brightwatertechnologies.com Open in urlscan Pro
216.10.253.203 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb
Effective URL:
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2F...
Submission: On September 14 via manual (September 14th 2020, 7:27:58 am UTC) from GB

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 216.10.253.203, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is brightwatertechnologies.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 20th 2020. Valid for: 3 months.

This is the only time brightwatertechnologies.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
2 2	23.229.146.4 23.229.146.4	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
15	216.10.253.203 216.10.253.203	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
15	2

2 23.229.146.4 (Scottsdale, United States) 2 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-23-229-146-4.ip.secureserver.net

gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.10.253.203 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)

brightwatertechnologies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	brightwatertechnologies.com brightwatertechnologies.com	187 KB
2	westvolusiaregionalchamber.org 2 redirects gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org	933 B
15	2

	Domain	Requested by
15	brightwatertechnologies.com	brightwatertechnologies.com
2	gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org	2 redirects
15	2

This site contains no links.

Subject Issuer	Validity	Valid
autodiscover.brightwatertechnologies.com Let's Encrypt Authority X3	`2020-08-20` - `2020-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd
Frame ID: D6BAD3B60B9037F8635193BBE5483A45
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb HTTP 301
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ HTTP 302
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Page URL
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&retu... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

187 kB
Transfer

405 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb HTTP 301
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ HTTP 302
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Page URL
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb HTTP 301
http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ HTTP 302
https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/

