bt-verifymobile.org
Open in
urlscan Pro
2606:4700:3035::ac43:ab81
Malicious Activity!
Public Scan
Effective URL: http://bt-verifymobile.org/login.php?X7WAB7Q&inID=gbkwqoEJTmyAJKMyWEZpIAFUouGBBAbtMBxCOLECXzhTveqJdOMMNYZaStulS
Submission: On July 28 via api from GB
Summary
This is the only time bt-verifymobile.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BT (Telecommunication)Domain & IP information
ASN22822 (LLNW, US)
PTR: https-68-142-68-29.any.llnw.net
img01.bt.co.uk | |
home.bt.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN22822 (LLNW, US)
PTR: https-178-79-227-144.vie.llnw.net
assets.bt.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
d36kespjlw4605.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
britishtelecom.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-176-1.compute-1.amazonaws.com
prefmgr-cookie.truste-svc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com
ads.avocet.io | |
ads.avct.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
bt.co.uk
img01.bt.co.uk |
354 KB |
20 |
trustarc.com
consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com |
351 KB |
10 |
adobedtm.com
assets.adobedtm.com |
158 KB |
8 |
demdex.net
1 redirects
dpm.demdex.net britishtelecom.demdex.net |
10 KB |
3 |
bt.com
home.bt.com assets.bt.com |
7 KB |
2 |
avct.cloud
2 redirects
ads.avct.cloud |
880 B |
2 |
adform.net
2 redirects
c1.adform.net |
962 B |
2 |
adnxs.com
2 redirects
ib.adnxs.com |
2 KB |
2 |
bt-verifymobile.org
1 redirects
bt-verifymobile.org |
9 KB |
1 |
avocet.io
1 redirects
ads.avocet.io |
194 B |
1 |
truste-svc.net
prefmgr-cookie.truste-svc.net |
2 KB |
1 |
bing.com
1 redirects
c.bing.com |
358 B |
1 |
twitter.com
analytics.twitter.com |
304 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
1 |
cloudfront.net
d36kespjlw4605.cloudfront.net |
411 B |
72 | 15 |
Domain | Requested by | |
---|---|---|
28 | img01.bt.co.uk |
bt-verifymobile.org
img01.bt.co.uk |
12 | consent-pref.trustarc.com |
consent.trustarc.com
consent-pref.trustarc.com |
10 | assets.adobedtm.com |
bt-verifymobile.org
assets.adobedtm.com |
7 | consent.trustarc.com |
assets.adobedtm.com
consent.trustarc.com bt-verifymobile.org consent-pref.trustarc.com |
7 | dpm.demdex.net |
1 redirects
bt-verifymobile.org
|
2 | ads.avct.cloud | 2 redirects |
2 | c1.adform.net | 2 redirects |
2 | ib.adnxs.com | 2 redirects |
2 | home.bt.com |
bt-verifymobile.org
img01.bt.co.uk |
2 | bt-verifymobile.org | 1 redirects |
1 | ads.avocet.io | 1 redirects |
1 | prefmgr-cookie.truste-svc.net |
bt-verifymobile.org
|
1 | c.bing.com | 1 redirects |
1 | analytics.twitter.com |
bt-verifymobile.org
|
1 | consent-st.trustarc.com |
consent-pref.trustarc.com
|
1 | cm.everesttech.net | 1 redirects |
1 | britishtelecom.demdex.net |
assets.adobedtm.com
|
1 | d36kespjlw4605.cloudfront.net |
img01.bt.co.uk
|
1 | assets.bt.com |
img01.bt.co.uk
|
72 | 19 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.bt.com GeoTrust EV RSA CA 2018 |
2020-09-30 - 2021-10-05 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
*.trustarc.com Go Daddy Secure Certificate Authority - G2 |
2020-05-21 - 2022-07-17 |
2 years | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
http://bt-verifymobile.org/login.php?X7WAB7Q&inID=gbkwqoEJTmyAJKMyWEZpIAFUouGBBAbtMBxCOLECXzhTveqJdOMMNYZaStulS
Frame ID: AF7E5498A5BF0AD1DF2F4EEAB66BB5CE
Requests: 50 HTTP requests in this frame
Frame:
https://britishtelecom.demdex.net/dest5.html?d_nsid=0
Frame ID: C637FC6F4B879E8D44490EFA8BD0ED35
Requests: 6 HTTP requests in this frame
Frame:
http://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=pl&locale=en&behavior=expressed>m=true&ostype=mobile&layout=default_eu&uid=06d470fe-6a93-4e68-939d-32b8bb7f41ce&irm=undefined&from=http://consent.trustarc.com/
Frame ID: 4B024466BD57CE26E1637622FD05A8BA
Requests: 15 HTTP requests in this frame
Frame:
http://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Frame ID: C36CA144B9BB7441B8F8D1C6A4333549
Requests: 1 HTTP requests in this frame
Frame:
http://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=http://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=pl&locale=en&behavior=expressed>m=true&ostype=mobile&layout=default_eu&uid=06d470fe-6a93-4e68-939d-32b8bb7f41ce&irm=undefined&from=http://consent.trustarc.com/
Frame ID: 07398B939B7DA260B157141A217CF6B8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bt-verifymobile.org/
HTTP 302
