk/ Name: AWSALBCORS
Value: 6XVLVyPZT9zOdKiVblYkiZpiEQLK6WTOaLxeME+pW7lAwaQUm1FQB/UEcuNyt2xUEhhQ11MhPy82fkJ5G+aIHRC6ku4JBJrV4s7/rk68Ak7jisxUm2zJKBKbM6Qc
payments.kingston.ac.uk/ Name: et
Value: 5B4946754F55431AB80F467E576C51553219040F3A1566405045450212734101115D2E30535C495C2F41530648406617077A56424230520A5D5000180A0A01013F4850
payments.kingston.ac.uk/ Name: 6907E6B53A60D7D79188EBB7CA88FC89D22A750D00D0F6B045D64E24487BF89F
Value: 7DA7B099E5A5C5BF4163B63F8BE7006982301D32BFE593E6C099505FC20A703C82A56654C3B1856116C9E2C50C6EA8AD4815649195E118EB628F3FE23104091E7EB9F776AB2DC5B3ED471249B16941F60DD2A965531EBF7CBACA4631EF1EFA07
.payments.kingston.ac.uk/ Name: _cfuvid
Value: zAW0MgUKT2Z9tpq2QkN.6NpnasDh8hlgmull3otdM_c-1728685013643-0.0.1.1-604800000
.cdn.wpmeducation.com/ Name: _cfuvid
Value: NMkTFyX4FdVvG6QYGoh9rbxH1fBAxAfdN1Oq5hABRu4-1728685013854-0.0.1.1-604800000
.kingston.ac.uk/ Name: _ga
Value: GA1.1.616579189.1728685014
.kingston.ac.uk/ Name: _ga_KFJ79RDBSD
Value: GS1.1.1728685014.1.0.1728685014.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wpmeducation.com
j.clarity.ms
payments.kingston.ac.uk
region1.google-analytics.com
www.clarity.ms
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700::6810:c30d
2606:4700::6810:c40d
2620:1ec:bdf::64
2a00:1450:4001:80b::2008
52.184.215.111
0f1df0cdb178b6950d9731b1ad5e4e121044bbcc67b0c29a61966357b9994a3a
25fa383dcd21e2b4366ab401f62522fa7be976d740754efbdf1f34d2a900e515
2f346215e07b542492621f956970e248c8b3d9b5cbc8de7301abebdb2d0769db
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
394e810a3db74657c4a6eba437ddaeb3e4abcd650b795c37fba7bdcbe4c8ba98
39c59436c5a546c2880ed8742c8cf87f79c55e5219af62b4c317011566c19305
48245cc2aa8f46908b4179b0877780cae56995c73b8a4dcca201cf3de5817022
5ba8d78d37684a52c86d8cba684f6921727a2357589328a4eee83434a794f8cc
6662c437c5e478ec78375d1992388b6456749ebf31a65b245ddf8c84fc0060e0
715c6cea32eb1ecdfb1d74f58b3ed81f8c0a983c6c188d9f960e4717c0de6468
78000ad5f2cd2cdfd10e5f8700c7bd9b666959881203c8f52d773eb3f0386ad6
aa681e9efcafea427386cae5739c51c8e024a2ea052d7adf7f0c0b8077c6a258
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
b30d2234d5e63896d085816e0bd385da43a50f929029ed72e657c19f80bd4a38
d242b8c9ab01020ccb6764528eca5e6e3587b3c7a5ebddfdd2c7c89d2f7eda6e
d7441c8e7bf91023662c1ef768a5de6593dbdf284e40fec1ea94c184948e3c53
dbb409e0a26958ffa3c117493f4c20a7fd777308bd1880be65987714d4763bcf
e2b70e3f38051c68d863280b4ba612143ccc42905a14c87d63be8b95c66f08bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8b3b150b8b3e1d332327612fbe3873be05477e77b5db16c4180dbfc55b9704d
fa1ae2f32872eed416e3744a26662147d581f7ee61821d385b053f526bfa354a