bt-verifybilling.com Open in urlscan Pro
2606:4700:3033::6815:23ee  Malicious Activity! Public Scan

Submitted URL: https://bt-verifybilling.com/
Effective URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Submission: On September 18 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 4 countries across 16 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3033::6815:23ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is bt-verifybilling.com.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time bt-verifybilling.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
30 68.142.70.29 22822 (LLNW)
11 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 178.79.242.150 22822 (LLNW)
1 7 18.203.8.109 16509 (AMAZON-02)
1 52.218.40.130 16509 (AMAZON-02)
7 54.230.206.95 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
13 52.222.179.96 16509 (AMAZON-02)
1 52.30.200.197 16509 (AMAZON-02)
1 1 34.248.191.66 16509 (AMAZON-02)
1 52.222.179.41 16509 (AMAZON-02)
2 2 37.252.173.62 29990 (ASN-APPNEX)
1 34.202.206.65 14618 (AMAZON-AES)
1 104.244.42.131 13414 (TWITTER)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 37.157.3.28 198622 (ADFORM)
3 3 54.194.211.3 16509 (AMAZON-02)
76 14
Domain Requested by
28 img01.bt.co.uk bt-verifybilling.com
img01.bt.co.uk
13 consent-pref.trustarc.com consent.trustarc.com
consent-pref.trustarc.com
prefmgr-cookie.truste-svc.net
11 assets.adobedtm.com bt-verifybilling.com
assets.adobedtm.com
7 consent.trustarc.com assets.adobedtm.com
consent.trustarc.com
bt-verifybilling.com
7 dpm.demdex.net 1 redirects bt-verifybilling.com
2 ads.avct.cloud 2 redirects
2 c1.adform.net 2 redirects
2 ib.adnxs.com 2 redirects
2 home.bt.com bt-verifybilling.com
img01.bt.co.uk
2 bt-verifybilling.com 1 redirects
1 ads.avocet.io 1 redirects
1 c.bing.com 1 redirects
1 analytics.twitter.com
1 prefmgr-cookie.truste-svc.net bt-verifybilling.com
1 consent-st.trustarc.com consent-pref.trustarc.com
1 cm.everesttech.net 1 redirects
1 britishtelecom.demdex.net assets.adobedtm.com
1 d36kespjlw4605.cloudfront.net img01.bt.co.uk
1 ee-tagging.s3.amazonaws.com bt-verifybilling.com
1 assets.bt.com img01.bt.co.uk
76 20
Subject Issuer Validity Valid
*.bt-verifybilling.com
R3
2021-09-15 -
2021-12-14
3 months crt.sh
www.bt.com
GeoTrust EV RSA CA 2018
2020-09-30 -
2021-10-05
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-08 -
2021-09-30
9 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2020-05-21 -
2022-07-17
2 years crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.truste-svc.net
Go Daddy Secure Certificate Authority - G2
2020-04-25 -
2022-06-23
2 years crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh

This page contains 6 frames:

Primary Page: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Frame ID: 8CBB8F5D80B9DE1C9326E63EB2CD90F7
Requests: 52 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Frame ID: FA0262D77890EB94CE3858FEA33375C2
Requests: 15 HTTP requests in this frame

Frame: https://britishtelecom.demdex.net/dest5.html?d_nsid=0
Frame ID: 15ACFA0D354D232EE5CBE8636DF3120C
Requests: 6 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Frame ID: 67D877A2F4F439DD7ECA562ADC07D9D1
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 85A3C191559CCD39D105BCA2B45F727D
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: D3A1E03E171CAD618A3E1FA722D8B379
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

BT.com Log in

Page URL History Show full URLs

  1. https://bt-verifybilling.com/ HTTP 302
    https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

76
Requests

99 %
HTTPS

22 %
IPv6

16
Domains

20
Subdomains

14
IPs

4
Countries

953 kB
Transfer

2506 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bt-verifybilling.com/ HTTP 302
    https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1631981647470 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1631981647470
Request Chain 47
  • https://cm.everesttech.net/cm/dd?d_uuid=87672174126562837320058199722742560009 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUYQTwAAAF0fiQQE
Request Chain 59
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=4798222493712408710
Request Chain 67
  • https://c.bing.com/c.gif?uid=87672174126562837320058199722742560009&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A926A7BC682624E16057ACDC7506388
Request Chain 68
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=87672174126562837320058199722742560009&noredirect=v2 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=87672174126562837320058199722742560009&noredirect=v2 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2366402791688202841
Request Chain 69
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=183896&dpuuid=1656e592-41d3-4df9-a179-057fc393da49

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
bt-verifybilling.com/
Redirect Chain
  • https://bt-verifybilling.com/
  • https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
33 KB
8 KB
Document
General
Full URL
https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:23ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.23
Resource Hash
63315f6720d5e9520a935b50ba9ed72b8f698b96819c928aa5d6991e2e570ca8