15 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Redirect Chain http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb http://gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org/implementclmprocessgb/ https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/	293 B 526 B	2135ms 1688ms	Document text/html	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / PHP/5.6.40 Resource Hash `b541a11697568a33574dd56e5e08337999500dd1ae8eccf52eb84d602f92aa62` Request headers :method GET :authority brightwatertechnologies.com :scheme https :path /publicmrc/oreqdocus/etaxwebsite/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 14 Sep 2020 07:27:42 GMT server nginx/1.17.6 content-type text/html; charset=UTF-8 x-powered-by PHP/5.6.40 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding content-encoding gzip accept-ranges none x-server-cache false set-cookie PHPSESSID=rhdem91594p8av24p80kje0m75; path=/ content-length 262 Redirect headers Date Mon, 14 Sep 2020 07:27:40 GMT Server Apache X-Powered-By PHP/5.5.38 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=ncjutc3k5c6osrklhlgqk2f7h7; path=/ Location https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 116 Keep-Alive timeout=5 Connection Keep-Alive Content-Type text/html
GET H2	200	Primary Request initiate-application.php Show response brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/	25 KB 7 KB	378ms 378ms	Document text/html	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / PHP/5.6.40 Resource Hash `70cea3d94fdabf98eb279137d259df0b633be84eae60c8f33e78723448918685` Request headers :method GET :authority brightwatertechnologies.com :scheme https :path /publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ accept-encoding gzip, deflate, br accept-language en-US cookie PHPSESSID=rhdem91594p8av24p80kje0m75 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/ Response headers status 200 date Mon, 14 Sep 2020 07:27:42 GMT server nginx/1.17.6 content-type text/html; charset=UTF-8 x-powered-by PHP/5.6.40 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding content-encoding gzip accept-ranges none x-server-cache false content-length 7193
GET H2	200	styles.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	14 KB 4 KB	253ms 250ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/styles.css?OkkwvqtuZssDLxuzuWWmhBeEIYrTW Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `c56ced251f97b6c202f2c1f5b20cac3fd27c5e47680e4f2cc2437607ccb3fa1a` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:42 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none content-length 3606
GET H2	200	fonts.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	1 KB 364 B	251ms 249ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/fonts.css?IchDSaysTrwforeiNBVuCAyKZqewOWhWyOaRpZJI Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `fe881ce3d6b4e499a21c9e8d177f0317edc64a55a229b871d3c1664b4745a28a` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:42 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none content-length 331
GET H2	200	base.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	27 KB 7 KB	224ms 222ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/base.css?XgjgIwugboMgbFyPHxqdwQYRxwoWpZUNGDtOAovccIIENHUUEL Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `03ff62efbe2fe5670d94982c3d5bcbb8837d4f43fa9b5e089d824fc0ef6e252d` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:42 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none content-length 7342
GET H2	200	table.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	203 KB 38 KB	366ms 364ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/table.css?bGJtWLNbIJINNvfYBSoSEFKMobne Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `909fb151e23f93a60b9f6cc5b54310637146744341a6d57ad2302d3cf45875ed` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:42 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:18 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none
GET H2	200	output.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	1 KB 575 B	522ms 521ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/output.css Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none content-length 520
GET H2	200	baseout.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	1 KB 554 B	267ms 266ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/baseout.css?bXSYTGvIgPW Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `8e40ee8bf8b49850b34ea341226ca4421597a64ffda587b0f72111677fd368bd` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:42 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none content-length 522
GET H2	200	mainout.css brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	6 KB 2 KB	256ms 255ms	Stylesheet text/css	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/mainout.css?AOfKICVVddemrshXQjpEBtKMGynuca Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `2e1f6e6a4beefadeb56f8fed1ee1658c13d6ebfd907c173e357e0147ef4934c6` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/initiate-application.php?/tax/UK/claim/&return_uri=http%3A%2F%2Ftax.g0v%21%40%24%25.com%2FsAkdZOIFGDyD&applicantID=gTFxtSJUocDUmloaCMSCwwcLFhRJfVwMoBJhUTCJvFdirSIuebwbXYnd User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:42 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges none content-length 1974
GET H2	200	search-button.png brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	540 B 571 B	501ms 501ms	Image image/png	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/search-button.png Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/base.css?XgjgIwugboMgbFyPHxqdwQYRxwoWpZUNGDtOAovccIIENHUUEL Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/base.css?XgjgIwugboMgbFyPHxqdwQYRxwoWpZUNGDtOAovccIIENHUUEL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false content-type image/png status 200 accept-ranges bytes content-length 540
GET H2	200	action-link-arrow.svg brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	459 B 502 B	367ms 366ms	Image image/svg+xml	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/action-link-arrow.svg Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/base.css?XgjgIwugboMgbFyPHxqdwQYRxwoWpZUNGDtOAovccIIENHUUEL Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `af86a11f723d53bbd5d6e69f6d940f4c7b889b039913a98005db11fcba8fdce1` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/base.css?XgjgIwugboMgbFyPHxqdwQYRxwoWpZUNGDtOAovccIIENHUUEL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false content-type image/svg+xml status 200 accept-ranges bytes content-length 459
GET H2	200	v1-a2452cb66f-bold.woff2 brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	54 KB 55 KB	220ms 220ms	Font font/woff2	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/v1-a2452cb66f-bold.woff2 Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/fonts.css?IchDSaysTrwforeiNBVuCAyKZqewOWhWyOaRpZJI Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `be83c947da6c602697be56d5f04bab2074ad9e8e7fe39807f814654fd691d328` Request headers Origin https://brightwatertechnologies.com Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/fonts.css?IchDSaysTrwforeiNBVuCAyKZqewOWhWyOaRpZJI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT last-modified Fri, 11 Sep 2020 16:55:18 GMT server nginx/1.17.6 x-server-cache false content-type font/woff2 status 200 accept-ranges bytes content-length 55428
GET H2	200	v1-f38ad40456-light.woff2 brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	66 KB 67 KB	216ms 216ms	Font font/woff2	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/v1-f38ad40456-light.woff2 Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/fonts.css?IchDSaysTrwforeiNBVuCAyKZqewOWhWyOaRpZJI Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `b98fe790388f58c950f2bed1ca8ad02fa168d6effa7aae7cb7fee81e51183f46` Request headers Origin https://brightwatertechnologies.com Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/fonts.css?IchDSaysTrwforeiNBVuCAyKZqewOWhWyOaRpZJI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT last-modified Fri, 11 Sep 2020 16:55:18 GMT server nginx/1.17.6 x-server-cache false content-type font/woff2 status 200 accept-ranges bytes content-length 67900
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `210a5993d72efa8b39cdda82b20ae5f26ba9ff2ecd40015083ccb0b8acaba9fd` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fab961846a00803df1832b66d5ec1d7a2ba488be02881797c77de3ee1570ac37` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0c198abb1d6d695c8a6b4e05b124712c972d164d58c07b12af5ccc1276b6e392` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	open-government-licence.png brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	761 B 792 B	358ms 358ms	Image image/png	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/open-government-licence.png Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/styles.css?OkkwvqtuZssDLxuzuWWmhBeEIYrTW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/styles.css?OkkwvqtuZssDLxuzuWWmhBeEIYrTW User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false content-type image/png status 200 accept-ranges bytes content-length 761
GET H2	200	govuk-crest.png brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/	4 KB 4 KB	214ms 214ms	Image image/png	216.10.253.203 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/govuk-crest.png Requested by Host: brightwatertechnologies.com URL: https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/styles.css?OkkwvqtuZssDLxuzuWWmhBeEIYrTW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.253.203 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b` Request headers Referer https://brightwatertechnologies.com/publicmrc/oreqdocus/etaxwebsite/src/styles.css?OkkwvqtuZssDLxuzuWWmhBeEIYrTW User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Sep 2020 07:27:43 GMT last-modified Fri, 11 Sep 2020 16:55:17 GMT server nginx/1.17.6 x-server-cache false content-type image/png status 200 accept-ranges bytes content-length 3584