http://bt-verifymobile.org/login.php?X7WAB7Q&inID=gbkwqoEJTmyAJKMyWEZpIAFUouGBBAbtMBxCOLECXzhTveqJdOMMN... Page URL
Detected technologies
Adobe DTM (Tag Managers) ExpandDetected patterns
- script /\/\/assets.adobedtm.com\//i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
35 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Forgotten your login details?
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Create one
Search URL Search Domain Scan URL
Title: Track your order >
Search URL Search Domain Scan URL
Title: Report or track a fault >
Search URL Search Domain Scan URL
Title: Pay a bill >
Search URL Search Domain Scan URL
Title: Get help or contact us >
Search URL Search Domain Scan URL
Title: Download the My BT App >
Search URL Search Domain Scan URL
Title: Go to our email log in page >
Search URL Search Domain Scan URL
Title: For business and public sector
Search URL Search Domain Scan URL
Title: For global business
Search URL Search Domain Scan URL
Title: BT Group
Search URL Search Domain Scan URL
Title: Wifi
Search URL Search Domain Scan URL
Title: BT Ireland
Search URL Search Domain Scan URL
Title: BT Shop
Search URL Search Domain Scan URL
Title: Business Direct
Search URL Search Domain Scan URL
Title: Openreach
Search URL Search Domain Scan URL
Title: The Phone Book
Search URL Search Domain Scan URL
Title: BT Wholesale
Search URL Search Domain Scan URL
Title: BT Redcare
Search URL Search Domain Scan URL
Title: Contact BT
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Codes of practice
Search URL Search Domain Scan URL
Title: Broadband Universal Service
Search URL Search Domain Scan URL
Title: Make a complaint
Search URL Search Domain Scan URL
Title: T&Cs
Search URL Search Domain Scan URL
Title: Modern Slavery Statement
Search URL Search Domain Scan URL
Title: Here For You - helping you communicate
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bt-verifymobile.org/
HTTP 302
http://bt-verifymobile.org/login.php?X7WAB7Q&inID=gbkwqoEJTmyAJKMyWEZpIAFUouGBBAbtMBxCOLECXzhTveqJdOMMNYZaStulS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1627461603225 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1627461603225
- https://cm.everesttech.net/cm/dd?d_uuid=61010004360565425071016065313683780215 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQEX4wAAAE0qCBNg
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=8660607697282075429
- https://c.bing.com/c.gif?uid=61010004360565425071016065313683780215&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=12ACBD3970866B771664ADBB71ED6A20
- https://c1.adform.net/serving/cookie/match?party=1007&cid=61010004360565425071016065313683780215&noredirect=v2 HTTP 302
- https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=61010004360565425071016065313683780215&noredirect=v2 HTTP 302
- https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3702629327275404559
- https://ads.avocet.io/getuid?url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 301
- https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 307
- https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=183896&dpuuid=71a903ec-7300-4836-825d-86973995d27f
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
bt-verifymobile.org/ Redirect Chain
|
33 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-datalayer.js
img01.bt.co.uk/s/assets/290321/js/ |
710 B 892 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-reset.css
img01.bt.co.uk/s/assets/290321/css/ |
65 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
img01.bt.co.uk/s/assets/290321/css/ |
181 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
img01.bt.co.uk/s/assets/290321/aauth/css/ |
125 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bts-common.css
img01.bt.co.uk/s/assets/290321/css/ |
88 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aref.min.js
img01.bt.co.uk/s/assets/290321/js/ |
460 B 800 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
assets.adobedtm.com/ |
505 KB 128 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr_jquery_cookies.js
img01.bt.co.uk/s/assets/290321/js/ |
107 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dantegh.api-1.1.js
img01.bt.co.uk/s/assets/290321/js/ |
47 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sportnav.api.js
img01.bt.co.uk/s/assets/290321/js/ |
62 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-index.css
img01.bt.co.uk/s/assets/290321/css/ |
