btinternet-login.pagedemo.co Open in urlscan Pro
2606:4700:4400::ac40:9373  Public Scan

Submitted URL: http://btinternet-login.pagedemo.co/
Effective URL: https://btinternet-login.pagedemo.co/
Submission: On December 03 via api from NL — Scanned from NL

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2606:4700:4400::ac40:9373, located in United States and belongs to CLOUDFLARENET, US. The main domain is btinternet-login.pagedemo.co.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.
This is the only time btinternet-login.pagedemo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 2606:4700:440... 13335 (CLOUDFLAR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.36.17.181 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.67.185.227 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
18 9
Apex Domain
Subdomains
Transfer
7 fastcdn.co
g.fastcdn.co — Cisco Umbrella Rank: 59102
v.fastcdn.co — Cisco Umbrella Rank: 56766
181 KB
5 pagedemo.co
btinternet-login.pagedemo.co
9 KB
3 instapagemetrics.com
cdn.instapagemetrics.com — Cisco Umbrella Rank: 64846
ec.instapagemetrics.com — Cisco Umbrella Rank: 66954
55 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 314
8 KB
1 instapage.com
heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 60273
9 KB
18 6
Domain Requested by
5 g.fastcdn.co btinternet-login.pagedemo.co
5 btinternet-login.pagedemo.co 2 redirects btinternet-login.pagedemo.co
2 ec.instapagemetrics.com cdn.instapagemetrics.com
2 fonts.gstatic.com fonts.googleapis.com
2 v.fastcdn.co btinternet-login.pagedemo.co
1 storage.googleapis.com
1 cdn.instapagemetrics.com btinternet-login.pagedemo.co
1 heatmap-events-collector.instapage.com btinternet-login.pagedemo.co
1 fonts.googleapis.com btinternet-login.pagedemo.co
18 9

This site contains no links.

Subject Issuer Validity Valid
pagedemo.co
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
fastcdn.co
Cloudflare Inc ECC CA-3
2024-07-15 -
2024-12-31
6 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
instapage.com
WE1
2024-11-25 -
2025-02-23
3 months crt.sh
cdn.instapagemetrics.com
WR3
2024-10-10 -
2025-01-08
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
instapagemetrics.com
WE1
2024-10-26 -
2025-01-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://btinternet-login.pagedemo.co/
Frame ID: ABE4DA6974541CD7EAAED0FD17A392D3
Requests: 15 HTTP requests in this frame

Frame: https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 6FCB79AB7BC8831F17AA33938402F413
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Pageserver 404

Page URL History Show full URLs

  1. http://btinternet-login.pagedemo.co/ HTTP 307
    https://btinternet-login.pagedemo.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

89 %
HTTPS

78 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

299 kB
Transfer

469 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://btinternet-login.pagedemo.co/ HTTP 307
    https://btinternet-login.pagedemo.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Request Chain 15
  • https://btinternet-login.pagedemo.co/favicon.ico HTTP 302
  • https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
btinternet-login.pagedemo.co/
Redirect Chain
  • http://btinternet-login.pagedemo.co/
  • https://btinternet-login.pagedemo.co/
12 KB
4 KB
Document
General
Full URL
https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc158bf632b71eef63b6f219b2b9ddc2444b5342e6f033813ed7a381f3803aea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8ec3e4f77cde6657-AMS
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2024 13:27:29 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google

Redirect headers

Location
https://btinternet-login.pagedemo.co/
Non-Authoritative-Reason
HttpsUpgrades
utils.c997ba789ee31fe61b1e.js
g.fastcdn.co/js/
56 KB
19 KB
Script
General
Full URL
https://g.fastcdn.co/js/utils.c997ba789ee31fe61b1e.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f78cb0b847eb9b33ee21c6e92fbf4bf4d9fd9cc992963d5491149242d6d1b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=YL8LTw==, md5=dPgTE7ehe4pM5ZNhkI1ODw==
etag
"74f81313b7a17b8a4ce59361908d4e0f"
age
2500347
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Wed, 03 Dec 2025 13:27:29 GMT
x-goog-stored-content-length
19572
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript
last-modified
Thu, 20 Jul 2023 11:47:19 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2Xbvaef-V_deED1vnuY4g1r_9yYJsjc7XhIoSjrckfxPxCIK2JieXypAR7cDPrIzF4shq7Zcu7-A
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ec3e4f9ce94b7e8-AMS
accept-ranges
bytes
x-goog-generation
1689853639060047
content-length
19572
server
cloudflare
Cradle.c9144221d5b5d6147353.js
g.fastcdn.co/js/
15 KB
4 KB
Script
General
Full URL
https://g.fastcdn.co/js/Cradle.c9144221d5b5d6147353.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=Tt9fJA==, md5=gxMUlP0YdTfQdCoGrAeRqQ==
etag
"83131494fd187537d0742a06ac0791a9"
age
2026783
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Wed, 03 Dec 2025 13:27:29 GMT
x-goog-stored-content-length
4001
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 05 Feb 2024 07:55:51 GMT
x-guploader-uploadid
AHmUCY2BBodyHUwgwxz2iRE82Zc-JuviaGaGaGYdPw6KgyMZUZzsaYORY0mmgBzEmaCL6rlDmww
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ec3e4f9ce92b7e8-AMS
accept-ranges
bytes
x-goog-generation
1707119750961559
content-length
4001
server
cloudflare
css
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:27:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 03 Dec 2024 13:27:29 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
22221681-0-404-closed-door3x.png
v.fastcdn.co/u/7c330f31/
114 KB
114 KB
Image
General
Full URL
https://v.fastcdn.co/u/7c330f31/22221681-0-404-closed-door3x.png
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
821af22c4807e3ceab1ca12b4ab60314a6ba1901111330c64f998f75c8558485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
3
x-goog-hash
crc32c=13lG3Q==, md5=pHtTa06QtwADPZLKLQ5WvQ==
cf-bgj
imgq:85,h2pri
etag
"a47b536b4e90b700033d92ca2d0e56bd"
age
86889
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Fri, 01 Dec 2034 13:27:29 GMT
cf-polished
origFmt=png, origSize=236677
x-goog-stored-content-length
236677
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
image/webp
content-disposition
inline; filename="22221681-0-404-closed-door3x.webp"
vary
Accept
last-modified
Tue, 19 Sep 2017 19:00:02 GMT
x-guploader-uploadid
AFiumC6CSsPbB0zDWTEezLkszq5WU1-cavIiMBBaO39t98817LS0adP0iUMxO6WMaGGMiq5TS_Czfo4LkQ
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8ec3e4f9cce19725-AMS
x-goog-meta-expires
Sat, 10 Nov 2018 11:00:02 GMT
accept-ranges
bytes
x-goog-generation
1505847602647748
content-length
116512
server
cloudflare
22221741-0-logo3x.png
v.fastcdn.co/u/7c330f31/
3 KB
4 KB
Image
General
Full URL
https://v.fastcdn.co/u/7c330f31/22221741-0-logo3x.png
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd3c3281da48ec2b5967b39bcf303f8f0d1bfa54644eca50214f8c4ef76d8dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
3
x-goog-hash
crc32c=DFUPng==, md5=ydhP0C3np+LWS1xZaL7N4Q==
cf-bgj
imgq:85,h2pri
etag
"c9d84fd02de7a7e2d64b5c5968becde1"
age
639510
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Fri, 01 Dec 2034 13:27:29 GMT
cf-polished
origFmt=png, origSize=11921
x-goog-stored-content-length
11921
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
image/webp
content-disposition
inline; filename="22221741-0-logo3x.webp"
vary
Accept
last-modified
Tue, 19 Sep 2017 19:01:14 GMT
x-guploader-uploadid
AFiumC6lViFiC1-edXtzSgbN_CGo05BllU8iM4DbLTyQ4xrCiIJiu8P7NwmLO9xhiqZQt8w97LuDbyayRQ
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8ec3e4f9cce59725-AMS
x-goog-meta-expires
Sat, 10 Nov 2018 11:01:14 GMT
accept-ranges
bytes
x-goog-generation
1505847674634266
content-length
3522
server
cloudflare
LazyImage.59626ef3f961b8927cb6.js
g.fastcdn.co/js/
2 KB
1 KB
Script
General
Full URL
https://g.fastcdn.co/js/LazyImage.59626ef3f961b8927cb6.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=ZP0ifA==, md5=sK4idfXQEaxkkXCAZh5JVg==
etag
"b0ae2275f5d011ac64917080661e4956"
age
646603
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Wed, 03 Dec 2025 13:27:29 GMT
x-goog-stored-content-length
1022
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 05 Feb 2024 07:55:51 GMT
x-guploader-uploadid
AFiumC5h2IOguBcSmTzPaj0Ju2yZSl-VkwaVMr9gGvtqw0XpX3i1HFKxHD0WVYJiJ9G-WJcJzXeaGn-I9Q
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ec3e4fa2ee4b7e8-AMS
accept-ranges
bytes
x-goog-generation
1707119751575943
content-length
1022
server
cloudflare
lib.js
heatmap-events-collector.instapage.com/static/
24 KB
9 KB
Script
General
Full URL
https://heatmap-events-collector.instapage.com/static/lib.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
186
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:29:23 GMT
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 15:32:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control
public, must-revalidate, public
x-dns-prefetch-control
off
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8ec3e4fa7af966ae-AMS
x-xss-protection
0
server
cloudflare
it.js
cdn.instapagemetrics.com/t/js/3/
54 KB
54 KB
Script
General
Full URL
https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.17.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
etag
"eee931187060719ab17a352de2424e0c"
age
1638
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
55266
date
Tue, 03 Dec 2024 13:00:11 GMT
last-modified
Tue, 13 Jun 2023 11:21:34 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4PlO9cxy-m-mTssxz-ehbxHmxshthAMgok78ni5y5DsNFAWU0KhddAcyenzaOabIxNSfU
cache-control
public,max-age=3600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1686655294888925
content-length
55266
server
UploadServer
sptw.f58afe926be16f9087f6.js
g.fastcdn.co/js/
60 KB
20 KB
Script
General
Full URL
https://g.fastcdn.co/js/sptw.f58afe926be16f9087f6.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f501a1f108450d30ba92757a996b5220f3619d86629a664bd72715676928b6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=cAighg==, md5=Wy4dX108//3CQnK8nSPuEg==
etag
"5b2e1d5f5d3cfffdc24272bc9d23ee12"
age
2104680
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Wed, 03 Dec 2025 13:27:29 GMT
x-goog-stored-content-length
20077
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript
last-modified
Thu, 20 Jul 2023 11:47:18 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0k_fp7sAkTFY9DMcCJedPF8LoNzt_6f4hh-bs0x_MNxeJ3cEgKDFyjjz757FuJH_MmrktCUtxQ9Q
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ec3e4fa2ee8b7e8-AMS
accept-ranges
bytes
x-goog-generation
1689853638841632
content-length
20077
server
cloudflare
cm.js
g.fastcdn.co/js/
51 KB
18 KB
Script
General
Full URL
https://g.fastcdn.co/js/cm.js
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
etag
"8e466d98fa1f746c74b1b409d20a0cf3"
age
2190072
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Wed, 03 Dec 2025 13:27:29 GMT
x-goog-stored-content-length
17906
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 30 Jun 2022 02:12:17 GMT
x-guploader-uploadid
AHmUCY1rb5kIXxPDQeQcGaa2ybl6i_-O8H6RpeQKRHx3L18baS-l54OwyUapc0x7rr7Nie7ZJefjNq3bVQ
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ec3e4fa2ee9b7e8-AMS
accept-ranges
bytes
x-goog-generation
1656555137097208
content-length
17906
server
cloudflare
main.js
btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 6FCB
Redirect Chain
  • https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
4 KB
Script
General
Full URL
https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/
Protocol
H2
Server
2606:4700:4400::ac40:9373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1a93d550b583a263cec8b7244ac05bcae791d9f8e7700215cc4fde68c21b50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8ec3e4fba9b06657-AMS
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray
8ec3e4fa3ff26657-AMS
access-control-allow-origin
*
content-length
0
date
Tue, 03 Dec 2024 13:27:29 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://btinternet-login.pagedemo.co
Referer
https://fonts.googleapis.com/