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			brightwatertechnologies.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: rhdem91594p8av24p80kje0m75

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brightwatertechnologies.com
gatewaygovcustomer-portal-ereimbursementshm-rc-govgb.westvolusiaregionalchamber.org
216.10.253.203
23.229.146.4
03ff62efbe2fe5670d94982c3d5bcbb8837d4f43fa9b5e089d824fc0ef6e252d
0c198abb1d6d695c8a6b4e05b124712c972d164d58c07b12af5ccc1276b6e392
1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0
210a5993d72efa8b39cdda82b20ae5f26ba9ff2ecd40015083ccb0b8acaba9fd
2e1f6e6a4beefadeb56f8fed1ee1658c13d6ebfd907c173e357e0147ef4934c6
70cea3d94fdabf98eb279137d259df0b633be84eae60c8f33e78723448918685
8e40ee8bf8b49850b34ea341226ca4421597a64ffda587b0f72111677fd368bd
909fb151e23f93a60b9f6cc5b54310637146744341a6d57ad2302d3cf45875ed
af86a11f723d53bbd5d6e69f6d940f4c7b889b039913a98005db11fcba8fdce1
b541a11697568a33574dd56e5e08337999500dd1ae8eccf52eb84d602f92aa62
b98fe790388f58c950f2bed1ca8ad02fa168d6effa7aae7cb7fee81e51183f46
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
be83c947da6c602697be56d5f04bab2074ad9e8e7fe39807f814654fd691d328
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
c56ced251f97b6c202f2c1f5b20cac3fd27c5e47680e4f2cc2437607ccb3fa1a
ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585
fab961846a00803df1832b66d5ec1d7a2ba488be02881797c77de3ee1570ac37
fe881ce3d6b4e499a21c9e8d177f0317edc64a55a229b871d3c1664b4745a28a

brightwatertechnologies.com Open in urlscan Pro 216.10.253.203 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

187 kBTransfer

405 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

Indicators

brightwatertechnologies.com Open in urlscan Pro
216.10.253.203 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

187 kB
Transfer

405 kB
Size

1
Cookies

15 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!