static.ndev.dwp.condatis.com Open in urlscan Pro
172.167.12.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://static.ndev.dwp.condatis.com/
Submission: On July 04 via api (July 4th 2024, 3:11:27 am UTC) from US — Scanned from GB

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 172.167.12.67, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is static.ndev.dwp.condatis.com.
TLS certificate: Issued by R11 on July 3rd 2024. Valid for: 3 months.

This is the only time static.ndev.dwp.condatis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
19	172.167.12.67 172.167.12.67		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
19	2

19 172.167.12.67 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.ndev.dwp.condatis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	condatis.com static.ndev.dwp.condatis.com	400 KB
19	1

	Domain	Requested by
19	static.ndev.dwp.condatis.com	static.ndev.dwp.condatis.com
19	1

This site contains links to these domains. Also see Links.

Domain
dwpdigital.blog.gov.uk
admin.eas.dwp.gov.uk
www.nationalarchives.gov.uk

Subject Issuer	Validity	Valid
static.ndev.dwp.condatis.com R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://static.ndev.dwp.condatis.com/
Frame ID: A51410017DA438FE1DE34FCE6B6B73B4
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EAS - Index

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GOV.UK Frontend (UI frameworks) Expand

Overall confidence: 10%
Detected patterns

<a[^>]+govuk-link

GOV.UK Template (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+govuk-template[^>"]+css
<link[^>]+govuk-template-print[^>"]+css
<link[^>]+govuk-template-ie6[^>"]+css
<link[^>]+govuk-template-ie7[^>"]+css
<link[^>]+govuk-template-ie8[^>"]+css
govuk-template\.js

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

prism\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

565 kB
Transfer

779 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://dwpdigital.blog.gov.uk/
Title: DWP Digital

Search URL Search Domain Scan URL

URL: https://admin.eas.dwp.gov.uk/Accessibility
Title: Accessibility statement (Opens a new tab)

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/information-management/re-using-portcheck-sector-information/copyright-and-re-use/crown-copyright/
Title: © Crown copyright

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
static.ndev.dwp.condatis.com/ 7 KB
2 KB 548ms
59ms Document
text/html 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c7cb3232e37fb5dae01f44b011cab4abce7d8b1cf0f2b9bb02624414d2730ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Jul 2024 03:11:21 GMT
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051
Strict-Transport-Security: max-age=2592000
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK govuk-template.css
static.ndev.dwp.condatis.com/styles/ 21 KB
6 KB 46ms
45ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/govuk-template.css?0.23.0

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a23a5c33cab0ec819cab1317f773ee4c8c612231de9076df53d8ae6228ccfed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912e16b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK fonts.css
static.ndev.dwp.condatis.com/styles/ 267 KB
271 KB 163ms
161ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/fonts.css?0.23.0

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a528ccc945a82c9af4b09971cffe3c6ecb37d9b9dc446c8f53cadc81cb8cea43

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf91698b2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK govuk-elements-styles.css
static.ndev.dwp.condatis.com/styles/ 44 KB
9 KB 121ms
74ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/govuk-elements-styles.css

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6cb73e0577b183321d3fa261fad47b054ff41cb9ccfefc61940baad635cef010

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf9121c01"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK elements-documentation.css
static.ndev.dwp.condatis.com/styles/ 6 KB
2 KB 185ms
123ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/elements-documentation.css

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dd2b50643e1e30856de94ccd0c6be5be0ca1ded77ebdf32fdf034cc4759498b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912a4b1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK Site.css
static.ndev.dwp.condatis.com/styles/ 5 KB
2 KB 182ms
121ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/Site.css

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6a01388e0ae195411f29bf56f015f5890f7756b516bde16c52675789cb6c8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912a7dd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK prism.css
static.ndev.dwp.condatis.com/styles/vendor/ 2 KB
1 KB 164ms
103ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/vendor/prism.css

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b84ab454adf763e775dacffe3bbff53633930f9e941e6d7bb5f609117452050

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912ba38"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK prism.js Show response
static.ndev.dwp.condatis.com/scripts/vendor/ 12 KB
6 KB 185ms
124ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/vendor/prism.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

36972a2c9d5e9027082091b2ac54588b3289b66944e55c5a217d27407b3cbc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf9129c9e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK jquery.min.js Show response
static.ndev.dwp.condatis.com/scripts/vendor/ 95 KB
43 KB 216ms
94ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/vendor/jquery.min.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf913c88e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
static.ndev.dwp.condatis.com/scripts/vendor/ 93 KB
33 KB 264ms
99ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/vendor/bootstrap.bundle.min.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

895b679daec07e3cfdedb49b6051c7381ffb7e2bb608bf76099602b9636f04b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf913c160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK siteScripts.js Show response
static.ndev.dwp.condatis.com/scripts/ 38 KB
10 KB 240ms
58ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/siteScripts.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ab3bf25c8f6d7e11c6166de15ba794cd16479b9c9a79368cbd66983250ed4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf91224c8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK govuk-template.js Show response
static.ndev.dwp.condatis.com/scripts/ 3 KB
2 KB 236ms
49ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/govuk-template.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c85df95c4bd9bc7a751559af9fdb06e285d90597fe9ddf225758d62c7553f9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912be4c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK bind.js Show response
static.ndev.dwp.condatis.com/scripts/vendor/polyfills/ 1 KB
1 KB 236ms
49ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/vendor/polyfills/bind.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

