Report - bt-0-ci50.my.asekio.com/

Report Overview

Submitted URL
bt-0-ci50.my.asekio.com/
IP
162.159.140.98
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 18:56:23
Access
public
Website Title
Home - bt
Final URL
bt-0-ci50.my.asekio.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.asekio.com	unknown	unknown	No data	No data	899 B	4.0 kB	172.66.0.96
bt-0-ci50.my.asekio.com	unknown	2023-03-30	2024-04-18	2024-04-18	10 kB	2.0 MB	162.159.140.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc
2024-04-18	medium	bt-0-ci50.my.asekio.com/	BT Group plc

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	bt-0-ci50.my.asekio.com/_next/static/chunks/webpack-3f0fcf7452ddfd49.js	5.4 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/webpack-3f0fcf7452ddfd49.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:29 Last Seen2024-04-18 20:56:29 Times Seen1 Hash 3e7ef897e4ebd8cd40a31b560b0357b0 2b0b940da59e3735310820672a64ed6c98cc7fba 01423698c689afe9c9ea585e3d217dfff44cb761defe0637764345c4c30c1c1c Loading...

	bt-0-ci50.my.asekio.com/_next/static/chunks/framework-af64bd368ed34feb.js	141 kB	2023-09-15	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/framework-af64bd368ed34feb.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-15 16:32:23 Last Seen2024-04-18 20:56:30 Times Seen4 Hash d3e44c3fe2ff87e157e7cb4e997330d0 f76283d1f61b8b094d7ddd5e47c2dbf6eb62b1d4 fdbffdfae4a2e50bce7361ea69d14548d96f86015d6287aec8ca0852ff048aa5 Loading...

	bt-0-ci50.my.asekio.com/_next/static/chunks/pages/_app-b412d68e5072c737.js	90 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/pages/_app-b412d68e5072c737.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:30 Last Seen2024-04-18 20:56:30 Times Seen2 Hash 2878cc27890c232d102b8e33d7a3986d edf25a7189a54c66c32a429c1ec5108d7b265c02 0a52efef1daf68df3b9e3601a00345a93ff487a7e74c435abfa722cd94c68fbb Loading...

	bt-0-ci50.my.asekio.com/_next/static/chunks/pages/%5Bdomain%5D/%5B%5B...params%5D%5D-0860fb0acd77c2fe.js	220 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/pages/%5Bdomain%5D/%5B%5B...params%5D%5D-0860fb0acd77c2fe.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:30 Last Seen2024-04-18 20:56:30 Times Seen2 Hash cb85df5cbd012ebedb85553119b85b83 48149c275be75d721a4ac5ff96cff581517c077b f54add1445bf5445fbd7551c846d5c65ea3b7e79759ea59ca1e2b70795136e08 Loading...

	bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_ssgManifest.js	77 B	2023-03-07	2024-05-02
Pretty URL bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_ssgManifest.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-05-02 00:00:56 Times Seen85592 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	unknown	117 B	2023-03-07	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:23:40 Last Seen2024-04-30 09:39:19 Times Seen254 Hash b415ed6a5114145b078b70c3a92e49d7 16f6e98f0a2417fa821450d83f092dbc8f9aea41 ffa4813ea5be196fbfff89e55d7e98d6747d756961d20b1027a28aef57631fa0 Loading...

	bt-0-ci50.my.asekio.com/_next/static/chunks/main-33dc1d04d63a902b.js	101 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/main-33dc1d04d63a902b.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:30 Last Seen2024-04-18 20:56:30 Times Seen2 Hash 0d87221616ec742d6b0bf79070761506 c9d698779d5986d86ba5061fb53125746a6c6a2b c922e3c618af041aa13ee0884e718782ba5df5898222bfe40320088b44e63ff4 Loading...