76 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
img01.bt.co.uk/s/assets/290321/js/ |
819 B 894 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rebrand-bt-logo-login-page-136440342141502601-200609022505.png
home.bt.com//images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ArcotAdapterIntegration.js
img01.bt.co.uk/s/assets/290321/aauth/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dantegf.api-1.0.js
img01.bt.co.uk/s/assets/290321/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
img01.bt.co.uk/s/assets/290321/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.js
img01.bt.co.uk/s/assets/290321/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttv_rg-webfont.woff
img01.bt.co.uk/s/assets/290321/aauth/css/fonts/ |
26 KB 26 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
override.css
assets.bt.com/v1/btcomd/assets/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 KB 42 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notice
consent.trustarc.com/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logintextboxbg.png
img01.bt.co.uk/s/assets/290321/images/ |
966 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons-sprite-8bit.png
img01.bt.co.uk/s/assets/290321/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginButtonBg.png
img01.bt.co.uk/s/assets/290321/images/ |
211 B 604 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-back.png
img01.bt.co.uk/s/assets/290321/images/ |
279 B 694 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajaxapic
home.bt.com/ |
3 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.css
img01.bt.co.uk/s/assets/220721/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.php
d36kespjlw4605.cloudfront.net/ |
47 B 411 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCdaeffbdc45da44bf965da71d683e6439-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/54ffe2ab04e0/ |
350 B 485 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCe8d9d5492177401b8dd6bada340a0104-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/54ffe2ab04e0/ |
1 KB 870 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt-footer-bg.jpg
img01.bt.co.uk/s/assets/290321/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC488e232c9d0543d58b2215a05c11ca7b-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/54ffe2ab04e0/ |
438 B 542 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1.7-8690
consent.trustarc.com/asset/notice.js/v/ |
72 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
log
consent.trustarc.com/ |
43 B 382 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
britishtelecom.demdex.net/ Frame C637 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YQEX4wAAAE0qCBNg
dpm.demdex.net/ Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
consent-pref.trustarc.com/ Frame 4B02 |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
noticemsg
consent.trustarc.com/ |
43 B 687 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.min.js
img01.bt.co.uk/s/assets/220721/js/ |
970 B 1013 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-footer2018.svg
img01.bt.co.uk/s/assets/220721/images/logo/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont_Rg.woff
img01.bt.co.uk/s/assets/220721/fonts/bt/ |
58 KB 58 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttvicons.woff
img01.bt.co.uk/s/assets/220721/fonts/bt/ |
8 KB 9 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 4B02 |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get
consent-st.trustarc.com/ Frame 4B02 |
20 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
consent-pref.trustarc.com/images/ Frame 4B02 |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=358&dpuuid=8660607697282075429
dpm.demdex.net/ Frame C637 Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
A6C9AB4BABD0AA264932340B351BAFB2.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C36C |
140 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 4B02 |
969 B 977 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 4B02 |
48 B 535 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ Frame C637 |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCabd3150ca9f241c7bbac2e3e4e90fe9a-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/54ffe2ab04e0/ |
623 B 604 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC31e920520b184dd1bbc4f4e454edd285-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/54ffe2ab04e0/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCfa7979c219e74ccd98ed44d71d438cdf-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/54ffe2ab04e0/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.9.2.custom.min.js
