british-gas-billing.co.uk
Open in
urlscan Pro
162.0.235.153
Malicious Activity!
Public Scan
Effective URL: https://british-gas-billing.co.uk/login.php?ECWZbDf&inID=niCIvdZCPxisQDrFWPIyPvSgouCkNroyUaBPKBgoWgeYBJJOiMteMJVLGjq
Submission Tags: 7194619
Submission: On June 23 via api from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 22nd 2021. Valid for: a year.
This is the only time british-gas-billing.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: British Gas (Utility)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 162.0.235.153 162.0.235.153 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2606:4700::68... 2606:4700::6812:1734 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
16 | 107.162.154.231 107.162.154.231 | 55002 (DEFENSE-NET) (DEFENSE-NET) | |
3 | 2606:4700:e4:... 2606:4700:e4::ac40:a717 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 5 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium152-4.web-hosting.com
british-gas-billing.co.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
britishgas.co.uk
www.britishgas.co.uk |
341 KB |
14 |
british-gas-billing.co.uk
1 redirects
british-gas-billing.co.uk |
224 KB |
4 |
fontawesome.com
kit.fontawesome.com ka-f.fontawesome.com |
23 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
34 | 4 |
Domain | Requested by | |
---|---|---|
16 | www.britishgas.co.uk |
british-gas-billing.co.uk
|
14 | british-gas-billing.co.uk |
1 redirects
british-gas-billing.co.uk
|
3 | ka-f.fontawesome.com |
kit.fontawesome.com
|
1 | code.jquery.com |
british-gas-billing.co.uk
|
1 | kit.fontawesome.com |
british-gas-billing.co.uk
|
34 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
british-gas-billing.co.uk Sectigo RSA Domain Validation Secure Server CA |
2021-06-22 - 2022-06-22 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
britishgas.co.uk DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-15 - 2022-01-19 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-13 - 2021-10-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://british-gas-billing.co.uk/login.php?ECWZbDf&inID=niCIvdZCPxisQDrFWPIyPvSgouCkNroyUaBPKBgoWgeYBJJOiMteMJVLGjq
Frame ID: 68C2DFB772EFFBC32AA0CC2B0A9E8731
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://british-gas-billing.co.uk/
HTTP 302
https://british-gas-billing.co.uk/login.php?ECWZbDf&inID=niCIvdZCPxisQDrFWPIyPvSgouCkNroyUaBPKBgoWgeYBJJOiMteM... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://british-gas-billing.co.uk/
HTTP 302
https://british-gas-billing.co.uk/login.php?ECWZbDf&inID=niCIvdZCPxisQDrFWPIyPvSgouCkNroyUaBPKBgoWgeYBJJOiMteMJVLGjq Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
british-gas-billing.co.uk/ Redirect Chain
|
97 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-vi-4.1.0.css
british-gas-billing.co.uk/css/ |
387 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
british-gas-billing.co.uk/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-1fa99b154aba94a6cd80d072703a1735.css
british-gas-billing.co.uk/css/ |
183 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity-3b8987f3a2f6a4077ed07a92a6fd861b.css
british-gas-billing.co.uk/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optanon.css
british-gas-billing.co.uk/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
75a58effc5.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.redirect.js
british-gas-billing.co.uk/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nucleus.min.js
british-gas-billing.co.uk/js/ |
648 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
functions.js
british-gas-billing.co.uk/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-logo-mobile.svg
www.britishgas.co.uk/aem6/content/dam/britishgas/beta/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
megamenu.png
www.britishgas.co.uk/aem6/content/dam/british-gas/beta/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation_image_hive.png
www.britishgas.co.uk/aem6/content/dam/british-gas/beta/images/ |
71 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rewards-logo.png
www.britishgas.co.uk/aem6/content/dam/britishgas/rewards/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-app.png
www.britishgas.co.uk/aem6/content/dam/britishgas/beta/images/ |
174 KB 175 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ |
3 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BGFlameWeb-Bold.woff2
www.britishgas.co.uk/nucleus/fonts/ |
9 KB 10 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BGFlameWeb-Regular.woff2
www.britishgas.co.uk/nucleus/fonts/ |
9 KB 11 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BGFlameWeb-Light.woff2
www.britishgas.co.uk/nucleus/fonts/ |
9 KB 10 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BGFlameWeb-Regular.woff2
british-gas-billing.co.uk/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BGFlameWeb-Bold.woff2
british-gas-billing.co.uk/fonts/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apple-store.svg
www.britishgas.co.uk/nucleus/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play.svg
www.britishgas.co.uk/nucleus/images/ |
4 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-twitter.svg
www.britishgas.co.uk/nucleus/images/ |
872 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-facebook.svg
www.britishgas.co.uk/nucleus/images/ |
451 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-youtube.svg
www.britishgas.co.uk/nucleus/images/ |
595 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-white.svg
www.britishgas.co.uk/nucleus/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrowRight.svg
www.britishgas.co.uk/nucleus/assets/british-gas/icons/ |
352 B 1 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrowRight.svg
www.britishgas.co.uk/nucleus/assets/british-gas/icons/ |
352 B 1 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BGFlameWeb-Regular.woff
british-gas-billing.co.uk/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BGFlameWeb-Regular.ttf
british-gas-billing.co.uk/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: British Gas (Utility)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| FontAwesomeKitConfig function| $ function| jQuery object| WebComponents function| valid_credit_card function| clear_field function| submit function| lookup_postcode object| litHtmlVersions object| regeneratorRuntime function| JSCompiler_renameProperty object| litElementVersions1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
british-gas-billing.co.uk/ | Name: PHPSESSID Value: 1c862a6591d6b8dd38ea3f4def57e077 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
british-gas-billing.co.uk
code.jquery.com
ka-f.fontawesome.com
kit.fontawesome.com
www.britishgas.co.uk
107.162.154.231
162.0.235.153
2001:4de0:ac18::1:a:2b
2606:4700::6812:1734
2606:4700:e4::ac40:a717
06b26acc9673dcdef6cd50822c2ade6d4964a8be8ef63d123bf41cbf8a2ae011
0b09bd432167b281c5a25bcc8b257e2f1c1ae28a7930d0cad0cbfbfb10759d21
0e2271416e3b4602f86ee76f20a460b1396c22503aa08806fabc0c5ef1837a88
137ad81cbeb7d90b2067114957f2c17e18fa53199ebde41291fce5f70eb20b91
276fadbe1f64b8dab0b365111b1913cc998783526e2b2800ef476a438a919e2e
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
363b12053cedc463aba73d29e01865d61984f6c2f93a6bebd3027a813d3e41b9
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
500f068123155e82228e3e5bdf823dcb205435517ae1ec083ff6fc7fc92269fa
5015eb90c675eee69902fbfb4949479d7690e66bc69ff908092cdbe9e4aaa90e
64fca046bb127ddc97b944e176cf8d0aca0b00b5a432e797a95e12e7b2fc73c6
6738a4d0accea554917970d42cecc58a4e4b1ca67b4a5104125ddd01ef5527f9
6d69ae5c4892d35573385da52afebec92fb02feaf7670b0684c1b2aa6f2cfb98
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d13f1e378e2fd38332e71773cb3d8f46320881c60a35ccd88ab5705fdee6dae
90a2460a4b92b0343f29557e077688324f069fabe798f38cd2ae98350dfb6714
a900f743055a4adf42c76a01dcb1fda797874fbc04399dd0b3b58538229d1c7c
a9102070f4757d464407a955fa95cd641d4395278a42830a8b2abfd9c43135e2
a9ddb65df33887c8e783512e4371777aeae92d32f10bf82da633ebb52cc62649
aa15184dfdda74745c13d78b0ccd808b4b2ba41f022e134328ce49548a51b67f
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
bf58e85e66a406b2f3e2e280afbf0a8893a7f84a55a5ac7c84d87c401c6f6009
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c2c44c83c05b7d2d3e4bdcd9f220f97caca01ceb275e96dfb6f43c9be41b0f36
ca02440dbd339328aed27a9c113a09f027591595be89318a7bfc933a540b9677
d434c7d64ceb7636d50d00eff0380e325d7fbd48182721325af68b62526ed928
f41688c09a1f8e77333dfa1dd29bed35b4fb8d0a2caf4ea3891d18669fa2c811
fb3fcf943e1bc91993b2cf2a941c7424eaf0fa062b465d4424a0b8d54a5561c0
fb6ee0cdeef2dcd708e1970b2944baf5109c1643cc9505ce04071d5379af39f0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e