ministryofjustice.github.io
Open in
urlscan Pro
2606:50c0:8000::153
Malicious Activity!
Public Scan
Submission: On November 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time ministryofjustice.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 2606:50c0:800... 2606:50c0:8000::153 | 54113 (FASTLY) (FASTLY) | |
10 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
github.io
1 redirects
ministryofjustice.github.io |
166 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
11 | ministryofjustice.github.io |
1 redirects
ministryofjustice.github.io
|
10 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
daringfireball.net |
www.nationalarchives.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://ministryofjustice.github.io/technical-operations/
Frame ID: 460AEA38417691B076CBDBDBF13CD83A
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
GOV.UK Documentation Example - Technical Operations Documentation SitePage URL History Show full URLs
-
https://ministryofjustice.github.io/technical-operations
HTTP 301
https://ministryofjustice.github.io/technical-operations/ Page URL
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: GitHub
Search URL Search Domain Scan URL
Title: Markdown
Search URL Search Domain Scan URL
Title: README
Search URL Search Domain Scan URL
Title: View source
Search URL Search Domain Scan URL
Title: Report problem
Search URL Search Domain Scan URL
Title: Open Government Licence v3.0
Search URL Search Domain Scan URL
Title: © Crown copyright
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ministryofjustice.github.io/technical-operations
HTTP 301
https://ministryofjustice.github.io/technical-operations/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ministryofjustice.github.io/technical-operations/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.css
ministryofjustice.github.io/technical-operations/stylesheets/ |
98 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.js
ministryofjustice.github.io/technical-operations/javascripts/ |
184 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
govuk-crest.png
ministryofjustice.github.io/technical-operations/assets/govuk/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-94a07e06a1-v2.woff2
ministryofjustice.github.io/assets/govuk/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bold-b542beb274-v2.woff2
ministryofjustice.github.io/assets/govuk/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.json
ministryofjustice.github.io/technical-operations/ |
9 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchored-heading-icon.png
ministryofjustice.github.io/technical-operations/images/ |
542 B 739 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bold-affa96571d-v2.woff
ministryofjustice.github.io/technical-operations/assets/govuk/assets/fonts/ |
40 KB 40 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-f591b13f7d-v2.woff
ministryofjustice.github.io/technical-operations/assets/govuk/assets/fonts/ |
42 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| html5 object| Modernizr object| FixedSticky function| _ object| GOVUK function| lunr function| Mark object| GOVUKFrontend object| jQuery1124052275031953737170 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ministryofjustice.github.io
2606:50c0:8000::153
091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b
4a3475b51ebbab7075453ff9287784ed5f8e226a09c1cecab615d0da88e7f3d3
5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d
67c0e237f9ad859968180ec2da86c15427974fb23de3f917ad76c8b7cc752013
7582e492cdf0cfb5569b6045b2f91508a6bf4f3a4615bb5bc215667969f18927
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
d9c78cb6c184622cbd6b9964cbbb815f89161bd8167144cdf4d067d3df3d4853
f408d946a47a95e9737dcf26c663979f7991f957f0206b2b9e6b9712b40bdc8e