img01.bt.co.uk/s/assets/290321/js/ |
171 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt.cookies.js
img01.bt.co.uk/s/assets/290321/globalheader/ |
0 404 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1957&dpuuid=12ACBD3970866B771664ADBB71ED6A20
dpm.demdex.net/ Frame C637 Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 4B02 |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/ Frame 4B02 |
243 KB 84 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1586&dpuuid=3702629327275404559
dpm.demdex.net/ Frame C637 Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/ Frame 4B02 |
19 KB 8 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 0739 |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 4B02 |
733 B 807 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 4B02 |
29 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=183896&dpuuid=71a903ec-7300-4836-825d-86973995d27f
dpm.demdex.net/ Frame C637 Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/ Frame 4B02 |
7 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
consent.trustarc.com/ Frame 4B02 |
57 KB 57 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
consent.trustarc.com/ Frame 4B02 |
57 KB 58 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
consent.trustarc.com/ Frame 4B02 |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BT (Telecommunication)116 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| analyticsPageName object| tar string| formTarget object| digitalData object| _exhaust_init_queue function| emitToExhaust object| cookieutilities object| btCookiesAPI object| Modernizr object| html5 function| yepnope function| $ function| jQuery function| getInternetExplorerVersion boolean| jQueryScriptOutputted undefined| searchStatusVal object| DanteGH object| Encoder object| user function| jqdgh object| SportNav string| static_root object| omni object| funccmd boolean| sportpage object| ads function| mobileSearchBTS string| loginpagetype function| reportErrors function| expireCookie function| getUserStatus function| logDetails string| customView undefined| e undefined| loggedinCustomer undefined| xloginExists undefined| elbcExists object| authFailureReasonCookie undefined| usrName undefined| owmhash undefined| mxhash undefined| xloginArr undefined| target undefined| targetParts undefined| redirectUrl undefined| samltkns undefined| settings string| pageType object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| h object| _exhaust function| hexDecode function| restorePlusSymbols function| ArcotExtractUserMsg function| hexEncode string| frgtdetail function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s object| flags string| bghexcolor string| ua function| getAndriodBanner object| DanteGF object| FooterEncoder object| portalcookie function| jqdgf object| footerconfig undefined| loadgf function| displayerrors function| setUsernameFromCookie function| checkPwdEnc number| submitcount function| validEmail function| setRememberMeCookiees object| bt object| lbi function| downloadJSAtOnload object| expiry function| _truste_eumap object| truste function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG string| rebrandLogo string| oldlogo string| newlogo function| Syringe function| SyringeEvent function| SyringeEvent_Click function| SyringeInjection function| SyringeInjection_Pixel function| SyringeInjection_Script function| SyringeInjection_LaunchDirectCall function| DP_jQuery_16274616041596 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: dextp Value: 358-1-1627461603861|1123-1-1627461603962 |
|
.bt-verifymobile.org/ | Name: AMCV_0AA54673527831890A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18837%7CMCMID%7C63519966605816344700185776613370064634%7CMCAAMLH-1628066403%7C6%7CMCAAMB-1628066403%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1627468803s%7CNONE%7CMCSYNCSOP%7C411-18844%7CvVersion%7C5.2.0 |
|
bt-verifymobile.org/ | Name: btVisitedCookie Value: 0 |
|
.demdex.net/ | Name: demdex Value: 61010004360565425071016065313683780215 |
|
.bt-verifymobile.org/ | Name: AMCVS_0AA54673527831890A490D45%40AdobeOrg Value: 1 |
|
bt-verifymobile.org/ | Name: PHPSESSID Value: b84f49590253a7fd9e003d969506d5bd |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.avct.cloud
