urlscan.io logo urlscan.io
SecurityTrails logo

www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com Open in urlscan Pro
52.95.150.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Submission Tags: falconsandbox
Submission: On August 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 52.95.150.194, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on January 14th 2021. Valid for: a year.
This is the only time www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

IP Address AS Autonomous System
2 52.95.150.194 16509 (AMAZON-02)
6 104.109.90.232 16625 (AKAMAI-AS)
12 3
Domain Requested by
6 www.tax.service.gov.uk www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
www.tax.service.gov.uk
2 www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
12 2

This site contains links to these domains. Also see Links.

Domain
www.tax.service.gov.uk
www.gov.uk
www.nationalarchives.gov.uk
Subject Issuer Validity Valid
*.s3.eu-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-14 -
2022-01-18		 a year crt.sh
online.hmrc.gov.uk
DigiCert SHA2 Extended Validation Server CA		 2021-07-01 -
2022-03-21		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Frame ID: 089E4BCA79D50C424C4449515EA36940
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

12
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

157 kB
Transfer

362 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.htm
www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/ 		16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
42f6ff88d973800ab927b60d1cecf072391b86cdddfaf1d597144f5cc0789fa3

Request headers

Host
www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2
WT3WfY2GrPFBicTay5wd6IjsRMCn/lCG6IFFQUIF6z58gdwN4HlB6QCsDeaCgqjhRT1sXd/IsbI=
x-amz-request-id
C5EHYPV426Q2639M
Date
Fri, 13 Aug 2021 05:25:27 GMT
Last-Modified
Wed, 11 Aug 2021 11:07:56 GMT
ETag
"16df0cf23923acf5af350681cff038c3"
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Length
16549
styles.css
www.tax.service.gov.uk/personal-details-validation/assets/stylesheets/ 		133 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/personal-details-validation/assets/stylesheets/styles.css
Requested by
Host: www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.90.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-90-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3141d4bfc6483010ce95b086e872b2f62b44a8eef5d9ca80f1334fccfad18b00
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Content-Encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-envoy-upstream-service-time
3
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
17017
x-xss-protection
1; mode=block
X-UA-Compatible
IE=Edge
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options
SAMEORIGIN
ETag
"b9b53581bd239dc4820d0616e10cbb621e954f99"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=389
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Date
Fri, 13 Aug 2021 05:25:26 GMT
sub.png
www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/sub.png
Requested by
Host: www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c5e1e0edbabafe167ff8482a2ee6f5577e3c7ae94ff9dfbdbdb230b6f5cb65a6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Connection
keep-alive
Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 05:25:27 GMT
Last-Modified
Wed, 11 Aug 2021 11:07:56 GMT
Server
AmazonS3
x-amz-request-id
C5ESPDY77H8T0EEK
ETag
"bd4b7412770961bdf2897c58907ae467"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
736
x-amz-id-2
99Tb11MIB5KguntwOQTwZtBa/rza80Yr0nurUeeh6wc8hVZWHi+v7p49cb3sqzbm0kaXJv8bWuI=
all.js
www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/ 		88 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/all.js
Requested by
Host: www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.90.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-90-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c23338e2df8977b202fc1997b5abf81b7178efcb8994367d802b884e47d5d2c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-envoy-upstream-service-time
4
Connection
keep-alive
Content-Length
89680
x-xss-protection
1; mode=block
X-UA-Compatible
IE=Edge
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options
SAMEORIGIN
ETag
"b9c4bbb35266ee79e0d482502fe4705f04e07860"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=599
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Date
Fri, 13 Aug 2021 05:25:26 GMT
all.js
www.tax.service.gov.uk/personal-details-validation/assets/lib/hmrc-frontend/hmrc/ 		120 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/hmrc-frontend/hmrc/all.js
Requested by
Host: www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.90.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-90-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4fe60970ad0c47f265e455eb0ae1602b3f521d0d1b2d1f701857a9545d176c12
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Content-Encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-envoy-upstream-service-time
4
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
24331
x-xss-protection
1; mode=block
X-UA-Compatible
IE=Edge
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options
SAMEORIGIN
ETag
"e89f029711d97c49cd9ab1731a6131a2957e93b3"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=650
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Date
Fri, 13 Aug 2021 05:25:26 GMT
scripts-govuk-frontend.js
www.tax.service.gov.uk/personal-details-validation/assets/javascripts/ 		65 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/personal-details-validation/assets/javascripts/scripts-govuk-frontend.js
Requested by
Host: www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.90.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-90-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c5db45a4c8cfb16f7a84511712d027456ac77a7035e3d08d7953a71ef7309d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Content-Encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-envoy-upstream-service-time
5
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
63
x-xss-protection
1; mode=block
X-UA-Compatible
IE=Edge
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options
SAMEORIGIN
ETag
"f8fd935851709590d8644e8451b30676bca46ad4"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=440
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Date
Fri, 13 Aug 2021 05:25:26 GMT
gtm_dl.js
www.tax.service.gov.uk/personal-details-validation/assets/javascripts/ 		951 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/personal-details-validation/assets/javascripts/gtm_dl.js
Requested by
Host: www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com
URL: https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.90.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-90-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d87b66743ece66a11850627f776b21c9c35879a2e11b18a24c99ff926cf26d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-gov-uk-government-organisations-hm-revenue-customs.s3.eu-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Content-Encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-envoy-upstream-service-time
5
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
531
x-xss-protection
1; mode=block
X-UA-Compatible
IE=Edge
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options
SAMEORIGIN
ETag
"ceb1773d67f153a63145948a038a7cdc0d27027c"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=2405
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Date
Fri, 13 Aug 2021 05:25:26 GMT
light-94a07e06a1-v2.woff2
www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/ 		0
0
govuk-crest.png
www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/images/govuk-crest.png
Requested by
Host: www.tax.service.gov.uk
URL: https://www.tax.service.gov.uk/personal-details-validation/assets/stylesheets/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.90.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-90-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tax.service.gov.uk/personal-details-validation/assets/stylesheets/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' online.hmrc.gov.uk webchat-dev.tax.service.gov.uk *.analytics-egain.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://fonts.googleapis.com https://ssl.gstatic.com https://www.gstatic.com https://fonts.gstatic.com https://fonts.googleapis.com *.optimizely.com optimizely.s3.amazonaws.com data:
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-envoy-upstream-service-time
3
Connection
keep-alive
Content-Length
3584
x-xss-protection
1; mode=block
X-UA-Compatible
IE=Edge
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options
SAMEORIGIN
ETag
"c38a384627c5459dab08378617165c9ec5c56bc6"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Date
Fri, 13 Aug 2021 05:25:26 GMT
bold-b542beb274-v2.woff2
www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/ 		0
0
light-f591b13f7d-v2.woff
www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/ 		0
0
bold-affa96571d-v2.woff
www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.tax.service.gov.uk
URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/light-94a07e06a1-v2.woff2
Domain
www.tax.service.gov.uk
URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/bold-b542beb274-v2.woff2
Domain
www.tax.service.gov.uk
URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/light-f591b13f7d-v2.woff
Domain
www.tax.service.gov.uk
URL
https://www.tax.service.gov.uk/personal-details-validation/assets/lib/govuk-frontend/govuk/assets/fonts/bold-affa96571d-v2.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| GOVUKFrontend object| HMRCFrontend object| dataLayer

0 Cookies