798294e9b9f44cef19d74dc0c0a204c11cb961538b3be8056447cbd6cc29536d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912b7cc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK details.polyfill.js Show response
static.ndev.dwp.condatis.com/scripts/govuk/ 10 KB
4 KB 288ms
48ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/govuk/details.polyfill.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

483d4cfde3443d160a676a9a548d323d9ca707f74b32d51777d7c27f2d4854cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf9129490"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK shim-links-with-button-role.js Show response
static.ndev.dwp.condatis.com/scripts/govuk/ 1 KB
1 KB 289ms
49ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/govuk/shim-links-with-button-role.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2506471e943bb6bc17f60db2f2a3de4f623423cac9b8728d04a88b36bfa3dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912b740"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK show-hide-content.js Show response
static.ndev.dwp.condatis.com/scripts/govuk/ 5 KB
2 KB 281ms
41ms Script
text/javascript 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/scripts/govuk/show-hide-content.js

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

77077811544eeaa311da980d4c392f06732485426d8161b28b2c1e9e56e14cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912a621"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK govuk-template-print.css
static.ndev.dwp.condatis.com/styles/ 2 KB
1 KB 37ms
37ms Stylesheet
text/css 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/styles/govuk-template-print.css?0.23.0

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

efb298d2297d1e2eb2922e8b5bd964ba733c3e9657389204ed664be85fe3c40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912b59a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
H/1.1 200
OK govuk-crest.png
static.ndev.dwp.condatis.com/styles/images/ 4 KB
4 KB 36ms
36ms Image
image/png 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ndev.dwp.condatis.com/styles/images/govuk-crest.png?0.23.0

Requested by

Host: static.ndev.dwp.condatis.com
URL: https://static.ndev.dwp.condatis.com/styles/govuk-template.css?0.23.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/styles/govuk-template.css?0.23.0
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Wed, 12 Jun 2024 09:43:26 GMT
ETag: "1dabcacf912bd00"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3584
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

GET
DATA 200
OK truncated
/ 94 KB
94 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30

Request headers

Referer
Origin: https://static.ndev.dwp.condatis.com
Accept-Language: en-GB,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 71 KB
71 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba

Request headers

Referer
Origin: https://static.ndev.dwp.condatis.com
Accept-Language: en-GB,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H/1.1 404
Not Found favicon.ico
static.ndev.dwp.condatis.com/ 0
218 B 39ms
39ms Other
text/plain 172.167.12.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ndev.dwp.condatis.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.167.12.67 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.ndev.dwp.condatis.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 03:11:21 GMT
Strict-Transport-Security: max-age=2592000
Connection: keep-alive
Content-Length: 0
Request-Context: appId=cid-v1:07391395-64e8-40ff-8399-1bcb97c22051

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.ndev.dwp.condatis.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.ndev.dwp.condatis.com
172.167.12.67
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30
0ab3bf25c8f6d7e11c6166de15ba794cd16479b9c9a79368cbd66983250ed4a5
36972a2c9d5e9027082091b2ac54588b3289b66944e55c5a217d27407b3cbc1c
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3b84ab454adf763e775dacffe3bbff53633930f9e941e6d7bb5f609117452050
483d4cfde3443d160a676a9a548d323d9ca707f74b32d51777d7c27f2d4854cb
6cb73e0577b183321d3fa261fad47b054ff41cb9ccfefc61940baad635cef010
77077811544eeaa311da980d4c392f06732485426d8161b28b2c1e9e56e14cb6
798294e9b9f44cef19d74dc0c0a204c11cb961538b3be8056447cbd6cc29536d
7c7cb3232e37fb5dae01f44b011cab4abce7d8b1cf0f2b9bb02624414d2730ff
895b679daec07e3cfdedb49b6051c7381ffb7e2bb608bf76099602b9636f04b6
a23a5c33cab0ec819cab1317f773ee4c8c612231de9076df53d8ae6228ccfed9
a2506471e943bb6bc17f60db2f2a3de4f623423cac9b8728d04a88b36bfa3dbf
a528ccc945a82c9af4b09971cffe3c6ecb37d9b9dc446c8f53cadc81cb8cea43
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c85df95c4bd9bc7a751559af9fdb06e285d90597fe9ddf225758d62c7553f9e1
dd2b50643e1e30856de94ccd0c6be5be0ca1ded77ebdf32fdf034cc4759498b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a01388e0ae195411f29bf56f015f5890f7756b516bde16c52675789cb6c8d7
efb298d2297d1e2eb2922e8b5bd964ba733c3e9657389204ed664be85fe3c40e

static.ndev.dwp.condatis.com Open in urlscan Pro 172.167.12.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

565 kBTransfer

779 kBSize

0 Cookies

3 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

30 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

static.ndev.dwp.condatis.com Open in urlscan Pro
172.167.12.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

565 kB
Transfer

779 kB
Size

0
Cookies

19 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!