urlscan.io logo urlscan.io
SecurityTrails logo

csrtesting.wcn.co.uk Open in urlscan Pro
62.216.225.94  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cshr-config.tal.net/vx/lang-en-GB/candidate/application/16165
Effective URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_a...
Submission: On January 28 via manual from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 62.216.225.94, located in Netherlands and belongs to EQUINIX, NL. The main domain is csrtesting.wcn.co.uk.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 3rd 2024. Valid for: a year.
This is the only time csrtesting.wcn.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 213.52.141.153 15830 (EQUINIX)
15 62.216.225.94 15830 (EQUINIX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 4
Apex Domain
Subdomains		 Transfer
15 wcn.co.uk
csrtesting.wcn.co.uk
static-csrtesting.wcn.co.uk
273 KB
1 gstatic.com
www.gstatic.com
193 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 tal.net
cshr-config.tal.net
1 KB
17 4
Domain Requested by
14 static-csrtesting.wcn.co.uk csrtesting.wcn.co.uk
static-csrtesting.wcn.co.uk
1 www.gstatic.com www.google.com
1 www.google.com csrtesting.wcn.co.uk
1 csrtesting.wcn.co.uk
1 cshr-config.tal.net 1 redirects
17 5

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
www.nationalarchives.gov.uk
Subject Issuer Validity Valid
*.wcn.co.uk
Go Daddy Secure Certificate Authority - G2		 2024-01-03 -
2025-02-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Frame ID: C3A7E4763CCBBA87F3D8716F5D1A7131
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in - Civil Service Jobs - GOV.UK

Page URL History Show full URLs

  1. https://cshr-config.tal.net/vx/lang-en-GB/candidate/application/16165 HTTP 302
    https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20ol... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+govuk-template[^>"]+css
  • <link[^>]+govuk-template-print[^>"]+css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

632 kB
Transfer

1179 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cshr-config.tal.net/vx/lang-en-GB/candidate/application/16165 HTTP 302
    https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth.cgi
csrtesting.wcn.co.uk/csr/oidc/pub/
Redirect Chain
  • https://cshr-config.tal.net/vx/lang-en-GB/candidate/application/16165
  • https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_u...
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
b393cb174be4fa717aaf266c0738051680a37b960d730bc8264e918fc4f17ea7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5003
Content-Type
text/html; charset=ISO-8859-1
Content-security-policy
frame-ancestors 'none'
Date
Sun, 28 Jan 2024 16:45:26 GMT
P3P
CP="ALL DSP COR LAW DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Referrer-policy
same-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-content-type-options
nosniff
X-frame-options
DENY
X-permitted-cross-domain-policies
none

