bbtcomphonevoipcloudvoice.web.app Open in urlscan Pro
151.101.1.195 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://flavourztdmogltn.com/re
Effective URL:
https://bbtcomphonevoipcloudvoice.web.app/
Submission: On September 12 via automatic, source phishtank (September 12th 2020, 4:05:44 am UTC)

Summary HTTP 15 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is bbtcomphonevoipcloudvoice.web.app.
TLS certificate: Issued by GTS CA 1O1 on April 15th 2020. Valid for: a year.

This is the only time bbtcomphonevoipcloudvoice.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 2	5.226.168.223 5.226.168.223	43578 (BITNAP bi...) (BITNAP bitNAP Datacenter 01 Barcelona)
14	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
15	2

2 5.226.168.223 (Madrid, Spain) 1 redirects

ASN43578 (BITNAP bitNAP Datacenter 01 Barcelona, ES)
PTR: 223.168.226.5.techserverdns.com

flavourztdmogltn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

bbtcomphonevoipcloudvoice.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	web.app bbtcomphonevoipcloudvoice.web.app	126 KB
2	flavourztdmogltn.com 1 redirects flavourztdmogltn.com	597 B
15	2

	Domain	Requested by
14	bbtcomphonevoipcloudvoice.web.app	bbtcomphonevoipcloudvoice.web.app
2	flavourztdmogltn.com	1 redirects
15	2

This site contains links to these domains. Also see Links.

Domain
home.bt.com
my.bt.com
bt.custhelp.com
www.bt.com
signin1.bt.com

Subject Issuer	Validity	Valid
flavourztdmogltn.com cPanel, Inc. Certification Authority	`2020-09-06` - `2020-12-05`	3 months	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bbtcomphonevoipcloudvoice.web.app/
Frame ID: 095CBC31251E56A95FEDA71398087D31
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://flavourztdmogltn.com/re HTTP 301
https://flavourztdmogltn.com/re/ Page URL
https://bbtcomphonevoipcloudvoice.web.app/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

126 kB
Transfer

565 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://home.bt.com/
Title:

Search URL Search Domain Scan URL

URL: https://my.bt.com/s/apps/appsselfserve/index.html#/forgotlogindetails?srfd=y
Title: Forgotten your login details?

Search URL Search Domain Scan URL

URL: http://bt.custhelp.com/app/answers/detail/a_id/9193
Title: Security

Search URL Search Domain Scan URL

URL: http://www.bt.com/help
Title: Help

Search URL Search Domain Scan URL

URL: https://www.bt.com/mybt/signup
Title: Create one

Search URL Search Domain Scan URL

URL: https://my.bt.com/ordertracking
Title: Track your order >

Search URL Search Domain Scan URL

URL: https://my.bt.com/help/home/faults/
Title: Report or track a fault >

Search URL Search Domain Scan URL

URL: https://my.bt.com/s/apps/appsbills/index.html#/logoutmakepaymentindex
Title: Pay a bill >

Search URL Search Domain Scan URL

URL: http://my.bt.com/help/home/
Title: Get help or contact us >

Search URL Search Domain Scan URL

URL: http://my.bt.com/mybtapp/download/
Title: Download the My BT App >

Search URL Search Domain Scan URL

URL: https://signin1.bt.com/login/emailloginform
Title: Go to our email log in page >

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://flavourztdmogltn.com/re HTTP 301
https://flavourztdmogltn.com/re/ Page URL
https://bbtcomphonevoipcloudvoice.web.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://flavourztdmogltn.com/re HTTP 301
https://flavourztdmogltn.com/re/

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
flavourztdmogltn.com/re/
Redirect Chain

https://flavourztdmogltn.com/re
https://flavourztdmogltn.com/re/

103 B
344 B

92ms
91ms

Document
text/html

5.226.168.223
BITNAP bitNAP Dat...

General

Check archive.org

Show headers Download Go to

Full URL: https://flavourztdmogltn.com/re/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.168.223 Madrid, Spain, ASN43578 (BITNAP bitNAP Datacenter 01 Barcelona, ES),
Reverse DNS: 223.168.226.5.techserverdns.com
Software: Apache /
Resource Hash: 4fea11682a2405c3c2bb1a95bd600cb53c14e02240537dd9d84d307c5faaf13f

