ministryofjustice.github.io
Open in
urlscan Pro
185.199.108.153
Malicious Activity!
Public Scan
Effective URL: https://ministryofjustice.github.io/security-guidance/
Submission: On June 21 via manual from SG
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time ministryofjustice.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 185.199.108.153 185.199.108.153 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
15 | 4 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
ministryofjustice.github.io |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
github.io
1 redirects
ministryofjustice.github.io |
532 KB |
2 |
google-analytics.com
www.google-analytics.com |
97 B |
1 |
googletagmanager.com
www.googletagmanager.com |
46 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
13 | ministryofjustice.github.io |
1 redirects
ministryofjustice.github.io
|
2 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
ministryofjustice.github.io
|
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.uk |
intranet.justice.gov.uk |
www.nationalarchives.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ministryofjustice.github.io/security-guidance/
Frame ID: 08F94C33BBC7348EEA789F0F31A1CF6C
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ministryofjustice.github.io/security-guidance/
HTTP 301
https://ministryofjustice.github.io/security-guidance/ Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
GitHub Pages (CDN) Expand
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Title: Ministry of Justice (MoJ)
Search URL Search Domain Scan URL
Title: Government Functional Standard - GovS 007: Security
Search URL Search Domain Scan URL
Title: HMG Security Policy Framework (SPF)
Search URL Search Domain Scan URL
Title: Minimum Cyber Security Standard (MCSS)
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: IT and Computer Security
Search URL Search Domain Scan URL
Title: Open Government Licence
Search URL Search Domain Scan URL
Title: © Crown copyright
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ministryofjustice.github.io/security-guidance/
HTTP 301
https://ministryofjustice.github.io/security-guidance/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ministryofjustice.github.io/security-guidance/ Redirect Chain
|
60 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen.css
ministryofjustice.github.io/security-guidance/stylesheets/ |
287 KB 200 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.js
ministryofjustice.github.io/security-guidance/javascripts/ |
140 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.min.css
ministryofjustice.github.io/stylesheets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.min.js
ministryofjustice.github.io/javascripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gov007overview.png
ministryofjustice.github.io/security-guidance/images/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gov-uk-logotype-crown.png
ministryofjustice.github.io/security-guidance/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
120 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
ministryofjustice.github.io/security-guidance/stylesheets/ |
279 KB 199 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.min.css
ministryofjustice.github.io/stylesheets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-government-licence.png
ministryofjustice.github.io/security-guidance/images/ |
761 B 947 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
govuk-crest.png
ministryofjustice.github.io/security-guidance/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
94 KB 94 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
71 KB 71 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchored-heading-icon.png
ministryofjustice.github.io/security-guidance/images/ |
542 B 769 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 80 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| html5 object| Modernizr object| FixedSticky function| _ object| GOVUK function| gtag object| dataLayer object| jQuery112409825330868708859 object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ministryofjustice.github.io/ | Name: _ga Value: GA1.1.1919409804.1624274363 |
|
.ministryofjustice.github.io/ | Name: _ga_W19L37E3LR Value: GS1.1.1624274363.1.0.1624274363.0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ministryofjustice.github.io
www.google-analytics.com
www.googletagmanager.com
185.199.108.153
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2008
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30
271c4c90b6cf06f7b7a1e1279febf5d602ba4afab6cc2896327a0446fd90e2ad
4a3475b51ebbab7075453ff9287784ed5f8e226a09c1cecab615d0da88e7f3d3
5861b1b983ae3f9c24e4a06078f4bb8efaa2cfef316434641f14442867bec0e7
5f4973ebfea5f441dd6d99e411f4d689b994c66b87920e40ad7fffe22f59f079
6e01c7be8c4c64ee6bbc70d8476eee4fe7f074b4e9b15e2b6746270d5867f900
6f5463492e7ae6ea03eb4c8144c8b18c4f2a7e5552623dfe5a88fe238546f523
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
caf034d8d8add3cf0078ad1498b552c0aef0a7740001451a04a50e7eb0b663a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd834b573d8da5b83d8f254c080a351ebb707d897258cfd104f5bc3fadb90281