brightwatertechnologies.com
Open in
urlscan Pro
216.10.253.203
Malicious Activity!
Public Scan
Effective URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2F...
Submission: On September 14 via manual from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 20th 2020. Valid for: 3 months.
This is the only time brightwatertechnologies.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 23.229.146.4 23.229.146.4 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
15 | 216.10.253.203 216.10.253.203 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
15 | 2 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-23-229-146-4.ip.secureserver.net
gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
brightwatertechnologies.com
brightwatertechnologies.com |
187 KB |
2 |
westvolusiaregionalchamber.org
2 redirects
gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org |
933 B |
15 | 2 |
Domain | Requested by | |
---|---|---|
15 | brightwatertechnologies.com |
brightwatertechnologies.com
|
2 | gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org | 2 redirects |
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
autodiscover.brightwatertechnologies.com Let's Encrypt Authority X3 |
2020-08-20 - 2020-11-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd
Frame ID: D6BAD3B60B9037F8635193BBE5483A45
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb
HTTP 301
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ HTTP 302
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Page URL
- https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&retu... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb
HTTP 301
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ HTTP 302
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Page URL
- https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb HTTP 301
- http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ HTTP 302
- https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Redirect Chain
|
293 B 526 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
initiate-application.php
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ |
25 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
1 KB 364 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
table.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
203 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
output.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
1 KB 575 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
baseout.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
1 KB 554 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mainout.css
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-button.png
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
540 B 571 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
action-link-arrow.svg
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
459 B 502 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1-a2452cb66f-bold.woff2
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
54 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1-f38ad40456-light.woff2
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
66 KB 67 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
255 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
255 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
255 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-government-licence.png
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
761 B 792 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
govuk-crest.png
brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
brightwatertechnologies.com/ | Name: PHPSESSID Value: rhdem91594p8av24p80kje0m75 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
brightwatertechnologies.com
gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org
216.10.253.203
23.229.146.4
03ff62efbe2fe5670d94982c3d5bcbb8837d4f43fa9b5e089d824fc0ef6e252d
0c198abb1d6d695c8a6b4e05b124712c972d164d58c07b12af5ccc1276b6e392
1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0
210a5993d72efa8b39cdda82b20ae5f26ba9ff2ecd40015083ccb0b8acaba9fd
2e1f6e6a4beefadeb56f8fed1ee1658c13d6ebfd907c173e357e0147ef4934c6
70cea3d94fdabf98eb279137d259df0b633be84eae60c8f33e78723448918685
8e40ee8bf8b49850b34ea341226ca4421597a64ffda587b0f72111677fd368bd
909fb151e23f93a60b9f6cc5b54310637146744341a6d57ad2302d3cf45875ed
af86a11f723d53bbd5d6e69f6d940f4c7b889b039913a98005db11fcba8fdce1
b541a11697568a33574dd56e5e08337999500dd1ae8eccf52eb84d602f92aa62
b98fe790388f58c950f2bed1ca8ad02fa168d6effa7aae7cb7fee81e51183f46
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
be83c947da6c602697be56d5f04bab2074ad9e8e7fe39807f814654fd691d328
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
c56ced251f97b6c202f2c1f5b20cac3fd27c5e47680e4f2cc2437607ccb3fa1a
ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585
fab961846a00803df1832b66d5ec1d7a2ba488be02881797c77de3ee1570ac37
fe881ce3d6b4e499a21c9e8d177f0317edc64a55a229b871d3c1664b4745a28a