fly1.wordsworth.site
Open in
urlscan Pro
2606:4700:3033::ac43:8b1e
Malicious Activity!
Public Scan
Effective URL: https://fly1.wordsworth.site/
Submission: On July 06 via api from US — Scanned from DE
Summary
TLS certificate: Issued by E1 on June 1st 2024. Valid for: 3 months.
This is the only time fly1.wordsworth.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 28 | 2606:4700:303... 2606:4700:3033::ac43:8b1e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:600... 2a04:4e42:600::144 | 54113 (FASTLY) (FASTLY) | |
27 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
wordsworth.site
2 redirects
fly1.wordsworth.site |
192 KB |
1 |
www.gov.uk
www.gov.uk — Cisco Umbrella Rank: 19238 |
2 KB |
27 | 2 |
Domain | Requested by | |
---|---|---|
28 | fly1.wordsworth.site |
2 redirects
fly1.wordsworth.site
|
1 | www.gov.uk | |
27 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.uk |
www.smartsurvey.co.uk |
www.nationalarchives.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
wordsworth.site E1 |
2024-06-01 - 2024-08-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://fly1.wordsworth.site/
Frame ID: 43F3D0E15BE032760F81E2C0C807D8F6
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Welcome to GOV.UKPage URL History Show full URLs
-
http://fly1.wordsworth.site:443/
HTTP 307
https://fly1.wordsworth.site/ Page URL
-
https://fly1.wordsworth.site/cdn-cgi/phish-bypass?atok=s6XftJZds6TabUBOztDQyPBwIMmfmGq8DrJS.mHYDkI-172030...
HTTP 301
https://fly1.wordsworth.site/ Page URL
Detected technologies
GOV.UK Frontend (UI frameworks) ExpandDetected patterns
- <body[^>]+govuk-template__body
- <a[^>]+govuk-link
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Title: GOV.UK
Search URL Search Domain Scan URL
Title: Benefits
Search URL Search Domain Scan URL
Title: Births, death, marriages and care
Search URL Search Domain Scan URL
Title: Business and self-employed
Search URL Search Domain Scan URL
Title: Childcare and parenting
Search URL Search Domain Scan URL
Title: Citizenship and living in the UK
Search URL Search Domain Scan URL
Title: Crime, justice and the law
Search URL Search Domain Scan URL
Title: Disabled people
Search URL Search Domain Scan URL
Title: Driving and transport
Search URL Search Domain Scan URL
Title: Education and learning
Search URL Search Domain Scan URL
Title: Employing people
Search URL Search Domain Scan URL
Title: Environment and countryside
Search URL Search Domain Scan URL
Title: Housing and local services
Search URL Search Domain Scan URL
Title: Money and tax
Search URL Search Domain Scan URL
Title: Passports, travel and living abroad
Search URL Search Domain Scan URL
Title: Visas and immigration
Search URL Search Domain Scan URL
Title: Working, jobs and pensions
Search URL Search Domain Scan URL
Title: Departments
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Guidance and regulation
Search URL Search Domain Scan URL
Title: Research and statistics
Search URL Search Domain Scan URL
Title: Policy papers and consultations
Search URL Search Domain Scan URL
Title: Transparency
Search URL Search Domain Scan URL
Title: Please fill in this survey (opens in a new tab)
Search URL Search Domain Scan URL
Title: How government works
Search URL Search Domain Scan URL
Title: Get involved
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Accessibility statement
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: Rhestr o Wasanaethau Cymraeg
Search URL Search Domain Scan URL
Title: Government Digital Service
Search URL Search Domain Scan URL
Title: Open Government Licence v3.0
Search URL Search Domain Scan URL
Title: © Crown copyright
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fly1.wordsworth.site:443/
HTTP 307
https://fly1.wordsworth.site/ Page URL
-