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate,post-check=0, pre-check=0, max-age=0
Connection
close
Content-Language
en,en-gb
Content-Length
554
Content-Type
text/html; charset=utf-8
Date
Sun, 28 Jan 2024 16:45:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
Deny
X-WCN-UUID
4a3af26b-ddd2-4fd6-bedf-9ef22aaf7914
X-XSS-Protection
1; mode=block
main.css
static-csrtesting.wcn.co.uk/company/csr/css/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/css/main.css
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
d3f5b82d9ee13820a83e2ad31edbdac4973b0d901592efab345b98ad25dc83fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 29 Nov 2023 10:34:11 GMT
Server
nginx
ETag
"3367866644"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6311
Expires
Sun, 28 Jan 2024 18:45:26 GMT
csrportal3.css
static-csrtesting.wcn.co.uk/company/csr/css/ 		85 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/css/csrportal3.css
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
9398be1223bbb9fc5c653b424b3a56b230bf8598ba2289f390d3ff94074c14a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 12 Jan 2024 11:46:38 GMT
Server
nginx
ETag
"1361681662"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13857
Expires
Sun, 28 Jan 2024 18:45:26 GMT
jquery-3.6.1.min.js
static-csrtesting.wcn.co.uk/javascripts/JQuery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/javascripts/JQuery/jquery-3.6.1.min.js
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2022 18:04:10 GMT
Server
nginx
ETag
"899412221"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31032
Expires
Sun, 28 Jan 2024 18:45:26 GMT
welsh_translations.js
static-csrtesting.wcn.co.uk/company/csr/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/js/welsh_translations.js
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
9e96b34a49710f45f4c8319fa62e975af9bb3d99585065d5a170e3f925a01f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2023 12:08:22 GMT
Server
nginx
ETag
"1812417174"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1171
Expires
Sun, 28 Jan 2024 18:45:26 GMT
csrportal.js
static-csrtesting.wcn.co.uk/company/csr/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/js/csrportal.js
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
9662a92d7fb8c3d00040c4a76f85fa3ff398403cb24050669ac4e03d0f373537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 05:26:48 GMT
Server
nginx
ETag
"1361053436"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2011
Expires
Sun, 28 Jan 2024 18:45:26 GMT
cookies_accepted.js
static-csrtesting.wcn.co.uk/company/csr/js/ 		895 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/js/cookies_accepted.js
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
f759594d7511a4351d5e8bf2be4ec919cdefe675bc07ed95446dd372c8594596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sat, 20 Feb 2021 13:30:44 GMT
Server
nginx
ETag
"857506835"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
405
Expires
Sun, 28 Jan 2024 18:45:26 GMT
govuk-template.css
static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/govuk-template.css?0.12.0
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
f774a77caa79ff951b3465ff06c5c5d8c07f3595085ecfd6e0a5d6fee08be971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Thu, 23 Nov 2023 03:17:51 GMT
Server
nginx
ETag
"3242605623"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4371
Expires
Sun, 28 Jan 2024 18:45:26 GMT
govuk-template-override.css
static-csrtesting.wcn.co.uk/company/csr/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/css/govuk-template-override.css
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
63820aa6ad4a7c528391a903f9f24ce6a5712de6d29ed9fcb5fb4cdb757f1259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 05:26:48 GMT
Server
nginx
ETag
"182746375"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2599
Expires
Sun, 28 Jan 2024 18:45:26 GMT
fonts.css
static-csrtesting.wcn.co.uk/csr/assets/stylesheets/ 		267 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/fonts.css?0.12.0
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
6813a04aa7ebe09726eda5fdd9c4abf1c5f151335adf0ad90474a5fe316e87ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Thu, 27 Mar 2014 16:43:50 GMT
Server
nginx
ETag
"2459886694"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200197
Expires
Sun, 28 Jan 2024 18:45:26 GMT
captchav2.1.js
static-csrtesting.wcn.co.uk/javascripts/ 		2 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/javascripts/captchav2.1.js
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f9daa01235554c293bacd7becc9aadf5fb9ec95c500cf33d5cd623e415a8d66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2022 12:49:54 GMT
Server
nginx
ETag
"2827700167"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
483
Expires
Sun, 28 Jan 2024 18:45:26 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d96185a70d7be4e3c5d2d01fe65519df1797727bd39de8dcb56f21856ac97757
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 16:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 28 Jan 2024 16:45:26 GMT
print.css
static-csrtesting.wcn.co.uk/company/csr/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/company/csr/css/print.css
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
8ecc13f6a836354984cb0b3f5aaca98fc723f1b317d3c41748c827270a28032b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2015 14:11:29 GMT
Server
nginx
ETag
"1674518762"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
847
Expires
Sun, 28 Jan 2024 18:45:26 GMT
govuk-template-print.css
static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/govuk-template-print.css?0.12.0
Requested by
Host: csrtesting.wcn.co.uk
URL: https://csrtesting.wcn.co.uk/csr/oidc/pub/auth.cgi?response_type=code&scope=openid%20email%20profile%20oleeo_cshr%20offline_access&client_id=vX&state=0e2f48db-c88a-47e2-a92c-566919a18dc6&redirect_uri=https%3A%2F%2Fcshr-config.tal.net%2Fvx%2Fsso%2Fauth%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
56a2e37d46bfc2a9250a9245e2c1762b36e56e91f2bc8b088061206174496b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 07 Jan 2015 16:25:42 GMT
Server
nginx
ETag
"4254436240"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
667
Expires
Sun, 28 Jan 2024 18:45:26 GMT
open-government-licence.png
static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/images/ 		761 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/images/open-government-licence.png?0.12.0
Requested by
Host: static-csrtesting.wcn.co.uk
URL: https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/govuk-template.css?0.12.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/govuk-template.css?0.12.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 15 Jan 2015 12:19:35 GMT
Server
nginx
ETag
"2616799231"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
761
Expires
Sun, 28 Jan 2024 18:45:26 GMT
govuk-crest.png
static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/images/govuk-crest.png?0.12.0
Requested by
Host: static-csrtesting.wcn.co.uk
URL: https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/govuk-template.css?0.12.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.225.94 , Netherlands, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static-csrtesting.wcn.co.uk/csr/assets/stylesheets/2015-01-07/govuk-template.css?0.12.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:45:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Mar 2014 16:43:50 GMT
Server
nginx
ETag
"1973934916"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3584
Expires
Sun, 28 Jan 2024 18:45:26 GMT
truncated
/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba

Request headers

Referer
Origin
https://csrtesting.wcn.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30

Request headers

Referer
Origin
https://csrtesting.wcn.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/font-woff
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 		481 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://csrtesting.wcn.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 13:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196969
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 13:29:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| translations undefined| language_code function| setLangCode function| get_trans_str function| getCookie boolean| oleeoLoggingOn function| oleeoLog function| oleeoWarn function| oleeoError function| oleeoJQuery function| getInternetExplorerVersion function| isInternetExplorer6 function| csrClearDiv function| csrPortalQuery function| submitFormWithValue function| submitFormById function| mandatorySearchFieldsComplete function| checkAlertSubmitButton function| set_csjobs_cookie_message object| captchaV2Dependencies function| reCaptchaXcaptchaComplete function| reCaptchaXcaptchaExpired function| iteratecaptchaV2Dependencies function| captchaV2DependenentCheckbox object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

4 Cookies

Domain/Path Name / Value
cshr-config.tal.net/vx/ Name: wcn_session
Value: 000178d3f8f849f10da8df888041de4f856eb8dce0ccdfe666be09199f6a080f98415bafaa938b23da74
cshr-config.tal.net/vx/ Name: Csrf-token
Value: 3c0182eb8e1b6805137459a8897c900413f4993d
.wcn.co.uk/ Name: request_token
Value: 3b4a29288d0b43f2ae345bafcde38c02
csrtesting.wcn.co.uk/ Name: language
Value: 203

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cshr-config.tal.net
csrtesting.wcn.co.uk
static-csrtesting.wcn.co.uk
www.google.com
www.gstatic.com
213.52.141.153
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
62.216.225.94
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30
3f9daa01235554c293bacd7becc9aadf5fb9ec95c500cf33d5cd623e415a8d66
56a2e37d46bfc2a9250a9245e2c1762b36e56e91f2bc8b088061206174496b25
63820aa6ad4a7c528391a903f9f24ce6a5712de6d29ed9fcb5fb4cdb757f1259
6813a04aa7ebe09726eda5fdd9c4abf1c5f151335adf0ad90474a5fe316e87ed
8ecc13f6a836354984cb0b3f5aaca98fc723f1b317d3c41748c827270a28032b
9398be1223bbb9fc5c653b424b3a56b230bf8598ba2289f390d3ff94074c14a7
9662a92d7fb8c3d00040c4a76f85fa3ff398403cb24050669ac4e03d0f373537
9e96b34a49710f45f4c8319fa62e975af9bb3d99585065d5a170e3f925a01f0c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b393cb174be4fa717aaf266c0738051680a37b960d730bc8264e918fc4f17ea7
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
d3f5b82d9ee13820a83e2ad31edbdac4973b0d901592efab345b98ad25dc83fa
d96185a70d7be4e3c5d2d01fe65519df1797727bd39de8dcb56f21856ac97757
f759594d7511a4351d5e8bf2be4ec919cdefe675bc07ed95446dd372c8594596
f774a77caa79ff951b3465ff06c5c5d8c07f3595085ecfd6e0a5d6fee08be971