ministryofjustice.github.io Open in urlscan Pro
185.199.108.153  Malicious Activity! Public Scan

Submitted URL: http://ministryofjustice.github.io/security-guidance/
Effective URL: https://ministryofjustice.github.io/security-guidance/
Submission: On June 21 via manual from SG

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is ministryofjustice.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time ministryofjustice.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 13 185.199.108.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 4
Domain Requested by
13 ministryofjustice.github.io 1 redirects ministryofjustice.github.io
2 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ministryofjustice.github.io
15 3

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
intranet.justice.gov.uk
www.nationalarchives.gov.uk
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA
2020-05-06 -
2022-04-14
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ministryofjustice.github.io/security-guidance/
Frame ID: 08F94C33BBC7348EEA789F0F31A1CF6C
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ministryofjustice.github.io/security-guidance/ HTTP 301
    https://ministryofjustice.github.io/security-guidance/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

742 kB
Transfer

1124 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ministryofjustice.github.io/security-guidance/ HTTP 301
    https://ministryofjustice.github.io/security-guidance/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ministryofjustice.github.io/security-guidance/
Redirect Chain
  • http://ministryofjustice.github.io/security-guidance/
  • https://ministryofjustice.github.io/security-guidance/
60 KB
10 KB
Document
General
Full URL
https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
fd834b573d8da5b83d8f254c080a351ebb707d897258cfd104f5bc3fadb90281

Request headers

:method
GET
:authority
ministryofjustice.github.io
:scheme
https
:path
/security-guidance/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
GitHub.com
content-type
text/html; charset=utf-8
permissions-policy
interest-cohort=()
last-modified
Tue, 15 Jun 2021 13:46:49 GMT
access-control-allow-origin
*
etag
W/"60c8af49-ee00"
expires
Mon, 21 Jun 2021 10:58:48 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
6798:7467:2B91E90:2CCE5A1:60D06E90
accept-ranges
bytes
date
Mon, 21 Jun 2021 11:19:22 GMT
via
1.1 varnish
age
0
x-served-by
cache-ams21065-AMS
x-cache
MISS
x-cache-hits
0
x-timer
S1624274363.563289,VS0,VE94
vary
Accept-Encoding
x-fastly-request-id
7acf4307e08bdd4c93cae804eb00250224aedd1b
content-length
9801

Redirect headers

Server
GitHub.com
Content-Type
text/html
permissions-policy
interest-cohort=()
Location
https://ministryofjustice.github.io/security-guidance/
X-GitHub-Request-Id
6C04:4B90:28D0B9F:2A007E5:60D075BA
Content-Length
162
Accept-Ranges
bytes
Date
Mon, 21 Jun 2021 11:19:22 GMT
Via
1.1 varnish
Age
0
Connection
keep-alive
X-Served-By
cache-ams21070-AMS
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1624274362.418835,VS0,VE90
Vary
Accept-Encoding
X-Fastly-Request-ID
339e5d1ae0c7e5646205b727b0fcd468db7183ac
screen.css
ministryofjustice.github.io/security-guidance/stylesheets/
287 KB
200 KB
Stylesheet
General
Full URL
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
6e01c7be8c4c64ee6bbc70d8476eee4fe7f074b4e9b15e2b6746270d5867f900

Request headers

:path
/security-guidance/stylesheets/screen.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
01418517c633e698b86ce7438c01f257c733203d
date
Mon, 21 Jun 2021 11:19:23 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
204514
x-served-by
cache-ams21065-AMS
access-control-allow-origin
*
last-modified
Tue, 15 Jun 2021 13:46:49 GMT
server
GitHub.com
x-github-request-id
2B6E:87BF:118FB63:126BE4C:60D075BA
x-timer
S1624274363.926607,VS0,VE108
etag
W/"60c8af49-47d82"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Mon, 21 Jun 2021 11:29:22 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
application.js
ministryofjustice.github.io/security-guidance/javascripts/
140 KB
47 KB
Script
General
Full URL
https://ministryofjustice.github.io/security-guidance/javascripts/application.js
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
caf034d8d8add3cf0078ad1498b552c0aef0a7740001451a04a50e7eb0b663a4