	bt-0-ci50.my.asekio.com/_next/static/chunks/816-ccb76f4177426c05.js	23 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/816-ccb76f4177426c05.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:30 Last Seen2024-04-18 20:56:30 Times Seen2 Hash 998cdf4856091ed2ad02d8c66e447da4 5daed0491b17929248f02254a79bd0730248ea8f 431525e758848cd95d743d7e3ae6f458976cc08f9e7aaac1c34b611e349d6c80 Loading...

	bt-0-ci50.my.asekio.com/_next/static/chunks/868-2436e8b88a7356de.js	476 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/chunks/868-2436e8b88a7356de.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:30 Last Seen2024-04-18 20:56:30 Times Seen1 Hash 53c0f9a558972cd50ca477264bffb7af 10ecf9f612910c38759e0acb5291836f6b70eed8 261e6ae898fc057ff44a8a141083e7bed480f36e00cfdd6dd2b7885e88631e59 Loading...

	bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_buildManifest.js	1.2 kB	2024-04-18	2024-04-18
Pretty URL bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_buildManifest.js IP 162.159.140.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:56:30 Last Seen2024-04-18 20:56:30 Times Seen1 Hash 110643303634b0e414edf34179ce7c71 dfdfb66bce9d56702af53174e8c54ceec4983075 b609fcf112f09a10de680d79d2a3d8879c00fa37393f1320807c9efdd66ad779 Loading...

	www.asekio.com/js/script.js	3.6 kB	2023-09-23	2024-04-18
Pretty URL www.asekio.com/js/script.js IP 172.66.0.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 05:45:40 Last Seen2024-04-18 20:56:30 Times Seen7 Hash c91819e2a398a839d51924247c579529 b558d51d18fac82464b81c6cbc4cf148ddc9f63c 5c995c59d4a0e51bbf7be4945c0cc03333e49bd85336e11d88ad0c54fc5ceed8 Loading...

HTTP Transactions (18)

URL IP Response Size

www.asekio.com/js/script.js

172.66.0.96

200 OK

1.6 kB

URL GET HTTP/2
www.asekio.com/js/script.js
IP
172.66.0.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectwww.asekio.com
FingerprintE4:20:3A:08:24:62:E0:A7:4E:C5:32:C7:CC:65:50:A3:E3:F6:50:0F
ValidityTue, 27 Feb 2024 17:00:18 GMT - Mon, 27 May 2024 17:00:17 GMT

File type
JavaScript source, ASCII text, with very long lines (3582), with no line terminators
Size
1.6 kB (1636 bytes)
Hash
c91819e2a398a839d51924247c579529
b558d51d18fac82464b81c6cbc4cf148ddc9f63c
5c995c59d4a0e51bbf7be4945c0cc03333e49bd85336e11d88ad0c54fc5ceed8

HTTP Headers

GET /js/script.js HTTP/1.1
Host: www.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript
x-powered-by: asekio
vary: Accept-Encoding, Accept-Encoding
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=86400
application: 10.0.0.3
cross-origin-resource-policy: cross-origin
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/17/2024 14:20:33
cdn-edgestorageid: 1079
cdn-status: 200
cdn-requestid: b8ad837c2062cdf2944fdbde583b8437
cdn-cache: HIT
x-do-app-origin: 12ef046c-8f5d-4e96-bfb9-619aad319c3d
x-do-orig-status: 200
last-modified: Wed, 17 Apr 2024 21:07:41 GMT
cf-cache-status: HIT
age: 21851
set-cookie: __cf_bm=31SWXFK7r4nlNJE6uXhPXPonnC0z69OfZg_b4Gh.I_U-1713466557-1.0.1.1-011p47sh3qbmqdCXQEulA6WLKEdQXujswkOxGiR5D9eUZQ6Rmh_RRuh5QIXeoJa51Z7ODw5RjuqfPeGe4HvaJg; path=/; expires=Thu, 18-Apr-24 19:25:57 GMT; domain=.www.asekio.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8766df42b86e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/framework-af64bd368ed34feb.js