Request headers

:method
GET
:authority
bt-verifybilling.com
:scheme
https
:path
/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=5c31744dea04637ad00570641b1ed563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.23
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UL4HIE8hKtr3%2FGtorxYdSoQ%2B56sO%2FiNlJ9lzk2K94tv7LiSe0Tx0EzdBTLOwAjEGuF4JrwlvjrvE8kwI9ONdY5x37nt2y7Pe6Uu9dyUFY8Nj4L%2BkhpfUTE4cNZbMW9NO8mCFPEzIVt5kZ3RDZX7DmDqbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
690bdd8cd97c440d-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 18 Sep 2021 16:14:06 GMT
content-type
text/html; charset=UTF-8
location
login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
x-powered-by
PHP/7.4.23
set-cookie
PHPSESSID=5c31744dea04637ad00570641b1ed563; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49K0AOyDffeeSpoX%2Fl6PqRmJmjJ6r3Y3yQ4fAvn6gSX%2BT%2F4yA3CSK47xVuweOmDOafb7I2oyhi2P74W1bMBb7vH%2B6gevkea3%2BpsE6YfhSQLe%2FDlwt%2FKbRcp21m%2FN1zq9HKkIpfAJ0Rdry6YiN2MIoLR96A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
690bdd89baac440d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
login-datalayer.js
img01.bt.co.uk/s/assets/290321/js/
710 B
747 B
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/login-datalayer.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
c8f47c528c93a4dc7104388ee8d7e5fd2e67efd2cc641116825f4d539198cd2a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
417
x-llid
037ee68e899439ee7a3cee5ef4e7f7f1
expires
Sat, 18 Sep 2021 16:14:14 GMT
common-reset.css
img01.bt.co.uk/s/assets/290321/css/
65 KB
35 KB
Stylesheet
General
Full URL
https://img01.bt.co.uk/s/assets/290321/css/common-reset.css
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
35373
x-llid
3fa58db363c304e12b9d21c3ac3dc9f6
expires
Sun, 19 Sep 2021 16:14:07 GMT
common.css
img01.bt.co.uk/s/assets/290321/css/
181 KB
34 KB
Stylesheet
General
Full URL
https://img01.bt.co.uk/s/assets/290321/css/common.css
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
425f3e3943172803a8b9f0520d73b6227698f8bbf8eeb304045996e201d3fbf6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
content-type
text/css
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
34693
x-llid
230c19c389b264e2494f800e463065b7
expires
Sat, 18 Sep 2021 16:14:14 GMT
index.css
img01.bt.co.uk/s/assets/290321/aauth/css/
125 KB
20 KB
Stylesheet
General
Full URL
https://img01.bt.co.uk/s/assets/290321/aauth/css/index.css
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
e3f7a58fe67b04d01e049ca1cd6604b939cd660eb2df6a2d7fa3fca4c01676b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
content-type
text/css
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
20406
x-llid
84c3d3f58ac0c2acb7cbbd7a5942167b
expires
Sat, 18 Sep 2021 16:14:14 GMT
bts-common.css
img01.bt.co.uk/s/assets/290321/css/
88 KB
13 KB
Stylesheet
General
Full URL
https://img01.bt.co.uk/s/assets/290321/css/bts-common.css
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:26:54 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
text/css
x-btsite
1
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
12866
x-llid
5a57882dd72e8e9afcd91140a93bc6de
expires
Sat, 18 Sep 2021 18:11:15 GMT
aref.min.js
img01.bt.co.uk/s/assets/290321/js/
460 B
655 B
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/aref.min.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
5fec331e4a79b49d22b0c9dc7ea1db7f7b9daac7b405a1465b764d563a24b0c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
325
x-llid
09a295e36a706028fc48c972bc8551ca
expires
Sat, 18 Sep 2021 16:14:14 GMT
launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
assets.adobedtm.com/
511 KB
129 KB
Script
General
Full URL
https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ab3b2e3b033dd98f917e3c9169f6c82fdcf996a06abd44135db3000eb35a9e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"5a6516ed220e47c2594206b481bdc854:1631802825.105031"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
131867
expires
Sat, 18 Sep 2021 17:14:07 GMT
modernizr_jquery_cookies.js
img01.bt.co.uk/s/assets/290321/js/
107 KB
40 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/modernizr_jquery_cookies.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
d1a596f14425ca6825185ffefef827af5e7958ef109eeb0bcc66dafbcd19131f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
40420
x-llid
12add1ac03353db813a18b67dddab5e3
expires
Sat, 18 Sep 2021 16:14:14 GMT
dantegh.api-1.1.js
img01.bt.co.uk/s/assets/290321/js/
47 KB
11 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/dantegh.api-1.1.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
a20d8da2ff276ff2007c305688d48ceedfa74f62b0b0f9d91ef10e84470f1b0f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
11371
x-llid
43ae3616bce36bc160e28fab9bc331e0
expires
Sat, 18 Sep 2021 16:14:14 GMT
sportnav.api.js
img01.bt.co.uk/s/assets/290321/js/
62 KB
14 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/sportnav.api.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
651e08f586165960697eabab39ba2193b81a2dc196d8214d1a7bb2c3d226d474
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:26:54 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
1
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
13784
x-llid
d431707719745d14c702b3c5519c6bba
expires
Sat, 18 Sep 2021 18:11:15 GMT
login-index.css
img01.bt.co.uk/s/assets/290321/css/
76 KB
13 KB
Stylesheet
General
Full URL
https://img01.bt.co.uk/s/assets/290321/css/login-index.css
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
32f9b445cdf66b5aa8fc260f589ec18984fbe2042fd319c5693c8054c6378de8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
text/css
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
13465
x-llid
97978ce2e7f223732e3025b34143a2db
expires
Sat, 18 Sep 2021 18:11:15 GMT
jquery.cookie.js
img01.bt.co.uk/s/assets/290321/js/
819 B
749 B
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/jquery.cookie.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
330c54b74b453f6d086933cce146ead03e561fc20321119e5551657f0a1c433f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
419
x-llid
837dea70dae964731e439a60c5d4c96b
expires
Sat, 18 Sep 2021 16:14:14 GMT
rebrand-bt-logo-login-page-136440342141502601-200609022505.png
home.bt.com//images/
2 KB
2 KB
Image
General
Full URL
https://home.bt.com//images/rebrand-bt-logo-login-page-136440342141502601-200609022505.png
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Sat, 18 Sep 2021 11:26:20 GMT
x-xss-protection
1; mode=block
age
13085
x-frame-options
SAMEORIGIN
content-type
image/png
x-btsite
1
expires
Sun, 19 Sep 2021 12:36:02 GMT
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
1720
x-llid
ba20e5378a91c5a8cd80511950345885
mdt-type
abinary; charset=UTF-8
ArcotAdapterIntegration.js
img01.bt.co.uk/s/assets/290321/aauth/js/
5 KB
2 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/aauth/js/ArcotAdapterIntegration.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
76fb7bf7179f6f96422d148f0fdc3e29254a4c3d0695614925cb931724c750ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:26:54 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
1
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
1888
x-llid
f10234b78a585eb4cd2c09fa8e754000
expires
Sun, 19 Sep 2021 16:14:07 GMT
dantegf.api-1.0.js
img01.bt.co.uk/s/assets/290321/js/
7 KB
2 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/dantegf.api-1.0.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
02dd879a56452934584a191110a1d8aafb8377ed6f905d31a60008da6bfd0bbc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
2226
x-llid
c3a67bf4af352c912de3a0f472c66f36
expires
Sat, 18 Sep 2021 18:11:15 GMT
login.js
img01.bt.co.uk/s/assets/290321/js/
12 KB
4 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/login.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
d68009559c2405a20697e16a1640b61484d438cb65e453cd65222f18203326a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86393
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
3602
x-llid
061fedb06ed2656510e4005e64ba43ca
expires
Sat, 18 Sep 2021 16:14:14 GMT
core.js
img01.bt.co.uk/s/assets/290321/js/
6 KB
3 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/core.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
3ab188d6cbe03d181c10ede40d6292456677fd5fa6be9edd2b2f86649a223732
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:26:54 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
1
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
2388
x-llid
4d555b6e474671a28be1cf9f51d0cfd1
expires
Sat, 18 Sep 2021 18:11:15 GMT
bttv_rg-webfont.woff
img01.bt.co.uk/s/assets/290321/aauth/css/fonts/
26 KB
26 KB
Font
General
Full URL
https://img01.bt.co.uk/s/assets/290321/aauth/css/fonts/bttv_rg-webfont.woff
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/aauth/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://img01.bt.co.uk/s/assets/290321/aauth/css/index.css
Origin
https://bt-verifybilling.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
26600
x-llid
05480acf7866b5b4f71fbee37ade2f8b
expires
Sat, 18 Sep 2021 18:11:15 GMT
override.css
assets.bt.com/v1/btcomd/assets/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://assets.bt.com/v1/btcomd/assets/css/override.css
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/js/modernizr_jquery_cookies.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.150 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-150.fra.llnw.net
Software
CloudStorage /
Resource Hash
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
age
124
x-agile-request-id
8b8ef779b58e6ddea9f1166a47f02773, 5ba354e2a405ed7813f74468f3e85b2b, cefda2629902ca18624f94a23e1d797e
x-agile-brick-id
480526242
content-length
2207
x-agile-checksum
4ee1da477be48c310f78622eeb718a58b16e696bc263a2c675c4697ca670dabc
last-modified
Wed, 28 Dec 2016 23:02:23 GMT
server
CloudStorage
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Accept-Encoding,Accept-Language,Cache-Control
x-agile-source
178.79.241.79:1987
x-llid
b3482866bfceb4132ced0c0a72533607
logintextboxbg.png
img01.bt.co.uk/s/assets/290321/images/
966 B
1 KB
Image
General
Full URL
https://img01.bt.co.uk/s/assets/290321/images/logintextboxbg.png
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/css/login-index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img01.bt.co.uk/s/assets/290321/css/login-index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:26:54 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
x-btsite
1
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
966
x-llid
06383dcb2d3d94b4ac0b43eab95b1f33
expires
Sun, 19 Sep 2021 16:14:07 GMT
truncated
/
42 KB
42 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d

