en.home.gb-bt.com Open in urlscan Pro
207.180.192.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://en.home.gb-bt.com/bill-payment/
Submission: On July 10 via api (July 10th 2020, 9:19:29 am UTC) from TW

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 207.180.192.202, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is en.home.gb-bt.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 30th 2020. Valid for: 3 months.

This is the only time en.home.gb-bt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
1 24	207.180.192.202 207.180.192.202		51167 (CONTABO) (CONTABO)
23	2

24 207.180.192.202 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: server10lexus.flaunt7.com

en.home.gb-bt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gb-bt.com 1 redirects en.home.gb-bt.com	260 KB
23	1

	Domain	Requested by
24	en.home.gb-bt.com	1 redirects en.home.gb-bt.com
23	1

This site contains no links.

Subject Issuer	Validity	Valid
en.home.gb-bt.com ZeroSSL RSA Domain Secure Site CA	`2020-06-30` - `2020-09-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://en.home.gb-bt.com/bill-payment/
Frame ID: 43CFEB86242593165E997F2206062CC5
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://en.home.gb-bt.com/bill-payment HTTP 301
https://en.home.gb-bt.com/bill-payment/ Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

301 kB
Transfer

865 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://en.home.gb-bt.com/bill-payment HTTP 301
https://en.home.gb-bt.com/bill-payment/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response en.home.gb-bt.com/bill-payment/ Redirect Chain https://en.home.gb-bt.com/bill-payment https://en.home.gb-bt.com/bill-payment/	22 KB 5 KB	122ms 122ms	Document text/html	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `a435856590fe2f653591f07b81efcc0584b63768d3ac4116235d837a674d3d7a` Request headers :method GET :authority en.home.gb-bt.com :scheme https :path /bill-payment/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 set-cookie site_vis=6094; secure PHPSESSID=f3ff3523b485d2b1cb9bc42e79053aaf; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Fri, 10 Jul 2020 09:19:01 GMT server LiteSpeed Redirect headers status 301 content-type text/html content-length 706 date Fri, 10 Jul 2020 09:19:01 GMT server LiteSpeed location https://en.home.gb-bt.com/bill-payment/ alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H2	200	override.css en.home.gb-bt.com/bill-payment/css/	6 KB 2 KB	40ms 37ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/override.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:46 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 2005 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	common-reset.css en.home.gb-bt.com/bill-payment/css/	65 KB 33 KB	57ms 54ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/common-reset.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:48 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 33859 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	common.css en.home.gb-bt.com/bill-payment/css/	181 KB 31 KB	65ms 62ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/common.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `c5f82b0a249afe838c24e127133a8706da913f49cd63a6e58629b7aabda6c3d6` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:48 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 31712 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	index.css en.home.gb-bt.com/bill-payment/css/	125 KB 17 KB	96ms 94ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/index.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `9b9dc2de870423267cb9627e0cd9896766578b0d04e9befa8bf602b7939852a4` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:46 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 17673 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	bts-common.css en.home.gb-bt.com/bill-payment/css/	88 KB 11 KB	97ms 95ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/bts-common.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:48 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 10846 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	login-index.css en.home.gb-bt.com/bill-payment/css/	76 KB 12 KB	98ms 96ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/login-index.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `53e23e8841cb9cdd6ed990e57742c64e1dd66fef007adae0c4b070056c97d835` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:46 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 11984 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	responsive-footer.css en.home.gb-bt.com/bill-payment/css/	8 KB 1 KB	99ms 97ms	Stylesheet text/css	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/css/responsive-footer.css Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `4f5d6479f2230da9fb3e7a2903a0d8fc1b39aff6af50bee9f2ef08916054fd55` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:09:46 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1308 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	rebrand-bt-logo-login-page-136440342141502601-191112130458.png en.home.gb-bt.com/bill-payment/images/	2 KB 2 KB	101ms 99ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/rebrand-bt-logo-login-page-136440342141502601-191112130458.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:06 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1720 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	logo-2018.svg en.home.gb-bt.com/bill-payment/images/	1 KB 627 B	101ms 100ms	Image image/svg+xml	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/logo-2018.svg Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:10:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 556 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	logo-footer2018.svg en.home.gb-bt.com/bill-payment/images/	1 KB 624 B	101ms 100ms	Image image/svg+xml	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/logo-footer2018.svg Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:10:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 556 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	jquery-1.11.3.min.js Show response en.home.gb-bt.com/bill-payment/js/	94 KB 32 KB	98ms 97ms	Script application/javascript	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:10:22 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 32363 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	jquery.maskedinput.js Show response en.home.gb-bt.com/bill-payment/js/	16 KB 3 KB	100ms 98ms	Script application/javascript	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/js/jquery.maskedinput.js Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `8ffb271eb7b416bcd7caa260d227fddb684048fb57e61d18c29418f66187f9cd` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Sun, 19 Jan 2020 22:10:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 3101 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	main.js Show response en.home.gb-bt.com/bill-payment/js/	32 KB 4 KB	100ms 99ms	Script application/javascript	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/js/main.js Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `cb5a386922c4c39b3ccafd0b454778aa314d2fbead350cd5f325594acf9c1760` Request headers Referer https://en.home.gb-bt.com/bill-payment/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT content-encoding br last-modified Mon, 20 Jan 2020 00:08:02 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 3811 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	error.png en.home.gb-bt.com/bill-payment/images/	2 KB 2 KB	33ms 32ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/error.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `12f8e6f2951f94dcf7e830cd7dcf8eabcd4f11b87a39e0c8150661ab0b032064` Request headers Referer https://en.home.gb-bt.com/bill-payment/css/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:10 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 2087 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	logintextboxbg.png en.home.gb-bt.com/bill-payment/images/	966 B 998 B	33ms 33ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/logintextboxbg.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f` Request headers Referer https://en.home.gb-bt.com/bill-payment/css/login-index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:08 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 966 expires Fri, 17 Jul 2020 09:19:01 GMT
GET DATA	200 OK	truncated /	42 KB 42 KB		Font font/truetype
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer Origin https://en.home.gb-bt.com Response headers Content-Type font/truetype;charset=utf-8
GET H2	200	icons-sprite-8bit.png en.home.gb-bt.com/bill-payment/images/	5 KB 5 KB	32ms 31ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/icons-sprite-8bit.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f` Request headers Referer https://en.home.gb-bt.com/bill-payment/css/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:10 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 5100 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	LoginButtonBg.png en.home.gb-bt.com/bill-payment/images/	211 B 242 B	34ms 33ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/LoginButtonBg.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8` Request headers Referer https://en.home.gb-bt.com/bill-payment/css/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:10 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 211 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	login-back.png en.home.gb-bt.com/bill-payment/images/	279 B 311 B	34ms 34ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/login-back.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac` Request headers Referer https://en.home.gb-bt.com/bill-payment/css/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:08 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 279 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	bg_cxtHelp.png en.home.gb-bt.com/bill-payment/images/	5 KB 5 KB	34ms 34ms	Image image/png	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://en.home.gb-bt.com/bill-payment/images/bg_cxtHelp.png Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `9c7fefb49c219c30987c55a64a9d1ed39be911fc4f2ac3a15a206a6d1094d4ef` Request headers Referer https://en.home.gb-bt.com/bill-payment/css/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:10 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 5438 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	BTFont_Rg.woff en.home.gb-bt.com/bill-payment/fonts/	58 KB 58 KB	34ms 33ms	Font font/woff	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/fonts/BTFont_Rg.woff Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://en.home.gb-bt.com/bill-payment/css/responsive-footer.css Origin https://en.home.gb-bt.com Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:10:02 GMT server LiteSpeed content-type font/woff status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 59092 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	bttvicons.woff en.home.gb-bt.com/bill-payment/fonts/	8 KB 8 KB	37ms 37ms	Font font/woff	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/fonts/bttvicons.woff Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://en.home.gb-bt.com/bill-payment/css/responsive-footer.css Origin https://en.home.gb-bt.com Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:09:52 GMT server LiteSpeed content-type font/woff status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 8356 expires Fri, 17 Jul 2020 09:19:01 GMT
GET H2	200	bttv_rg-webfont.woff en.home.gb-bt.com/bill-payment/fonts/	26 KB 26 KB	32ms 32ms	Font font/woff	207.180.192.202 CONTABO
General Check archive.org Show headers Download Go to Full URL https://en.home.gb-bt.com/bill-payment/fonts/bttv_rg-webfont.woff Requested by Host: en.home.gb-bt.com URL: https://en.home.gb-bt.com/bill-payment/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.180.192.202 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server10lexus.flaunt7.com Software LiteSpeed / Resource Hash `1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://en.home.gb-bt.com/bill-payment/css/index.css Origin https://en.home.gb-bt.com Response headers date Fri, 10 Jul 2020 09:19:01 GMT last-modified Sun, 19 Jan 2020 22:09:52 GMT server LiteSpeed content-type font/woff status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 26600 expires Fri, 17 Jul 2020 09:19:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			en.home.gb-bt.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f3ff3523b485d2b1cb9bc42e79053aaf
			en.home.gb-bt.com/bill-payment	1969-12-31 23:59:59	Name: site_vis Value: 6094

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

en.home.gb-bt.com
207.180.192.202
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
12f8e6f2951f94dcf7e830cd7dcf8eabcd4f11b87a39e0c8150661ab0b032064
1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
4f5d6479f2230da9fb3e7a2903a0d8fc1b39aff6af50bee9f2ef08916054fd55
53e23e8841cb9cdd6ed990e57742c64e1dd66fef007adae0c4b070056c97d835
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
8ffb271eb7b416bcd7caa260d227fddb684048fb57e61d18c29418f66187f9cd
91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2
9b9dc2de870423267cb9627e0cd9896766578b0d04e9befa8bf602b7939852a4
9c7fefb49c219c30987c55a64a9d1ed39be911fc4f2ac3a15a206a6d1094d4ef
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
a435856590fe2f653591f07b81efcc0584b63768d3ac4116235d837a674d3d7a
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
c5f82b0a249afe838c24e127133a8706da913f49cd63a6e58629b7aabda6c3d6
cb5a386922c4c39b3ccafd0b454778aa314d2fbead350cd5f325594acf9c1760
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4

en.home.gb-bt.com Open in urlscan Pro 207.180.192.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

301 kBTransfer

865 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

2 Cookies

Indicators

en.home.gb-bt.com Open in urlscan Pro
207.180.192.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

301 kB
Transfer

865 kB
Size

2
Cookies

23 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!