Request headers

:path
/security-guidance/javascripts/application.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
3bb5b5a0fa7d256e8f774b6125a71a6b622154d2
date
Mon, 21 Jun 2021 11:19:23 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
48184
x-served-by
cache-ams21065-AMS
access-control-allow-origin
*
last-modified
Tue, 15 Jun 2021 13:46:49 GMT
server
GitHub.com
x-github-request-id
7800:3060:23DCDB4:24EC35F:60D075BA
x-timer
S1624274363.926592,VS0,VE98
etag
W/"60c8af49-22f88"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Mon, 21 Jun 2021 11:29:22 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
cookieconsent.min.css
ministryofjustice.github.io/stylesheets/
0
0
Stylesheet
General
Full URL
https://ministryofjustice.github.io/stylesheets/cookieconsent.min.css
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path
/stylesheets/cookieconsent.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
09bed6fa3e52777e91d49a371ea56134c62c854a
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
etag
W/"5f74c501-247b"
age
0
x-cache
MISS
x-cache-hits
0
content-length
5232
x-served-by
cache-ams21065-AMS
access-control-allow-origin
*
server
GitHub.com
x-github-request-id
FD4A:127B3:3318A4:39323D:60D075BA
x-timer
S1624274363.926564,VS0,VE93
date
Mon, 21 Jun 2021 11:19:23 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
cookieconsent.min.js
ministryofjustice.github.io/javascripts/
0
0
Script
General
Full URL
https://ministryofjustice.github.io/javascripts/cookieconsent.min.js
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path
/javascripts/cookieconsent.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
190eda83ecb19abe8dd8ae62a674e14d8d310ec2
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
etag
W/"5f73a03c-247b"
age
0
x-cache
MISS
x-cache-hits
0
content-length
5232
x-served-by
cache-ams21065-AMS
access-control-allow-origin
*
server
GitHub.com
x-github-request-id
31A0:0B47:262694:2B8934:60D075BB
x-timer
S1624274363.064866,VS0,VE95
date
Mon, 21 Jun 2021 11:19:23 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
gov007overview.png
ministryofjustice.github.io/security-guidance/images/
68 KB
68 KB
Image
General
Full URL
https://ministryofjustice.github.io/security-guidance/images/gov007overview.png
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
271c4c90b6cf06f7b7a1e1279febf5d602ba4afab6cc2896327a0446fd90e2ad

Request headers

:path
/security-guidance/images/gov007overview.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
a51afbb098bc92c9b79ce37d6ae160543bba87cc
date
Mon, 21 Jun 2021 11:19:23 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
69689
x-served-by
cache-ams21065-AMS
last-modified
Tue, 15 Jun 2021 13:46:40 GMT
server
GitHub.com
x-github-request-id
2A52:38B7:7F62C9:8653DA:60D075BB
x-timer
S1624274363.099832,VS0,VE96
etag
"60c8af40-11039"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 21 Jun 2021 11:29:23 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
gov-uk-logotype-crown.png
ministryofjustice.github.io/security-guidance/images/
1 KB
2 KB
Image
General
Full URL
https://ministryofjustice.github.io/security-guidance/images/gov-uk-logotype-crown.png
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
5f4973ebfea5f441dd6d99e411f4d689b994c66b87920e40ad7fffe22f59f079

Request headers

:path
/security-guidance/images/gov-uk-logotype-crown.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
0cf239055092dac5793284f9f1a2e4e071cecb62
date
Mon, 21 Jun 2021 11:19:23 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
1385
x-served-by
cache-ams21065-AMS
last-modified
Tue, 15 Jun 2021 13:46:40 GMT
server
GitHub.com
x-github-request-id
4826:127B5:15494E6:15F7EEC:60D075BB
x-timer
S1624274363.140063,VS0,VE97
etag
"60c8af40-569"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 21 Jun 2021 11:29:23 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
js
www.googletagmanager.com/gtag/
120 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W19L37E3LR
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f5463492e7ae6ea03eb4c8144c8b18c4f2a7e5552623dfe5a88fe238546f523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ministryofjustice.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 11:19:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47145
x-xss-protection
0
expires
Mon, 21 Jun 2021 11:19:23 GMT
print.css
ministryofjustice.github.io/security-guidance/stylesheets/
279 KB
199 KB
Stylesheet
General
Full URL
https://ministryofjustice.github.io/security-guidance/stylesheets/print.css
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
5861b1b983ae3f9c24e4a06078f4bb8efaa2cfef316434641f14442867bec0e7