Request headers

Host: flavourztdmogltn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Sep 2020 04:05:28 GMT
Server: Apache
Last-Modified: Fri, 11 Sep 2020 16:42:44 GMT
Accept-Ranges: bytes
Content-Length: 103
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Sat, 12 Sep 2020 04:05:28 GMT
Server: Apache
Location: https://flavourztdmogltn.com/re/
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 Primary Request / Show response
bbtcomphonevoipcloudvoice.web.app/ 10 KB
3 KB 495ms
421ms Document
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

494714c616a8bbd9cd22a64f3b29ed460cd551c4d1a8d6644e3cad7d2c459fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: bbtcomphonevoipcloudvoice.web.app
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://flavourztdmogltn.com/re/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://flavourztdmogltn.com/re/

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "c523206a713d84883a14d87ec5d0a924e116c9a6e0fc44c874fcd70b99e7cd4f-br"
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Sat, 12 Sep 2020 04:05:29 GMT
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1599883529.630756,VS0,VE385
vary: x-fh-requested-host, accept-encoding
content-length: 2628

GET
H2 200 common-reset.css
bbtcomphonevoipcloudvoice.web.app/ 9 KB
3 KB 365ms
364ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/common-reset.css

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

95a3ce4936a52088271fe5aba0c81c6fc4b41a19fad4e8d74ba525588bdd8e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883529.068427,VS0,VE324
etag: "4bd650f5e32c6c465ab2c97fa695ae4d8e6c09486d64037294a46ed11a6f5139-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 2453
x-cache-hits: 0

GET
H2 200 common.css
bbtcomphonevoipcloudvoice.web.app/ 179 KB
27 KB 470ms
469ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/common.css

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d54e0580ca7a4ac1f0875a9c868dda437afc604a7fdc62017aef656073292dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883529.068404,VS0,VE429
etag: "830fd200ad054ddb18de9ded67ec34a39975d24037aa6542544d4be0878e3cdd-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 27645
x-cache-hits: 0

GET
H2 200 index.css
bbtcomphonevoipcloudvoice.web.app/ 125 KB
15 KB 407ms
406ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/index.css

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2bd91206438defea90f35555c021d0603d381c0aface74f81216cc5d7d911ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883529.068399,VS0,VE356
etag: "6aeedd7410f3fa21ccbdf6de9577d5f3f9965ffd32f9e65d6df51ae21655b247-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 15312
x-cache-hits: 0

GET
H2 200 bts-common.css
bbtcomphonevoipcloudvoice.web.app/ 87 KB
10 KB 391ms
390ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/bts-common.css

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30414205b7544851a7365e986523449c0348f3086178a6b75444063f3f2b0de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883529.068384,VS0,VE350
etag: "386e9991c2d88ca5abb35e8a5dd7ac9e8d724f464b1905bd70e4178a90cd2786-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 9670
x-cache-hits: 0

GET
H2 200 login-index.css
bbtcomphonevoipcloudvoice.web.app/ 78 KB
11 KB 374ms
373ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/login-index.css

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4462c86a9ca2e6018be426224a658d8005e97b6f8d44554d9043f188a6f662c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883529.068381,VS0,VE333
etag: "5ede9c8fc115b7d2caebe7c98d3bce487d90f41f8c331ff0124bb2030facdf0f-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 10883
x-cache-hits: 0

GET
H2 200 rebrand-bt-logo-login-page-136440342141502601-200609022505.png
bbtcomphonevoipcloudvoice.web.app/ 2 KB
2 KB 355ms
354ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbtcomphonevoipcloudvoice.web.app/rebrand-bt-logo-login-page-136440342141502601-200609022505.png

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883529.068374,VS0,VE314
etag: "402845689c3844a1bd458020efbb7a9c18c7519d2483bc4e8fb436a5230c0654-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 1646
x-cache-hits: 0

GET
H2 200 logintextboxbg.png
bbtcomphonevoipcloudvoice.web.app/ 966 B
664 B 415ms
414ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbtcomphonevoipcloudvoice.web.app/logintextboxbg.png

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/login-index.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/login-index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.555835,VS0,VE378
etag: "ddaea4e7416e3c426aeb5f3eef6e38ce470b6b32d84c8f58d4b9c38a62a8486c-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 543
x-cache-hits: 0

GET
H2 200 icons-sprite-8bit.png
bbtcomphonevoipcloudvoice.web.app/ 5 KB
5 KB 358ms
357ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbtcomphonevoipcloudvoice.web.app/icons-sprite-8bit.png