ads.avocet.io
analytics.twitter.com
assets.adobedtm.com
assets.bt.com
britishtelecom.demdex.net
bt-verifymobile.org
c.bing.com
c1.adform.net
cm.everesttech.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
d36kespjlw4605.cloudfront.net
dpm.demdex.net
home.bt.com
ib.adnxs.com
img01.bt.co.uk
prefmgr-cookie.truste-svc.net
104.244.42.131
178.79.227.144
185.33.223.178
2600:9000:21f3:8e00:9:273e:d940:21
2606:4700:3035::ac43:ab81
2620:1ec:c11::200
2a02:26f0:6c00:2a6::1e80
34.198.176.1
34.240.2.137
37.157.2.234
52.18.85.49
54.171.219.200
54.171.42.33
65.9.96.116
65.9.96.14
65.9.96.41
68.142.68.29
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
049aa6bee17e578aeac6482b5a42a1361e13746f9c053ef72fbf2c5e83ed0798
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9
1377d1117ed253cbd2efb57e5d0567fb4bffdfa48fd258d241670b516e174d00
1894442bd6d6f164b8daa1cd0901ed86f73d88efceb3dba89e568691311d0351
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
20ca4a60bd5242f69283fadbe4a4af55bee69c5864ce81fb2b11a2a7b70b0ed0
22a08fc787b8d73d8ef190521573eafaac17e1ff037461a2f2c6ce5dd0c1674f
26946f4351e726c1fdf9f7783c03ec0cd8534f954a8a51f15319a746262228b7
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
32f9b445cdf66b5aa8fc260f589ec18984fbe2042fd319c5693c8054c6378de8
330c54b74b453f6d086933cce146ead03e561fc20321119e5551657f0a1c433f
34990cbd8d94f7b5419ec53c88cc84965698e7545a84c3b7c716f2616d4141c5
3a02e3952b63d0981e3020955b24d6182dd15f0ea8d6f07b41279b517a206b90
3a6db34d683517d7520ec2df590e53bef395acf46c8b612d5a9c71ba4ecee167
3ab188d6cbe03d181c10ede40d6292456677fd5fa6be9edd2b2f86649a223732
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
3fbb5e5a6228842c74bc0294d4f068b63bb0b0df8c1bb3bf94f1ed769e9026d3
425f3e3943172803a8b9f0520d73b6227698f8bbf8eeb304045996e201d3fbf6
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5f6014f4536e0ce8aa9d0349bcd0d4a5832e972fcde4197eeaa639ebded269b1
5fec331e4a79b49d22b0c9dc7ea1db7f7b9daac7b405a1465b764d563a24b0c0
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6b275117fdc1f1f49f642525b24af8729b0342cbd6d4c1d90de54aa26b30a83a
6c0d97c150caa57fedaec98672b92f45f74ddf74fd2921dce3ee77d9b45343f9
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
6cbaaa0cffb0a0873aa5bd3ec7d25a0dc28614e253d37fb1dcc051dfc696f631
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac
6fa24023268bf093490db2fd8287c1a78bbd6fe698440c292d7b30e2d3c9fd56
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
75f939280b5dd72557c69b742c4a10298be8a9852a403e22d28a7bf85ad4b92a
76fb7bf7179f6f96422d148f0fdc3e29254a4c3d0695614925cb931724c750ef
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cbd17cfdf0413b4b9cd51616ba542bcb43bff184d80dabec77f6da7b24411c8
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
985b658a2350adc42be04d448ff0ed17e91c55b701035651e67938d3b64e6071
9897123307be7d15d8da48aba3f037c1c6659629f42cc9bbde3b5a42253414f7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ae4eb9c9c17705c16839c2a02ce23a247ce67ec2f8ee57da36c714db88186ec
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae1d67078fab712c0beb68cc426b97e33e89a1c019f59e04a09bc1402a1db766
b77dd1ce3caadbb97b25ba25185a27228706c3baf9ca423333380fea6132fc35
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
c8f47c528c93a4dc7104388ee8d7e5fd2e67efd2cc641116825f4d539198cd2a
cbf86fc1cedf23b294f4610fe0140df33f350071028953d6cc1c2c4249851038
d1a596f14425ca6825185ffefef827af5e7958ef109eeb0bcc66dafbcd19131f
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d68009559c2405a20697e16a1640b61484d438cb65e453cd65222f18203326a5
d692b0682bd8946e6802e2a3362a155ed42c3ba281d27b23195203717a82f94e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f7a58fe67b04d01e049ca1cd6604b939cd660eb2df6a2d7fa3fca4c01676b0
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e93699f0fb07453e6dfe98f37601dc3b78790020a52b828641f51c235d16d6a0
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ecbff32f4e513b13f557f387f508545cb6ba328c6d240bb63f04cf8336092dab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
efa6ba20540351d2a93112d62056fe024739ba4afa16c09792e5b45218a3dd23
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f8929dd8eeb937f95dc13f7e0308a67fbe02811bd5bed43b035577982e5f2eb5
f93c513c6f4137263ffedd90468fb2b81452f93b7dde569161339bf4a8b41b0f
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e
fdd650406adae0fb686277bda711756d1e219ae4f4e2569892661e6578689d2a