162.159.140.98

200 OK

53 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/framework-af64bd368ed34feb.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65202)
Size
53 kB (53035 bytes)
Hash
d3e44c3fe2ff87e157e7cb4e997330d0
f76283d1f61b8b094d7ddd5e47c2dbf6eb62b1d4
fdbffdfae4a2e50bce7361ea69d14548d96f86015d6287aec8ca0852ff048aa5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/framework-af64bd368ed34feb.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"22701-18ef1228138"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a2eb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/css/74688355f527be2a.css

162.159.140.98

200 OK

13 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/css/74688355f527be2a.css
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
ASCII text, with very long lines (18792), with no line terminators
Size
13 kB (12728 bytes)
Hash
7a2747edc3b416db78838a7fcd9db88c
06f41189bd1e77dbca0ddcc95ddbefb46415562e
f612f68801b046e3a8eeb48d779209887ae6f0f3efd94d00291552c9fa43e284

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/css/74688355f527be2a.css HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"4968-18ef1228138"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df406a1eb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/816-ccb76f4177426c05.js

162.159.140.98

200 OK

18 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/816-ccb76f4177426c05.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
JavaScript source, ASCII text, with very long lines (21329)
Size
18 kB (17980 bytes)
Hash
998cdf4856091ed2ad02d8c66e447da4
5daed0491b17929248f02254a79bd0730248ea8f
431525e758848cd95d743d7e3ae6f458976cc08f9e7aaac1c34b611e349d6c80

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/816-ccb76f4177426c05.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"598c-18ef1228138"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a3cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/main-33dc1d04d63a902b.js

162.159.140.98

200 OK

39 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/main-33dc1d04d63a902b.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
39 kB (39125 bytes)
Hash
0d87221616ec742d6b0bf79070761506
c9d698779d5986d86ba5061fb53125746a6c6a2b
c922e3c618af041aa13ee0884e718782ba5df5898222bfe40320088b44e63ff4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/main-33dc1d04d63a902b.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"18bd2-18ef1228134"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a38b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_ssgManifest.js

162.159.140.98

200 OK

77 B

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_ssgManifest.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/MwG7HgBM8CwZreCrDcAfg/_ssgManifest.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"4d-18ef1228134"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df408a47b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/media/f595c38f5aaaeca5-s.ttf

162.159.140.98

200 OK

394 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/media/f595c38f5aaaeca5-s.ttf
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
TrueType Font data, 20 tables, 1st "GDEF", 37 names, Microsoft, language 0x409
Size
394 kB (394140 bytes)
Hash
e6cb49ef6502d09136c7302d56f4197b
debd10e57fb07dd24187c41679885129449c1435
e5b1a3fbac6e5bf9f20860f9a254abe39240439f445568d8cd37482789e5dcac

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/media/f595c38f5aaaeca5-s.ttf HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/_next/static/css/74688355f527be2a.css
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"6039c-18ef122812c"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df412affb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/media/abb0f3a06e9f64d3-s.p.ttf

162.159.140.98

200 OK

530 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/media/abb0f3a06e9f64d3-s.p.ttf
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
TrueType Font data, 23 tables, 1st "GDEF", 44 names, Microsoft, language 0x409
Size
530 kB (529700 bytes)
Hash
95393d9faf957406807a05d8fba3f4fc
b436e315c744dc2143fb69e6f03b3278681f73b9
d1b1331ba90e949be8664b073976b4f0369b831f381e13e506d728e50ce29083

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/media/abb0f3a06e9f64d3-s.p.ttf HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/_next/static/css/74688355f527be2a.css
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"81524-18ef1228128"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df412b07b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/pages/_app-b412d68e5072c737.js