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/common.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/common.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.555823,VS0,VE322
etag: "fd7cbcbe1d5001796c3b096ddda036f29bd64c20929bdb98002bf3d325f621d0-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 4550
x-cache-hits: 0

GET
H2 200 LoginButtonBg.png
bbtcomphonevoipcloudvoice.web.app/ 211 B
321 B 353ms
353ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbtcomphonevoipcloudvoice.web.app/LoginButtonBg.png

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/common.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/common.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.555800,VS0,VE318
etag: "eeca699e3a37e377f48a7d66f7e89bc2c77c372e9013f4120372e025446dbd69"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 211
x-cache-hits: 0

GET
H2 200 login-back.png
bbtcomphonevoipcloudvoice.web.app/ 279 B
389 B 387ms
386ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbtcomphonevoipcloudvoice.web.app/login-back.png

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/common.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/common.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.556313,VS0,VE350
etag: "be63fa2784f2efd90e5a462e9a784573c7b792f6d779317550109ac77356425c"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 279
x-cache-hits: 0

GET
H2 200 bttv_rg-webfont.woff
bbtcomphonevoipcloudvoice.web.app/ 26 KB
26 KB 448ms
448ms Font
font/woff 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/bttv_rg-webfont.woff

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/index.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Origin: https://bbtcomphonevoipcloudvoice.web.app
Referer: https://bbtcomphonevoipcloudvoice.web.app/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.556300,VS0,VE412
etag: "5ac27c87ae69998bb59673788900486a060bd921d39676423862452b5c4a7a41-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: font/woff
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 26469
x-cache-hits: 0

GET
H2 200 bt-footer-bg.jpg
bbtcomphonevoipcloudvoice.web.app/ 1 KB
991 B 397ms
397ms Image
image/jpeg 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbtcomphonevoipcloudvoice.web.app/bt-footer-bg.jpg

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/common-reset.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbf86fc1cedf23b294f4610fe0140df33f350071028953d6cc1c2c4249851038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bbtcomphonevoipcloudvoice.web.app/common-reset.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.556668,VS0,VE361
etag: "49fd970ba9685a0855b61170f56f548d62fdf44c171d87c6ced47f8d7a0b64c4-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 697
x-cache-hits: 0

GET
H2 200 c819169cf566cfac84316715e8fde52fc3d93be0
bbtcomphonevoipcloudvoice.web.app/ 42 KB
24 KB 471ms
470ms Font
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bbtcomphonevoipcloudvoice.web.app/c819169cf566cfac84316715e8fde52fc3d93be0

Requested by

Host: bbtcomphonevoipcloudvoice.web.app
URL: https://bbtcomphonevoipcloudvoice.web.app/common-reset.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Origin: https://bbtcomphonevoipcloudvoice.web.app
Referer: https://bbtcomphonevoipcloudvoice.web.app/common-reset.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Fri, 11 Sep 2020 14:35:19 GMT
x-timer: S1599883530.557153,VS0,VE434
etag: "34b9db71e8f106a68d70395368420d2ac74a32e9161fd02f086c9149c689d388-br"
x-served-by: cache-bma1627-BMA
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=3600
date: Sat, 12 Sep 2020 04:05:29 GMT
accept-ranges: bytes
content-length: 23944
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbtcomphonevoipcloudvoice.web.app
flavourztdmogltn.com
151.101.1.195
5.226.168.223
1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
2bd91206438defea90f35555c021d0603d381c0aface74f81216cc5d7d911ed0
30414205b7544851a7365e986523449c0348f3086178a6b75444063f3f2b0de9
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
4462c86a9ca2e6018be426224a658d8005e97b6f8d44554d9043f188a6f662c8
494714c616a8bbd9cd22a64f3b29ed460cd551c4d1a8d6644e3cad7d2c459fe5
4fea11682a2405c3c2bb1a95bd600cb53c14e02240537dd9d84d307c5faaf13f
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
95a3ce4936a52088271fe5aba0c81c6fc4b41a19fad4e8d74ba525588bdd8e00
cbf86fc1cedf23b294f4610fe0140df33f350071028953d6cc1c2c4249851038
d54e0580ca7a4ac1f0875a9c868dda437afc604a7fdc62017aef656073292dd8

bbtcomphonevoipcloudvoice.web.app Open in urlscan Pro 151.101.1.195 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

126 kBTransfer

565 kBSize

0 Cookies

11 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

bbtcomphonevoipcloudvoice.web.app Open in urlscan Pro
151.101.1.195 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

126 kB
Transfer

565 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!