Request headers

Referer
Origin
https://bt-verifybilling.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
font/truetype;charset=utf-8
icons-sprite-8bit.png
img01.bt.co.uk/s/assets/290321/images/
5 KB
5 KB
Image
General
Full URL
https://img01.bt.co.uk/s/assets/290321/images/icons-sprite-8bit.png
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/css/common.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img01.bt.co.uk/s/assets/290321/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
image/png
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
5100
x-llid
1f7691356709080215dbbc935bacd629
expires
Sat, 18 Sep 2021 18:11:15 GMT
LoginButtonBg.png
img01.bt.co.uk/s/assets/290321/images/
211 B
481 B
Image
General
Full URL
https://img01.bt.co.uk/s/assets/290321/images/LoginButtonBg.png
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/css/common.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img01.bt.co.uk/s/assets/290321/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
79372
x-frame-options
SAMEORIGIN
content-type
image/png
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
211
x-llid
c6ad6f93a9389fef7ab888e2c8631a98
expires
Sat, 18 Sep 2021 18:11:15 GMT
login-back.png
img01.bt.co.uk/s/assets/290321/images/
279 B
565 B
Image
General
Full URL
https://img01.bt.co.uk/s/assets/290321/images/login-back.png
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/css/common.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img01.bt.co.uk/s/assets/290321/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86392
x-frame-options
SAMEORIGIN
content-type
image/png
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
279
x-llid
7782de6a25d3155332198d156617d15b
expires
Sat, 18 Sep 2021 16:14:15 GMT
ajaxapic
home.bt.com/
3 KB
1 KB
Script
General
Full URL
https://home.bt.com/ajaxapic?pn=btcom/nav/globalfooter&site=btcom&callback=loadgf
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/js/modernizr_jquery_cookies.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
d692b0682bd8946e6802e2a3362a155ed42c3ba281d27b23195203717a82f94e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Sat, 18 Sep 2021 16:10:43 GMT
age
26
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=120
x-ua-compatible
IE=Edge
content-length
965
x-llid
1687633b16039ac8112d6d33e0e28365
expires
Sat, 18 Sep 2021 16:15:41 GMT
responsive-footer.css
img01.bt.co.uk/s/assets/130921/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://img01.bt.co.uk/s/assets/130921/css/responsive-footer.css
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/js/modernizr_jquery_cookies.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
3a02e3952b63d0981e3020955b24d6182dd15f0ea8d6f07b41279b517a206b90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
69974
x-frame-options
SAMEORIGIN
content-type
text/css
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
1486
x-llid
767a3ffb651a2404f6f1082cce0da72b
expires
Sat, 18 Sep 2021 20:47:53 GMT
bt-footer-bg.jpg
img01.bt.co.uk/s/assets/290321/images/
1 KB
2 KB
Image
General
Full URL
https://img01.bt.co.uk/s/assets/290321/images/bt-footer-bg.jpg
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/css/common-reset.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
cbf86fc1cedf23b294f4610fe0140df33f350071028953d6cc1c2c4249851038
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img01.bt.co.uk/s/assets/290321/css/common-reset.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86392
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
1251
x-llid
417fd3dfb0a8ed2e8924ef5326e118f7
expires
Sat, 18 Sep 2021 16:14:15 GMT
responsive-footer.min.js
img01.bt.co.uk/s/assets/130921/js/
970 B
864 B
Script
General
Full URL
https://img01.bt.co.uk/s/assets/130921/js/responsive-footer.min.js
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/js/modernizr_jquery_cookies.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
69945
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
534
x-llid
b4c462854c84c13651a0841eafa12668
expires
Sat, 18 Sep 2021 20:48:22 GMT
logo-footer2018.svg
img01.bt.co.uk/s/assets/130921/images/logo/
1 KB
953 B
Image
General
Full URL
https://img01.bt.co.uk/s/assets/130921/images/logo/logo-footer2018.svg
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
69133
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
628
x-llid
6a54b1110899dff3ae23fb01232b033e
expires
Sat, 18 Sep 2021 21:01:54 GMT
BTFont_Rg.woff
img01.bt.co.uk/s/assets/130921/fonts/bt/
58 KB
58 KB
Font
General
Full URL
https://img01.bt.co.uk/s/assets/130921/fonts/bt/BTFont_Rg.woff
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/130921/css/responsive-footer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://img01.bt.co.uk/s/assets/130921/css/responsive-footer.css
Origin
https://bt-verifybilling.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
69686
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
59092
x-llid
2be72367e9808976692ea27c448dd1c6
expires
Sat, 18 Sep 2021 20:52:41 GMT
bttvicons.woff
img01.bt.co.uk/s/assets/130921/fonts/bt/
8 KB
8 KB
Font
General
Full URL
https://img01.bt.co.uk/s/assets/130921/fonts/bt/bttvicons.woff
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/130921/css/responsive-footer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://img01.bt.co.uk/s/assets/130921/css/responsive-footer.css
Origin
https://bt-verifybilling.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
69689
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-length
8356
x-llid
6a50c969a27167a32ede0891c3cbe3d1
expires
Sat, 18 Sep 2021 20:52:38 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1631981647470
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1631981647470
1 KB
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1631981647470
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.8.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-8-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f7e34006a17149d40e0e1f967105d049a635f35ff72c95465123da0cde1a7e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v016-0c43f75c3.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
nMJPcg/kS2w=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bt-verifybilling.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
581
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v016-00db72f5c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://bt-verifybilling.com
X-TID
HSwFHe+zS2g=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1631981647470
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sat, 18 Sep 2021 17:14:07 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sat, 18 Sep 2021 17:14:07 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Sat, 18 Sep 2021 17:14:07 GMT
exhaust_testing.js
ee-tagging.s3.amazonaws.com/tools/exhaust/1.3.1/
26 KB
26 KB
Script
General
Full URL
https://ee-tagging.s3.amazonaws.com/tools/exhaust/1.3.1/exhaust_testing.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.40.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ddca02caf5a9068ea6b249f96e2d27f02bef000881a34736b44a62fa1bcd27cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 18 Mar 2021 11:19:53 GMT
Date
Sat, 18 Sep 2021 16:14:08 GMT
Last-Modified
Thu, 18 Mar 2021 11:20:47 GMT
Server
AmazonS3
x-amz-request-id
T6F9KJZGQ79C8RH8
ETag
"221720baa75db79d552cb87e0a70b848"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
26673
x-amz-id-2
/gIwB6LS8UaMLP6Sujbu23vlv8H/Um62p79Ubic5N8QfHD6IMjfwlAer6qv2ffF3jiImIMwDQtw=
notice
consent.trustarc.com/
9 KB
4 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=bt-consumer1.com&c=teconsent&text=true&pcookie=true&gtm=true&js=bb&noticeType=bb
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a17aa7f0b916861e72f2df64570a337b98a8bd2927553b88e6a437bb02709fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bt-verifybilling.com/
Origin
https://bt-verifybilling.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
3595
x-xss-protection
1; mode=block
timing-allow-origin
*
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
cache-control
max-age=3600
cloudfront-viewer-country-region
HE
x-amz-cf-id
eJcbGRykuo8nKdTnpHYU9F9J7EpOEapA2AkJDeohYuv1SCF_8AitmQ==
expires
Sat, 18 Sep 2021 17:14:07 GMT
ip.php
d36kespjlw4605.cloudfront.net/
48 B
415 B
XHR
General
Full URL
https://d36kespjlw4605.cloudfront.net/ip.php
Requested by
Host: img01.bt.co.uk
URL: https://img01.bt.co.uk/s/assets/290321/js/modernizr_jquery_cookies.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2200:9:273e:d940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.43 (Unix) OpenSSL/1.1.1d / PHP/7.4.7
Resource Hash
bbe5e008db0ed1bc0581087dbdbb1fc0b49844cc03722f29b22207b84a3bc1d0

Request headers

Accept
*/*
Referer
https://bt-verifybilling.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
server
Apache/2.4.43 (Unix) OpenSSL/1.1.1d
x-amz-cf-pop
FRA60-P4
x-powered-by
PHP/7.4.7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
68
via
1.1 dd4531988f4862a3b186f9d3356a6a75.cloudfront.net (CloudFront)
x-amz-cf-id
kfQea9nzcx4txKjREQbuRNlG_JPF2qndbm17VQd6HBLFX3XytDZW0Q==
RC6eeaf4f8a518465687d99bf5a97c446b-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
350 B
484 B
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RC6eeaf4f8a518465687d99bf5a97c446b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b4923be70df60819ca2b15c65f24061cf155fea71d4d35b0bc36dfab4bfd0cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
216
expires
Sat, 18 Sep 2021 17:14:07 GMT
RC7df78ad313ee427b899df99d58d4bf5a-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
1 KB
873 B
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RC7df78ad313ee427b899df99d58d4bf5a-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
456eee972725f14a7ef2e3b4a86d61e67292f4ab43c2b1162c58f6bf482cf082

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
604
expires
Sat, 18 Sep 2021 17:14:07 GMT
RC0822ae277fa54e86a381f8f5ce01b091-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
545 B
613 B
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RC0822ae277fa54e86a381f8f5ce01b091-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2484d0e34334c7a0070031cc390b5d7a980672516c41d2bd0824fc9079348afe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
344
expires
Sat, 18 Sep 2021 17:14:07 GMT
RC488e232c9d0543d58b2215a05c11ca7b-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
438 B
543 B
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RC488e232c9d0543d58b2215a05c11ca7b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4f431e309970e46cb21be801bb030234a0351ce459ea9966ee0006ad6fa41505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
274
expires
Sat, 18 Sep 2021 17:14:07 GMT
v1.7-1747
consent.trustarc.com/asset/notice.js/v/
72 KB
23 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-1747
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=bt-consumer1.com&c=teconsent&text=true&pcookie=true&gtm=true&js=bb&noticeType=bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
c4357236faa88551ac127de4b3fd1deab8c9463cfe3b127bc8836d3b55863469

Request headers

Referer
https://bt-verifybilling.com/
Origin
https://bt-verifybilling.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 15:42:19 GMT
content-encoding
gzip
age
1908
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Tue, 31 Aug 2021 03:46:15 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
x-amz-cf-id
7Z9KJcmZz7d8LGCMp4MJNBLQBSRNW4qE95xuodzQ2aaJzAiq8Q2dQw==
expires
Mon, 18 Oct 2021 15:42:19 GMT
log
consent.trustarc.com/
43 B
383 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=bt-consumer1.com&country=de&state=&behavior=expressed&c=9bca
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Sep 2021 16:14:07 GMT
via
1.1 c1fa4f08ddf9c5144bf29ba0fe671431.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
0MiDF6bZPN7iz_Zi53h1XdodwYvD6RzJdLqdWsgYyR406OUHFF33NQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
consent-pref.trustarc.com/ Frame FA02
5 KB
2 KB
Document
General
Full URL
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bt-verifybilling.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 18 Sep 2021 16:14:07 GMT
server
nginx
etag
W/"5147-1629347982000"
last-modified
Thu, 19 Aug 2021 04:39:42 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
3dMPmkfAI7ApI6H_EbM9j6o_wXbeK_rXdCJ0KpTs60smYBYM4oiErg==
noticemsg
consent.trustarc.com/
43 B
504 B
Image
General
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=bt-consumer1.com&behavior=expressed&country=de&language=en&rand=0.16305868834586068
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
via
1.1 c1fa4f08ddf9c5144bf29ba0fe671431.cloudfront.net (CloudFront)
x-content-type-options
nosniff
timing-allow-origin
*
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
cloudfront-viewer-country-region
HE
x-amz-cf-id
mjt3dSWgq4i6BtS9Lh3k8AeexkSeftLlSY-9l1Q79eTMX0G0ngtqOQ==
expires
Sat, 18 Sep 2021 17:14:07 GMT
dest5.html
britishtelecom.demdex.net/ Frame 15AC
7 KB
3 KB
Document
General
Full URL
https://britishtelecom.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.200.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-200-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
britishtelecom.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bt-verifybilling.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=87672174126562837320058199722742560009
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Sat, 18 Sep 2021 16:14:07 GMT
DCS
dcs-prod-irl1-1-v016-00fb84adb.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 8 Sep 2021 15:00:22 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
UyFxABTFS1o=
Content-Length
2791
Connection
keep-alive
ibs:dpid=411&dpuuid=YUYQTwAAAF0fiQQE
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=87672174126562837320058199722742560009
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUYQTwAAAF0fiQQE
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUYQTwAAAF0fiQQE
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.8.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-8-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v016-07d37c4ff.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BoA5qCoLQDA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUYQTwAAAF0fiQQE
Date
Sat, 18 Sep 2021 16:14:07 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FA02
5 KB
2 KB
Script
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
6f74888de1f7e175e7a8d9f4a482f1eb678d3a1f960113ba27d1a259264256cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 04:40:00 GMT
server
nginx
x-amz-cf-pop
HAM50-C1
etag
W/"4867-1629348000000"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
qyMZgxCerRkCG9BqlCzAojtI0QucoE3FPSJAGQov_1K7K3-G12TQoA==
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
expires
Sat, 18 Sep 2021 16:14:06 GMT
get
consent-st.trustarc.com/ Frame FA02
20 KB
5 KB
Script
General
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-41.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Sep 2021 15:50:35 GMT
content-encoding
gzip
server
nginx
age
865412
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C1
timing-allow-origin
*
x-amz-cf-id
BNOAiH0So09eLBDWS4WBqbs1wRPQTFHaXmD50G7cc0bqm5MGFdJSyw==
via
1.1 62e8d9c8c3a2ceb2c8a9fa0c9a6bcd8e.cloudfront.net (CloudFront)
expires
Fri, 08 Oct 2021 15:50:35 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame FA02
3 KB
3 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 05:38:58 GMT
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Thu, 19 Aug 2021 04:39:42 GMT
server
nginx
age
38112
etag
W/"2608-1629347982000"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
2608
x-xss-protection
1; mode=block
x-amz-cf-id
rC2CKrAa4tjYn0Yn4m3v62JnHrILoMP2dkh00x3wsykDbWw0IIFRSg==
3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67D8
140 KB
46 KB
Document
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
8e0276bb55f38a0946337c6d5ce1f88e1cd3bb8cc9560a35e5b061bb27fb1f16

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 31 Aug 2021 04:12:51 GMT
server
nginx
etag
W/"143087-1629348000000"
last-modified
Thu, 19 Aug 2021 04:40:00 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
-lk_oXDmCwZhcVQf8TDRNXEL6Z300yL2URvcT8199FsOUTBukW0TyA==
age
1598476
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FA02
969 B
834 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
3D1DCD2BF0C50EAF0926E06B9412811A
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
465
x-xss-protection
1; mode=block
x-amz-cf-id
y7DPgM2NxYMQIWZ4sLuNuq0K_yvsl4GDMfoLFQsO8plp2M1osE2Q-g==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FA02
48 B
389 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
f64c8b2718ad564a32e866a7d334545beae38f1fa3c26dcb9e2f1c243d45b2bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
3D1DCD2BF0C50EAF0926E06B9412811A
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
content-disposition
attachment
content-length
48
x-xss-protection
1; mode=block
x-amz-cf-id
kI3sYXqPO0i8O9BO2cxgofT9yuiAs-BTrd3CnfKpurdatLG_kWHNlA==
jquery-ui-1.9.2.custom.min.js
img01.bt.co.uk/s/assets/290321/js/
171 KB
50 KB
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/js/jquery-ui-1.9.2.custom.min.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
1377d1117ed253cbd2efb57e5d0567fb4bffdfa48fd258d241670b516e174d00
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
79371
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
50524
x-llid
cd56636506abc4a4605f8d856413c75d
expires
Sat, 18 Sep 2021 18:11:16 GMT
bt.cookies.js
img01.bt.co.uk/s/assets/290321/globalheader/
0
259 B
Script
General
Full URL
https://img01.bt.co.uk/s/assets/290321/globalheader/bt.cookies.js
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.142.70.29 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-70-29.any.llnw.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
last-modified
Thu, 09 Sep 2021 14:34:52 GMT
age
86392
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-btsite
2
x-xss-protection
1; mode=block
cache-control
max-age=86400
x-ua-compatible
IE=Edge
content-length
0
x-llid
d77105d0f68e9540c701c99ccf3c123d
expires
Sat, 18 Sep 2021 16:14:15 GMT
RCabd3150ca9f241c7bbac2e3e4e90fe9a-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
623 B
607 B
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RCabd3150ca9f241c7bbac2e3e4e90fe9a-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
26098b23925663c98cce466c821826a98b719ad34db2bd225f81eb72e968b9aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
338
expires
Sat, 18 Sep 2021 17:14:07 GMT
RC31e920520b184dd1bbc4f4e454edd285-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
6 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RC31e920520b184dd1bbc4f4e454edd285-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e039ab01eaf649a3c46b9552b22aba9a8120ca8673f6b41f4a2679f3722d1aba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2066
expires
Sat, 18 Sep 2021 17:14:07 GMT
RC0218a2c1458d41acb6a8aebe72ac8c59-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/
6 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/7fc25fae2e65/RC0218a2c1458d41acb6a8aebe72ac8c59-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
98f411e7b7383a054e1238ffd69f4565b8c197b9c8337963c8538f737a6457a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bt-verifybilling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 14:33:45 GMT
server
AkamaiNetStorage
etag
"471a7e6210cf9d14fdbc9c581148e930:1631802825.952819"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bt-verifybilling.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2051
expires
Sat, 18 Sep 2021 17:14:07 GMT
ibs:dpid=358&dpuuid=4798222493712408710
dpm.demdex.net/ Frame 15AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=4798222493712408710
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4798222493712408710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.8.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-8-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://britishtelecom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v016-0cd722f21.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4N7PiHuoQVY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Sat, 18 Sep 2021 16:14:07 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
40422931-5ca3-476f-aab5-bf4bc2d7c550
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4798222493712408710
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame FA02
27 KB
7 KB
Stylesheet
General
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 04:39:42 GMT
server
nginx
x-amz-cf-pop
HAM50-C1
etag
W/"27745-1629347982000"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
29vgMig8eUNoIzxo3KdrKpVGwSDRiV-K8gqVob05D0291QCHgMT2QQ==
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
expires
Sat, 18 Sep 2021 16:14:06 GMT
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/3D1DCD2BF0C50EAF0926E06B9412811A/ Frame FA02
243 KB
84 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/3D1DCD2BF0C50EAF0926E06B9412811A/10.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
49b1107c4782c8cd60dce7dadd701116777a8097936dc6fa3e1b526a5f7bf4b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 04:13:13 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 04:40:00 GMT
server
nginx
age
1598454
etag
W/"248817-1629348000000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
Kaoo1OoAhqIGIDemdGPLusvcRqhPgkZP5KVnqdklf2toKDn4s7K9OQ==
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/3D1DCD2BF0C50EAF0926E06B9412811A/ Frame FA02
19 KB
8 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/3D1DCD2BF0C50EAF0926E06B9412811A/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
d86306cfb344762984b47aff717491662e6c9de66d26b7513fd99b6e450a6384

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 04:14:04 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 04:40:00 GMT
server
nginx
age
1598403
etag
W/"19432-1629348000000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
MlJFdIbwph08_zRc3CVk_FBrGYN2SKK1W3wM1anfRmrxW_Xi1HnhWA==
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 85A3
5 KB
2 KB
Document
General
Full URL
https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: bt-verifybilling.com
URL: https://bt-verifybilling.com/login.php?4L0EVD9DI3L&inID=tFcALrlpysWIouKguYQFCJRVhUNPneSimUhfgenMr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.206.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-206-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method
GET
:authority
prefmgr-cookie.truste-svc.net
:scheme
https
:path
/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/

Response headers

date
Sat, 18 Sep 2021 16:14:08 GMT
content-type
text/html; charset=UTF-8
server
nginx
vary
Accept-Encoding
etag
W/"5014-1597208285000"
last-modified
Wed, 12 Aug 2020 04:58:05 GMT
content-encoding
gzip
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FA02
733 B
659 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
01d8392d309a9710cf9fd39fca617d2af21e2f877c09193ef9e33a3083404941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
3D1DCD2BF0C50EAF0926E06B9412811A
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
292
x-xss-protection
1; mode=block
x-amz-cf-id
obPb0lri18vLxOkJab0TVfMO6YuB_eA8mf4rj_gcYiI538_T0E202A==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FA02
29 KB
7 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
26946f4351e726c1fdf9f7783c03ec0cd8534f954a8a51f15319a746262228b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
3D1DCD2BF0C50EAF0926E06B9412811A
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 18 Sep 2021 16:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
7125
x-xss-protection
1; mode=block
x-amz-cf-id
DtX6Fa2svf2kthPCNrEDaqJn_5RtOibvjnRxDqcV__N-CIKN5RGEjw==
adsct
analytics.twitter.com/i/ Frame 15AC
43 B
581 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=87672174126562837320058199722742560009&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://britishtelecom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sat, 18 Sep 2021 16:14:08 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
895158cb64c00d91d8b5488d4308e11cc72c4b3dc86ba215f6f2e25444dad473
x-transaction
2ee47e25eab9ed40
expires
Tue, 31 Mar 1981 05:00:00 GMT
ibs:dpid=1957&dpuuid=0A926A7BC682624E16057ACDC7506388
dpm.demdex.net/ Frame 15AC
Redirect Chain
  • https://c.bing.com/c.gif?uid=87672174126562837320058199722742560009&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A926A7BC682624E16057ACDC7506388
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A926A7BC682624E16057ACDC7506388
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.8.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-8-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://britishtelecom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v016-0d417d33d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pS9Q18HHSGc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 18 Sep 2021 16:14:07 GMT
x-msedge-ref
Ref A: 734234D2E1B1450F866B6DB94B2D44F8 Ref B: FRAEDGE1311 Ref C: 2021-09-18T16:14:08Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A926A7BC682624E16057ACDC7506388
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=1586&dpuuid=2366402791688202841
dpm.demdex.net/ Frame 15AC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=87672174126562837320058199722742560009&noredirect=v2
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=87672174126562837320058199722742560009&noredirect=v2
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2366402791688202841
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2366402791688202841
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.8.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-8-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://britishtelecom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v016-0a6af27ba.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3ifz54WIQzc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 18 Sep 2021 16:14:08 GMT
server
nginx
location
https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2366402791688202841
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ibs:dpid=183896&dpuuid=1656e592-41d3-4df9-a179-057fc393da49
dpm.demdex.net/ Frame 15AC
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D
  • https://dpm.demdex.net/ibs:dpid=183896&dpuuid=1656e592-41d3-4df9-a179-057fc393da49
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=183896&dpuuid=1656e592-41d3-4df9-a179-057fc393da49
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.8.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-8-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://britishtelecom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v016-0ce11b196.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mpMxCOaGQRk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=183896&dpuuid=1656e592-41d3-4df9-a179-057fc393da49
date
Sat, 18 Sep 2021 16:14:08 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
109
content-type
text/html; charset=utf-8
6.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/3D1DCD2BF0C50EAF0926E06B9412811A/ Frame FA02
7 KB
3 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/3D1DCD2BF0C50EAF0926E06B9412811A/6.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/3D1DCD2BF0C50EAF0926E06B9412811A.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
8173c9c7e6621a53dcfc67d287a719a4bde1fc826f77adf7f0d1e0b6f4126833