162.159.140.98

200 OK

90 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/pages/_app-b412d68e5072c737.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (90507 bytes)
Hash
2878cc27890c232d102b8e33d7a3986d
edf25a7189a54c66c32a429c1ec5108d7b265c02
0a52efef1daf68df3b9e3601a00345a93ff487a7e74c435abfa722cd94c68fbb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/pages/_app-b412d68e5072c737.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"1618b-18ef1228134"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a3ab50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/pages/%5Bdomain%5D/%5B%5B...params%5D%5D-0860fb0acd77c2fe.js

162.159.140.98

200 OK

220 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/pages/%5Bdomain%5D/%5B%5B...params%5D%5D-0860fb0acd77c2fe.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
220 kB (220043 bytes)
Hash
cb85df5cbd012ebedb85553119b85b83
48149c275be75d721a4ac5ff96cff581517c077b
f54add1445bf5445fbd7551c846d5c65ea3b7e79759ea59ca1e2b70795136e08

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/pages/%5Bdomain%5D/%5B%5B...params%5D%5D-0860fb0acd77c2fe.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"35b8b-18ef1228138"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a40b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_buildManifest.js

162.159.140.98

200 OK

1.2 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/MwG7HgBM8CwZreCrDcAfg/_buildManifest.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
ASCII text, with very long lines (1212), with no line terminators
Size
1.2 kB (1150 bytes)
Hash
8e3674a82eff2e88e7139e9d24bdba90
1489885d289d09cdb45f69cf9ca1637481b25a3f
72316de86269f07edfc094c7b5c506b8115d11d51f9f92e61706f6d635c210d0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/MwG7HgBM8CwZreCrDcAfg/_buildManifest.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"47e-18ef1228134"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a45b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/favicon.ico

162.159.140.98

200 OK

88 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/favicon.ico
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
MS Windows icon resource - 4 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with - PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel
Size
88 kB (87836 bytes)
Hash
74751703634d391a9b0dc7518ca014ff
a4db1ace96f12ad6efe5e55ee105a31e649b6675
9e362d3b84a32ffd2b74079129dce55adb32d9028946cf804ee89226cece1269

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: image/x-icon
x-powered-by: Asekio
x-robots-tag: noindex
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
cache-control: private
x-do-orig-status: 200
last-modified: Thu, 18 Apr 2024 18:55:57 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 8766df424c2ab50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.asekio.com/api/event

172.66.0.96

202 Accepted

2 B

URL POST HTTP/2
www.asekio.com/api/event
IP
172.66.0.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectwww.asekio.com
FingerprintE4:20:3A:08:24:62:E0:A7:4E:C5:32:C7:CC:65:50:A3:E3:F6:50:0F
ValidityTue, 27 Feb 2024 17:00:18 GMT - Mon, 27 May 2024 17:00:17 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /api/event HTTP/1.1
Host: www.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 94
Origin: https://bt-0-ci50.my.asekio.com
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
date: Thu, 18 Apr 2024 18:55:58 GMT
content-type: text/plain; charset=utf-8
content-length: 2
x-powered-by: asekio
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: DE
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.3
permissions-policy: interest-cohort=()
x-plausible-dropped: 1
x-request-id: F8d0wZ0DZiywX38Kuzki
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 04/18/2024 18:55:58
cdn-edgestorageid: 1081
cdn-requestid: 449de0d697aa97b9c1c7be6927e5b3de
vary: Accept-Encoding
x-do-app-origin: 12ef046c-8f5d-4e96-bfb9-619aad319c3d
x-do-orig-status: 202
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=4aqCRt6T4FqHNjM2l.xh5NqRGOe8tYFbf_Xp3Ngbu7M-1713466558-1.0.1.1-B72Tenz_4aKCjXMdKytmPCHD1FFcQwdJoepCq5h6TJZATI2SlaTxFcRhCvmXpAIoTNBu1DmASMqgSxE_VmorLA; path=/; expires=Thu, 18-Apr-24 19:25:58 GMT; domain=.www.asekio.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8766df435bf21c02-OSL
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/css/558bf1bfb45e4500.css

