urlscan.io logo urlscan.io
SecurityTrails logo

fts.hesa.ac.uk Open in urlscan Pro
2606:4700::6813:aa27  Public Scan

Go To Rescan Add Verdict Report
URL: https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
Submission Tags: falconsandbox
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6813:aa27, located in United States and belongs to CLOUDFLARENET, US. The main domain is fts.hesa.ac.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.
This is the only time fts.hesa.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.239.137.196 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
6 3
Apex Domain
Subdomains		 Transfer
3 hesa.ac.uk
fts.hesa.ac.uk
35 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 windows.net
hesacdn.blob.core.windows.net
2 KB
6 3
Domain Requested by
3 fts.hesa.ac.uk fts.hesa.ac.uk
2 www.google-analytics.com fts.hesa.ac.uk
www.google-analytics.com
1 hesacdn.blob.core.windows.net fts.hesa.ac.uk
6 3

This site contains links to these domains. Also see Links.

Domain
www.hesa.ac.uk
Subject Issuer Validity Valid
hesa.ac.uk
Cloudflare Inc ECC CA-3		 2021-07-09 -
2022-07-08		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-03-15 -
2023-03-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
Frame ID: 4347CEE7F6668751920D8FDF866B4173
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HESA File Transfer System

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

56 kB
Transfer

91 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
fts.hesa.ac.uk/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:aa27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7aa3959b69ef4c0e0dc90a172603ae89e9868e937ac5af1845f6b275dc82c814

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
70ecd4d2b8755ba4-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 11:04:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
hesa-server
67
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET
x-robots-tag
noindex, nofollow
hesa_submit.css
fts.hesa.ac.uk/style/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fts.hesa.ac.uk/style/hesa_submit.css
Requested by
Host: fts.hesa.ac.uk
URL: https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:aa27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ab434fac719052461ae8629c3f7a7a6713566e89ed361f254a3892ce4134e4af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 11:04:27 GMT
content-encoding
gzip
etag
"0717187520ce1:0"
cf-cache-status
MISS
last-modified
Fri, 01 Feb 2013 08:02:50 GMT
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
cf-ray
70ecd4d47aac5ba4-FRA
hesa-server
67
content-length
2029
hesa_logo_resized.png
hesacdn.blob.core.windows.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hesacdn.blob.core.windows.net/images/hesa_logo_resized.png
Requested by
Host: fts.hesa.ac.uk
URL: https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.196 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b41122cc0dea2383366c8c7dbea6f5211cc44a52012861ca3cd2db72df5adc72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fts.hesa.ac.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 21 May 2022 11:04:27 GMT
Last-Modified
Thu, 01 Sep 2016 06:09:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ivtMqbyJHH4aDxzRIYs37g==
ETag
"0x8D3D22E9A215DB8"
Content-Type
image/png
x-ms-request-id
423d2c4e-e01e-00a3-6102-6dbf7e000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1131
x-ms-lease-state
available
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fts.hesa.ac.uk
URL: https://fts.hesa.ac.uk/index.php?downloadkey=4f75734df5233bd2cebd0fc9fa0405f829a2ad5b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fts.hesa.ac.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2719
date
Sat, 21 May 2022 10:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 21 May 2022 12:19:08 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1698867948&t=pageview&_s=1&dl=https%3A%2F%2Ffts.hesa.ac.uk%2Findex.php%3Fdownloadkey%3D4f75734df5233bd2cebd0fc9fa0405f829a2ad5b&ul=en-us&de=UTF-8&dt=HESA%20File%20Transfer%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=27217483&gjid=757749140&cid=1559515557.1653131068&tid=UA-17486731-21&_gid=1327717299.1653131068&_r=1&_slc=1&z=1152708074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fts.hesa.ac.uk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 May 2022 11:04:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fts.hesa.ac.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
new_banner_750_70.png
fts.hesa.ac.uk/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fts.hesa.ac.uk/images/new_banner_750_70.png
Requested by
Host: fts.hesa.ac.uk
URL: https://fts.hesa.ac.uk/style/hesa_submit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:aa27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b2d2ac1a98a558fb83d584421a07c3e23b2f1dbc822b65442639a78f5b31964a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fts.hesa.ac.uk/style/hesa_submit.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 11:04:27 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Aug 2008 14:53:58 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"07bc3f8bfcc81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
70ecd4d55ba95ba4-FRA
hesa-server
67
content-length
30446

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
fts.hesa.ac.uk/ Name: __cflb
Value: 02DiuEk8f8tWa9xNmRkVnh4ooCKJDWY6VomCGc7NEFmHN
.hesa.ac.uk/ Name: _ga
Value: GA1.3.1559515557.1653131068
.hesa.ac.uk/ Name: _gid
Value: GA1.3.1327717299.1653131068
.hesa.ac.uk/ Name: _gat
Value: 1