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 04:13:30 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 04:40:00 GMT
server
nginx
age
1598438
etag
W/"6773-1629348000000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
qF_ysTuZfkkWoQFf8XUC7tp24Znzts8h2koZWvq4RXSTU5XLvGMr2w==
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
get
consent.trustarc.com/ Frame FA02
57 KB
57 KB
Font
General
Full URL
https://consent.trustarc.com/get?name=btcurve_w_rg.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
20ca4a60bd5242f69283fadbe4a4af55bee69c5864ce81fb2b11a2a7b70b0ed0

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Sep 2021 15:57:34 GMT
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
server
nginx
age
994
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
content-length
58292
x-amz-cf-id
GgBJdpGOZqkWQSsbYaVB6OIiKLFR5J_rsUO0jrr7shCJ6dVp8O8S9A==
expires
Mon, 18 Oct 2021 15:57:34 GMT
get
consent.trustarc.com/ Frame FA02
57 KB
58 KB
Font
General
Full URL
https://consent.trustarc.com/get?name=btcurve_w_bd.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
ecbff32f4e513b13f557f387f508545cb6ba328c6d240bb63f04cf8336092dab

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Sep 2021 15:57:34 GMT
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
server
nginx
age
994
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
content-length
58836
x-amz-cf-id
oRKNzYjiU5uoU5qr4XHTZnsf6q5HFkXr6GD0AhYRVU33YKHQNQzUaw==
expires
Mon, 18 Oct 2021 15:57:34 GMT
get
consent.trustarc.com/ Frame FA02
35 KB
36 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=british_telecom_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-95.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
6b275117fdc1f1f49f642525b24af8729b0342cbd6d4c1d90de54aa26b30a83a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Sep 2021 15:40:06 GMT
via
1.1 c1fa4f08ddf9c5144bf29ba0fe671431.cloudfront.net (CloudFront)
server
nginx
age
2042
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
content-length
36024
x-amz-cf-id
ut9xs4iuwRLeLfBN-4ygsBZJV2cEM4TjEkpskKbf8dgGs5kJpZ-HQQ==
expires
Mon, 18 Oct 2021 15:40:06 GMT
cookie_inneriframe.html
consent-pref.trustarc.com/ Frame D3A1
2 KB
1 KB
Document
General
Full URL
https://consent-pref.trustarc.com/cookie_inneriframe.html
Requested by
Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=bt_consumer1&site=bt-consumer1.com&action=notice&country=de&locale=en&behavior=expressed&gtm=true&layout=default_eu&uid=79eec82c-b990-44c8-8bde-2b7ce8915987&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-96.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/cookie_inneriframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://prefmgr-cookie.truste-svc.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://prefmgr-cookie.truste-svc.net/

Response headers

content-type
text/html; charset=UTF-8
server
nginx
last-modified
Thu, 19 Aug 2021 04:39:42 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
content-encoding
gzip
date
Fri, 17 Sep 2021 18:38:26 GMT
etag
W/"2008-1629347982000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
gO2JcW4h42Ez_EAD2TgorvxaEPPunjc1bFRLkF_KE6z0JqpX25fGMg==
age
77742

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster string| analyticsPageName object| tar string| formTarget object| digitalData object| _exhaust_init_queue function| emitToExhaust object| cookieutilities object| btCookiesAPI object| Modernizr object| html5 function| yepnope function| $ function| jQuery function| getInternetExplorerVersion boolean| jQueryScriptOutputted undefined| searchStatusVal object| DanteGH object| Encoder object| user function| jqdgh object| SportNav string| static_root object| omni object| funccmd boolean| sportpage object| ads function| mobileSearchBTS string| loginpagetype function| reportErrors function| expireCookie function| getUserStatus function| logDetails string| customView undefined| e undefined| loggedinCustomer undefined| xloginExists undefined| elbcExists object| authFailureReasonCookie undefined| usrName undefined| owmhash undefined| mxhash undefined| xloginArr undefined| target undefined| targetParts undefined| redirectUrl undefined| samltkns undefined| settings string| pageType function| hexDecode function| restorePlusSymbols function| ArcotExtractUserMsg function| hexEncode string| frgtdetail string| bghexcolor string| ua function| getAndriodBanner object| DanteGF object| FooterEncoder object| portalcookie function| jqdgf object| footerconfig undefined| loadgf function| displayerrors function| setUsernameFromCookie function| checkPwdEnc number| submitcount function| validEmail function| setRememberMeCookiees object| bt object| lbi function| downloadJSAtOnload string| rebrandLogo string| oldlogo string| newlogo object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| h object| _exhaust object| expiry object| flags function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| _truste_eumap object| truste function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| MessageQueue function| testObject function| testAccount function| testBasket object| transaction_ids object| basket_ids function| parseStringVars number| recent_page_request_timeout number| recent_page_request_index function| productStringToTable object| exhaust_testing_config function| Syringe function| SyringeEvent function| SyringeEvent_Click function| SyringeInjection function| SyringeInjection_Pixel function| SyringeInjection_Script function| SyringeInjection_LaunchDirectCall function| DP_jQuery_1631981647900