162.159.140.98

200 OK

1.1 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/css/558bf1bfb45e4500.css
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
ASCII text, with very long lines (1059), with no line terminators
Size
1.1 kB (1059 bytes)
Hash
b4db75e37112290932599a343885354d
2c286aba2600b2dbaf26f6edf09dd196bdb7e982
3edc4accfb98e6be98f337ec0ecf53c9ebb1637a4ac2dce118f14fb949868055

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/css/558bf1bfb45e4500.css HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"423-18ef1228134"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df406a1cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/webpack-3f0fcf7452ddfd49.js

162.159.140.98

200 OK

5.4 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/webpack-3f0fcf7452ddfd49.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
JavaScript source, ASCII text, with very long lines (5554), with no line terminators
Size
5.4 kB (5424 bytes)
Hash
b0882077798573e880ad8c6f50766a23
bb4be60c55ada2225e563e18b35c5295e7c28202
837d88508ff25cdd72fba1ea5d8df789113d2cc19231e5be3fa5c2b4edde165d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/webpack-3f0fcf7452ddfd49.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"1530-18ef1228138"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df406a2cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/chunks/868-2436e8b88a7356de.js

162.159.140.98

200 OK

476 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/chunks/868-2436e8b88a7356de.js
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type

Size
476 kB (476423 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/chunks/868-2436e8b88a7356de.js HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"74507-18ef1228138"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df407a3eb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/

162.159.140.98

200 OK

9.9 kB

URL User Request GET HTTP/2
bt-0-ci50.my.asekio.com/
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
HTML document, ASCII text, with very long lines (10624), with no line terminators
Size
9.9 kB (9895 bytes)
Hash
0e86467c703289a8306afe050b919e43
d9a62802c9505460d4447f1dd8663cf082fdcd9b
0b2e43f199abc23387651cd27a9989cb6684e279e2e0da712ddbf3db4f64d9f9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET / HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: text/html; charset=utf-8
x-powered-by: Asekio
x-robots-tag: noindex
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: MISS
set-cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g; path=/; expires=Thu, 18-Apr-24 19:25:57 GMT; domain=.bt-0-ci50.my.asekio.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8766df3dbf63b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bt-0-ci50.my.asekio.com/_next/static/css/0b485053a3247373.css

162.159.140.98

200 OK

89 kB

URL GET HTTP/2
bt-0-ci50.my.asekio.com/_next/static/css/0b485053a3247373.css
IP
162.159.140.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bt-0-ci50.my.asekio.com/
Certificate
IssuerLet's Encrypt
Subjectmy.asekio.com
Fingerprint3B:D6:4B:DD:A4:B9:60:49:DB:46:31:ED:00:11:72:08:06:7D:61:4F
ValidityWed, 06 Mar 2024 13:18:23 GMT - Tue, 04 Jun 2024 13:18:22 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (88616 bytes)
Hash
0f7d598388783f357596872ce8a1c649
9aeb35b3b48c4181b360d18bd3d34f3b555018ac
84739a4b4cf21f40d42a57f052d8f35fc7e23faa1b5cc12f6d6f391dfc79de37

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc

HTTP Headers

GET /_next/static/css/0b485053a3247373.css HTTP/1.1
Host: bt-0-ci50.my.asekio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bt-0-ci50.my.asekio.com/
Cookie: __cf_bm=1X5.aa4XTs4nM0WuRrqd4Jp1IbpI8KwzzwmgC7uMlZ4-1713466557-1.0.1.1-CJaRFZwaw7BcAr2p5LcQsuU8Bs2hG3MnWtKxt8b19v5PyUXR2i2meU0US9i2KTg..dqiYqc_oC7ajS9LH2to8g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 18 Apr 2024 12:15:54 GMT
etag: W/"15a28-18ef1228134"
vary: Accept-Encoding
x-do-app-origin: 473b4c6d-3875-4567-8407-dcf3ebc7cd82
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 8766df406a29b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL