dev-delegation-v2.trade.azure.defra.cloud
Open in
urlscan Pro
107.162.142.135
Malicious Activity!
Public Scan
Effective URL: https://dev-delegation-v2.trade.azure.defra.cloud/Error/401
Submission: On June 07 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 7th 2024. Valid for: a year.
This is the only time dev-delegation-v2.trade.azure.defra.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 107.162.142.135 107.162.142.135 | 55002 (DEFENSE-NET) (DEFENSE-NET) | |
13 | 1 |
ASN55002 (DEFENSE-NET, US)
dev-delegation-v2.trade.azure.defra.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
defra.cloud
1 redirects
dev-delegation-v2.trade.azure.defra.cloud |
168 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
14 | dev-delegation-v2.trade.azure.defra.cloud |
1 redirects
dev-delegation-v2.trade.azure.defra.cloud
|
13 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.uk |
www.nationalarchives.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.trade.azure.defra.cloud DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-05-07 - 2025-06-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dev-delegation-v2.trade.azure.defra.cloud/Error/401
Frame ID: 605D407FD275E3C86721D4298803C448
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
GOV.UK - UnauthorisedPage URL History Show full URLs
-
https://dev-delegation-v2.trade.azure.defra.cloud/
HTTP 302
https://dev-delegation-v2.trade.azure.defra.cloud/Error/401 Page URL
Detected technologies
GOV.UK Frontend (UI frameworks) ExpandDetected patterns
- <body[^>]+govuk-template__body
- <a[^>]+govuk-link
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: GOV.UK
Search URL Search Domain Scan URL
Title: Open Government Licence v3.0
Search URL Search Domain Scan URL
Title: © Crown copyright
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dev-delegation-v2.trade.azure.defra.cloud/
HTTP 302
https://dev-delegation-v2.trade.azure.defra.cloud/Error/401 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
401
dev-delegation-v2.trade.azure.defra.cloud/Error/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk.frontend.min.css
dev-delegation-v2.trade.azure.defra.cloud/css/ |
96 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extensions.min.css
dev-delegation-v2.trade.azure.defra.cloud/css/ |
64 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk.min.css
dev-delegation-v2.trade.azure.defra.cloud/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overload.css
dev-delegation-v2.trade.azure.defra.cloud/css/ |
61 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk.frontend.min.js
dev-delegation-v2.trade.azure.defra.cloud/js/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extensions.min.js
dev-delegation-v2.trade.azure.defra.cloud/js/ |
97 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk.min.js
dev-delegation-v2.trade.azure.defra.cloud/js/ |
6 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loggedIn.min.css
dev-delegation-v2.trade.azure.defra.cloud/css/ |
682 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk-crest.png
dev-delegation-v2.trade.azure.defra.cloud/assets/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light-94a07e06a1-v2.woff2
dev-delegation-v2.trade.azure.defra.cloud/assets/fonts/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bold-b542beb274-v2.woff2
dev-delegation-v2.trade.azure.defra.cloud/assets/fonts/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
dev-delegation-v2.trade.azure.defra.cloud/assets/images/ |
14 KB 16 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| GOVUKFrontend object| html5 function| Zepto function| $ function| axios function| Selectr function| DataTable object| GOVUK5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dev-delegation-v2.trade.azure.defra.cloud/signin-oidc | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8M1P-kpr9FBLsEL7y40fiNbJcFyfJgV_i27rp3cjLsecMLi-T_WUOdS4UNE5Sg5C6z_oZUiCzk9XuY_PX5RY9WfP1W4KoynGlR1YfNnH0tzSQb_PsdScyBOLb8cInbsma8kyaVZ1zzbxrjI0OK4Bu4l21s9t7ZxmxdNgGXShQnDeJ1xZ5buzCc5KGsqH-dGcZc8v9YEU63X6KxoAtC2X8lTHrljcK3qeDU_oqd_HzHWAlbSza-eTm1gO9oTkonPt9BGCcf2PRKJz22IVVWTRhoQ Value: N |
|
dev-delegation-v2.trade.azure.defra.cloud/signin-oidc | Name: .AspNetCore.Correlation.EIOZhwZXaM11j7oKiNVkxcX3O7gL6BkDCgiyDur8kh0 Value: N |
|
dev-delegation-v2.trade.azure.defra.cloud/signin-oidc | Name: TS018c85d9 Value: 01edd7ee4b92eccd5a148541f20a3a3d421d791e3e85105566d578abbcf7854e61285a030fc67bf34db3e9ab23b2a81fa5bd51ecb4 |
|
dev-delegation-v2.trade.azure.defra.cloud/ | Name: TS01d7e365 Value: 01edd7ee4b92eccd5a148541f20a3a3d421d791e3e85105566d578abbcf7854e61285a030fc67bf34db3e9ab23b2a81fa5bd51ecb4 |
|
dev-delegation-v2.trade.azure.defra.cloud/ | Name: TS5e5e7d69027 Value: 08c367c2e5ab20005ec0f9bfc4beae8896bfa6d5e36171db93d34e73d2ed91241554a56e7087a4b00836c37d3a1130005a5e0717373dafd03ab7c984620ed113896fcd009aa29e3ab2b22238bff4e6ee61fbac601ecd29d04633d40dab513a0b |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';base-uri 'self';child-src 'self';connect-src 'self' https://www.google-analytics.com;default-src 'none';font-src 'self' https://fonts.gstatic.com data:;frame-ancestors 'self';frame-src 'self';img-src 'self' https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://www.google-analytics.com data:;manifest-src 'none';media-src 'self';object-src 'none';script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com/gtm.js 'unsafe-inline';style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com;worker-src 'self';upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dev-delegation-v2.trade.azure.defra.cloud
107.162.142.135
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
1b4ff33440740c61e52c139abb7484a3ca4f9f191ad8c0d37633cbf9ec72a671
2f1c7695ca53976deda7a070f30e1af1d912fe063a51be4ce15184f77ad7cddc
30b08ea2f8d1ed54ca63f4be49859eda1c8e26b48add245198a282bc5f475a07
7d7ffc81c982d9015f75dd208ee367798075fbdb6646ffff0a3fd481a54ba8d0
8a36e41c292aa3522fab3fa29f9ba450fbb2dc08bc106e0324d0acfacfc4fec6
8f6fb506b1e39d19ba3ce3bf9dbc91effc7265440682dc19524630ef6c554598
9bd5eab2d39125fa15394278e6c1d2bfddcb5d3ce0c0c581873f2a5f51c36df8
a26c753f8a215862daa06442a7ef2007a924526a19801d2ec71742e0b888ff7c
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c430cbb3c12b6da493a0bd6ef5fb05aa26e891823ffb66cb8a7d00f501998fe4
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
f20b8285392e866956853ce567218d4b237a9c95740915da62c49eb321b234af