16 Cookies

Domain/Path Name / Value
bt-verifybilling.com/ Name: PHPSESSID
Value: 5c31744dea04637ad00570641b1ed563
bt-verifybilling.com/ Name: btVisitedCookie
Value: 0
.demdex.net/ Name: demdex
Value: 87672174126562837320058199722742560009
.bt-verifybilling.com/ Name: AMCVS_0AA54673527831890A490D45%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUYQTwAAAF0fiQQE
.dpm.demdex.net/ Name: dpm
Value: 87672174126562837320058199722742560009
.bt-verifybilling.com/ Name: AMCV_0AA54673527831890A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C18889%7CMCMID%7C84416116660753932410883563740447926660%7CMCAAMLH-1632586447%7C6%7CMCAAMB-1632586447%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1631988847s%7CNONE%7CMCSYNCSOP%7C411-18896%7CvVersion%7C5.2.0
.adnxs.com/ Name: uuid2
Value: 4798222493712408710
.twitter.com/ Name: personalization_id
Value: "v1_QtCcHcHMpfd6pYSRgy2KkQ=="
.bing.com/ Name: MUID
Value: 0A926A7BC682624E16057ACDC7506388
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2366402791688202841
prefmgr-cookie.truste-svc.net/ Name: cookie_3rdparty
Value: enabled
.demdex.net/ Name: dextp
Value: 358-1-1631981647851|1123-1-1631981647962|1957-1-1631981648062|1586-1-1631981648163|183896-1-1631981648264
ads.avct.cloud/ Name: uuid
Value: 1656e592-41d3-4df9-a179-057fc393da49
consent-pref.trustarc.com/ Name: token_test
Value: Sat Sep 18 2021 16:14:08 GMT+0000 (GMT)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avct.cloud
ads.avocet.io
analytics.twitter.com
assets.adobedtm.com
assets.bt.com
britishtelecom.demdex.net
bt-verifybilling.com
c.bing.com
c1.adform.net
cm.everesttech.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
d36kespjlw4605.cloudfront.net
dpm.demdex.net
ee-tagging.s3.amazonaws.com
home.bt.com
ib.adnxs.com
img01.bt.co.uk
prefmgr-cookie.truste-svc.net
104.244.42.131
178.79.242.150
18.203.8.109
2600:9000:225e:2200:9:273e:d940:21
2606:4700:3033::6815:23ee
2620:1ec:c11::200
2a02:26f0:fb:5ad::1e80
34.202.206.65
34.248.191.66
37.157.3.28
37.252.173.62
52.218.40.130
52.222.179.41
52.222.179.96
52.30.200.197
54.194.211.3
54.230.206.95
68.142.70.29
01d8392d309a9710cf9fd39fca617d2af21e2f877c09193ef9e33a3083404941
02dd879a56452934584a191110a1d8aafb8377ed6f905d31a60008da6bfd0bbc
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
1313323817898228d6399b6de26686f15af3bfc9ebda293cc7656e27611673f9
1377d1117ed253cbd2efb57e5d0567fb4bffdfa48fd258d241670b516e174d00
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
20ca4a60bd5242f69283fadbe4a4af55bee69c5864ce81fb2b11a2a7b70b0ed0
2484d0e34334c7a0070031cc390b5d7a980672516c41d2bd0824fc9079348afe
26098b23925663c98cce466c821826a98b719ad34db2bd225f81eb72e968b9aa
26946f4351e726c1fdf9f7783c03ec0cd8534f954a8a51f15319a746262228b7
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
32f9b445cdf66b5aa8fc260f589ec18984fbe2042fd319c5693c8054c6378de8
330c54b74b453f6d086933cce146ead03e561fc20321119e5551657f0a1c433f
3a02e3952b63d0981e3020955b24d6182dd15f0ea8d6f07b41279b517a206b90
3ab188d6cbe03d181c10ede40d6292456677fd5fa6be9edd2b2f86649a223732
3ab3b2e3b033dd98f917e3c9169f6c82fdcf996a06abd44135db3000eb35a9e9
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
425f3e3943172803a8b9f0520d73b6227698f8bbf8eeb304045996e201d3fbf6
456eee972725f14a7ef2e3b4a86d61e67292f4ab43c2b1162c58f6bf482cf082
49b1107c4782c8cd60dce7dadd701116777a8097936dc6fa3e1b526a5f7bf4b3
4f431e309970e46cb21be801bb030234a0351ce459ea9966ee0006ad6fa41505
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5fec331e4a79b49d22b0c9dc7ea1db7f7b9daac7b405a1465b764d563a24b0c0
63315f6720d5e9520a935b50ba9ed72b8f698b96819c928aa5d6991e2e570ca8
651e08f586165960697eabab39ba2193b81a2dc196d8214d1a7bb2c3d226d474
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6b275117fdc1f1f49f642525b24af8729b0342cbd6d4c1d90de54aa26b30a83a
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac
6f74888de1f7e175e7a8d9f4a482f1eb678d3a1f960113ba27d1a259264256cf
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
76fb7bf7179f6f96422d148f0fdc3e29254a4c3d0695614925cb931724c750ef
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
7f7e34006a17149d40e0e1f967105d049a635f35ff72c95465123da0cde1a7e8
8173c9c7e6621a53dcfc67d287a719a4bde1fc826f77adf7f0d1e0b6f4126833
8e0276bb55f38a0946337c6d5ce1f88e1cd3bb8cc9560a35e5b061bb27fb1f16
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f411e7b7383a054e1238ffd69f4565b8c197b9c8337963c8538f737a6457a5
a17aa7f0b916861e72f2df64570a337b98a8bd2927553b88e6a437bb02709fff
a20d8da2ff276ff2007c305688d48ceedfa74f62b0b0f9d91ef10e84470f1b0f
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4923be70df60819ca2b15c65f24061cf155fea71d4d35b0bc36dfab4bfd0cad
bbe5e008db0ed1bc0581087dbdbb1fc0b49844cc03722f29b22207b84a3bc1d0
c4357236faa88551ac127de4b3fd1deab8c9463cfe3b127bc8836d3b55863469
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
c8f47c528c93a4dc7104388ee8d7e5fd2e67efd2cc641116825f4d539198cd2a
cbf86fc1cedf23b294f4610fe0140df33f350071028953d6cc1c2c4249851038
d1a596f14425ca6825185ffefef827af5e7958ef109eeb0bcc66dafbcd19131f
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d68009559c2405a20697e16a1640b61484d438cb65e453cd65222f18203326a5
d692b0682bd8946e6802e2a3362a155ed42c3ba281d27b23195203717a82f94e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d86306cfb344762984b47aff717491662e6c9de66d26b7513fd99b6e450a6384
ddca02caf5a9068ea6b249f96e2d27f02bef000881a34736b44a62fa1bcd27cc
e039ab01eaf649a3c46b9552b22aba9a8120ca8673f6b41f4a2679f3722d1aba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f7a58fe67b04d01e049ca1cd6604b939cd660eb2df6a2d7fa3fca4c01676b0
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ecbff32f4e513b13f557f387f508545cb6ba328c6d240bb63f04cf8336092dab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f64c8b2718ad564a32e866a7d334545beae38f1fa3c26dcb9e2f1c243d45b2bb
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e