Request headers

:path
/security-guidance/stylesheets/print.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
0954db59f46deb0832954fed2f4a5ecab701ea3a
date
Mon, 21 Jun 2021 11:19:23 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
203130
x-served-by
cache-ams21065-AMS
access-control-allow-origin
*
last-modified
Tue, 15 Jun 2021 13:46:49 GMT
server
GitHub.com
x-github-request-id
86F0:38B9:1320BB5:13C5672:60D075BB
x-timer
S1624274363.140620,VS0,VE108
etag
W/"60c8af49-45c65"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Mon, 21 Jun 2021 11:29:23 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
cookieconsent.min.css
ministryofjustice.github.io/stylesheets/
0
0
Stylesheet
General
Full URL
https://ministryofjustice.github.io/stylesheets/cookieconsent.min.css
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path
/stylesheets/cookieconsent.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
bf60bb2a58ef8e5fa7b34e6686a4247a732d6cfb
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
etag
W/"5f74c501-247b"
age
0
x-cache
HIT
x-cache-hits
1
content-length
5232
x-served-by
cache-ams21065-AMS
access-control-allow-origin
*
server
GitHub.com
x-github-request-id
FD4A:127B3:3318A4:39323D:60D075BA
x-timer
S1624274363.118990,VS0,VE0
date
Mon, 21 Jun 2021 11:19:23 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
open-government-licence.png
ministryofjustice.github.io/security-guidance/images/
761 B
947 B
Image
General
Full URL
https://ministryofjustice.github.io/security-guidance/images/open-government-licence.png
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042

Request headers

:path
/security-guidance/images/open-government-licence.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
1aab90de9657155993d79df8735f3a9e5896dad6
date
Mon, 21 Jun 2021 11:19:23 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
761
x-served-by
cache-ams21065-AMS
last-modified
Tue, 15 Jun 2021 13:46:40 GMT
server
GitHub.com
x-github-request-id
3638:100B2:1E9D52E:1F8599C:60D075BB
x-timer
S1624274363.150242,VS0,VE93
etag
"60c8af40-2f9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 21 Jun 2021 11:29:23 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
govuk-crest.png
ministryofjustice.github.io/security-guidance/images/
4 KB
4 KB
Image
General
Full URL
https://ministryofjustice.github.io/security-guidance/images/govuk-crest.png
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Request headers

:path
/security-guidance/images/govuk-crest.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
442ee97240393f16da9e90b920e95d87791f73cd
date
Mon, 21 Jun 2021 11:19:23 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
3584
x-served-by
cache-ams21065-AMS
last-modified
Tue, 15 Jun 2021 13:46:40 GMT
server
GitHub.com
x-github-request-id
1BEE:87BF:118FB6F:126BE5C:60D075BB
x-timer
S1624274363.150280,VS0,VE90
etag
"60c8af40-e00"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 21 Jun 2021 11:29:23 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
truncated
/
94 KB
94 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30

Request headers

Origin
https://ministryofjustice.github.io
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
71 KB
71 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba

Request headers

Origin
https://ministryofjustice.github.io
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
anchored-heading-icon.png
ministryofjustice.github.io/security-guidance/images/
542 B
769 B
Image
General
Full URL
https://ministryofjustice.github.io/security-guidance/images/anchored-heading-icon.png
Requested by
Host: ministryofjustice.github.io
URL: https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
4a3475b51ebbab7075453ff9287784ed5f8e226a09c1cecab615d0da88e7f3d3

Request headers

:path
/security-guidance/images/anchored-heading-icon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ministryofjustice.github.io
referer
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ministryofjustice.github.io/security-guidance/stylesheets/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
acb57595b2dc82d887dd1c6619789f05afeb7ab3
date
Mon, 21 Jun 2021 11:19:23 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
542
x-served-by
cache-ams21065-AMS
last-modified
Tue, 15 Jun 2021 13:46:40 GMT
server
GitHub.com
x-github-request-id
FF86:A9C9:262FBAB:274CDF9:60D075BB
x-timer
S1624274363.367271,VS0,VE90
etag
"60c8af40-21e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 21 Jun 2021 11:29:23 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
collect
www.google-analytics.com/g/
0
80 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W19L37E3LR&gtm=2oe6g0&_p=1088295679&sr=1600x1200&ul=en-us&cid=1919409804.1624274363&_s=1&dl=https%3A%2F%2Fministryofjustice.github.io%2Fsecurity-guidance%2F&dt=MoJ%20Security%20Guidance&sid=1624274363&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W19L37E3LR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ministryofjustice.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 11:19:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ministryofjustice.github.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W19L37E3LR&gtm=2oe6g0&_p=1088295679&sr=1600x1200&ul=en-us&cid=1919409804.1624274363&_s=2&dl=https%3A%2F%2Fministryofjustice.github.io%2Fsecurity-guidance%2F&dt=MoJ%20Security%20Guidance&sid=1624274363&sct=1&seg=0&en=scroll&_et=85&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W19L37E3LR
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ministryofjustice.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 11:19:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ministryofjustice.github.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| html5 object| Modernizr object| FixedSticky function| _ object| GOVUK function| gtag object| dataLayer object| jQuery112409825330868708859 object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

2 Cookies

Domain/Path Name / Value
.ministryofjustice.github.io/ Name: _ga
Value: GA1.1.1919409804.1624274363
.ministryofjustice.github.io/ Name: _ga_W19L37E3LR
Value: GS1.1.1624274363.1.0.1624274363.0