https://fly1.wordsworth.site/cdn-cgi/phish-bypass?atok=s6XftJZds6TabUBOztDQyPBwIMmfmGq8DrJS.mHYDkI-1720302392-0.0.1.1-%2F
HTTP 301
https://fly1.wordsworth.site/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://fly1.wordsworth.site:443/ HTTP 307
- https://fly1.wordsworth.site/
- https://fly1.wordsworth.site/favicon.ico HTTP 301
- https://www.gov.uk/assets/static/favicon-f54816fc15997bd42cd90e4c50b896a1fc098c0c32957d4e5effbfa9f9b35e53.ico
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
fly1.wordsworth.site/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
fly1.wordsworth.site/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
fly1.wordsworth.site/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-f54816fc15997bd42cd90e4c50b896a1fc098c0c32957d4e5effbfa9f9b35e53.ico
www.gov.uk/assets/static/ Redirect Chain
|
14 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
fly1.wordsworth.site/ Redirect Chain
|
91 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-abf5889831a7d13a1ce6893c6d8174b47ae1d49d41fc96b43a39396488508625.css
fly1.wordsworth.site/assets/frontend/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_homepage-c1b66b2393b55888fd0d78df91900ca65dc0b29a03d943423cbb1796dbf19a1b.css
fly1.wordsworth.site/assets/frontend/views/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_homepage_header-949e3a40b17e1636270d77f0c9a60cf81bc03f6d14c49c25a576d46c0b538dff.css
fly1.wordsworth.site/assets/frontend/views/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_popular_links-4ecc3766c0884579358bdd11899cce950bd33d5f6a1c99c800fd34f0a20d9a92.css
fly1.wordsworth.site/assets/frontend/views/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_action-link-7b550b1c08a9819c14d48d4b7be881ffdf45f72c095d81fd65bb7da26c330b7d.css
fly1.wordsworth.site/assets/frontend/govuk_publishing_components/components/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_image-card-38f2b93fc9cb05cd5a8ee84aac1bd48c5cb96c2126b281948ef8a9af8ea817b6.css
fly1.wordsworth.site/assets/frontend/govuk_publishing_components/components/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lux-measurer-db6c8505a6690974922b8578eb1f2208d3073807f98d9a048efe9991f8dfc92d.js
fly1.wordsworth.site/assets/static/govuk_publishing_components/vendor/lux/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum-loader-a65b10e18ceeba3bd8a2eac507c7f2c513cdc82f35097df903fdea87f1dc2e33.js
fly1.wordsworth.site/assets/static/govuk_publishing_components/ |
702 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load-analytics-c62df4470b105613d8cd50184d73e791989aa8356a2416f12527e6648e8ede40.js
fly1.wordsworth.site/assets/static/govuk_publishing_components/ |
82 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-f94ef876d4078497282fd8ae1ab12f5efb66d88df08588c68131178eac4e5ec4.css
fly1.wordsworth.site/assets/static/ |
209 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_homepage_more_on_govuk-fd3a8f9ea3636090a5177943890e7b352971bf7cf18eba6154979465482a12f8.css
fly1.wordsworth.site/assets/frontend/views/ |
728 B 987 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-5920d52c811ad445f6a4bc27de8dbfbbe611524b685491504f652e4d290d6458.js
fly1.wordsworth.site/assets/static/ |
77 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-205d124274c2aad1aa91542f537e2fa4662c0270809a5c5fdaf1f0500aa88dbf.js
fly1.wordsworth.site/assets/frontend/ |
91 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-close-eecb5fdf67d1688ddf2f93e6e09d5f87b9b24e0fc53596ad2a65cf187c2c7c76.svg
fly1.wordsworth.site/assets/static/govuk_publishing_components/ |
227 B 844 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
action-link-arrow--light-f58b707cfd62c1d0fd8fec7d160351debafe0e8a8767691836a3c967835188bb.svg
fly1.wordsworth.site/assets/frontend/govuk_publishing_components/ |
545 B 993 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
govuk-crest-87038e62e594b5f83ea40e0fb480fe7a5f41ba0db3917f709dfb39043f19a0f7.png
fly1.wordsworth.site/assets/static/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bold-b542beb274-v2-35bf540bb39615b6a517986f3aa83f7fefa1efd1878603eeeb196488078542d1.woff2
fly1.wordsworth.site/assets/static/ |
31 KB 31 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
light-94a07e06a1-v2-01565b0034e61d4609689bbb7ae0be844701f3812c8fe029fa1659b7ef3aa94f.woff2
fly1.wordsworth.site/assets/static/ |
33 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
election-2024-edb105fd559b987366a010c40c5b142d3cce667fb070c346097fcc6ce75d78ee.png
fly1.wordsworth.site/assets/frontend/homepage/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
find-a-job-4d38717b0451da3bb223ddea7f681d79e48c1c022da5a08f16aba3f681503150.png
fly1.wordsworth.site/assets/frontend/homepage/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cost-of-living-a0f6a1040426801ec75b101e21de0504f0343bf05adf08acdc3dbc71f0626bb2.png
fly1.wordsworth.site/assets/frontend/homepage/ |
504 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-f54816fc15997bd42cd90e4c50b896a1fc098c0c32957d4e5effbfa9f9b35e53.ico
fly1.wordsworth.site/assets/static/ |
14 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government) Generic Cloudflare (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| analyticsInit function| initFunction object| GOVUK function| parseCookie number| BANNER_VERSION string| GLOBAL_BAR_SEEN_COOKIE object| globalBarInit object| GOVUKFrontend function| nodeListForEach function| onYouTubePlayerAPIReady object| LongTaskObserver function| measureHTTPProtocol object| LUX object| LUX_ae object| LUX_al2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fly1.wordsworth.site/ | Name: __cf_mw_byp Value: s6XftJZds6TabUBOztDQyPBwIMmfmGq8DrJS.mHYDkI-1720302392-0.0.1.1-/ |
|
fly1.wordsworth.site/ | Name: cookies_policy Value: {"essential":true,"settings":false,"usage":false,"campaigns":false} |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fly1.wordsworth.site
www.gov.uk
2606:4700:3033::ac43:8b1e
2a04:4e42:600::144
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
099774dc4cd3deb052a45ae982b8147e0665317a687f37ee3d01b391e606ddb0
152bb32f65f8beafc64a802e176ef779c3da9bf414dcf5089c42232f2092f31f
1ba91b98f1ae49046ae27222543e4bfccc8a5b8818e2ae99802fe946d796961c
2236bbb6fd9bfba01e6d7d6d02aaa955aabea4b53bfa2f7ed315eb1ff5ea378f
22f48df3007e53570c5b968139bf9800114ff0f455771284f5ffebcbce7f86dd
2cfad8650148d546987990b34eaf9b0fb3a535bb598478c87cbd886f35611142
4a2b2327534bf24ccff4d69576b7c9809b5595702603359ae30643b6f1e18a01
52c55d332b888a4965b39a4a2028ce211398cee776d315dcf6a2c68bf41403cd
625824d7d6eb4d9028fb0b9eaecffea71768a1ab991e9942004dce005fa5d517
64367e9c854be2053bfa7aa4d1a02ce53e38cce909cf4f4d085ca009288b5c6b
78aefb5daaa49f8d4191843721e66370124b9534cebd86cef0ce352d5ca0dcfb
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8d6d8643c84df1c85277e8881af2ef9df1854d736ceb53f8ae54093e9a374824
8e2ba19e87f746daa1d13f6df6ccd7c023144c9b1a74758c039ce85a95101823
9b33e6abd6ac2e5c075498bb30009189727a74e7f968d38502a04eceff1ff919
9b90cf8bd25ec0d02d559e212d6e5fcaae50452c72ddd7a1f6f4f7d8666eef8e
a06a9852bf7c03391f68f5a96c6a2d35bd467104247c68b60515b2a269094fb6
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c1777e084e79ec4cd98aaceecba979d593d64b3694255abd777f6f0f45e39474
c8e6cd3407750bc3845366f1fd9c2afdb481cfe93b706d5ab1fb77ff2f8ba244
c9e25d87ee09bc4606268f712b229318acbe12606e8d7a0b96cb19c2ae1dc0ee
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f20b8285392e866956853ce567218d4b237a9c95740915da62c49eb321b234af
f88ff94645f9449f91c52b84c53f7b75774c48842f6ea859abdb28181ed2d933