Response headers

age
77964
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://btinternet-login.pagedemo.co
Referer
https://fonts.googleapis.com/

Response headers

age
511646
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
two
ec.instapagemetrics.com/t/ Frame
0
0
Preflight
General
Full URL
https://ec.instapagemetrics.com/t/two
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://btinternet-login.pagedemo.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://btinternet-login.pagedemo.co
access-control-max-age
5
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ec3e4fbc9490b4e-AMS
content-length
0
date
Tue, 03 Dec 2024 13:27:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gqVI1HqO3majSe3LNkUn0YsenIsKn1JVCOw8%2Fjz5mBoUZ7u%2Beq5PVaImX8HY%2BNGbDuMr4d1LbRf4%2FBN2yyM%2FBXieBtbLXGM75LgjhnG9wo64254qmoI%2FZ6GEyyajzjkZrU%2F46E4XXBaqYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=21817&min_rtt=15956&rtt_var=9561&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4440&delivery_rate=697&cwnd=12000&unsent_bytes=0&cid=297cad51c32b9ab9&ts=143&x=1" cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
sameorigin
two
ec.instapagemetrics.com/t/
2 B
804 B
XHR
General
Full URL
https://ec.instapagemetrics.com/t/two
Requested by
Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/3/it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://btinternet-login.pagedemo.co/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0H%2BcOlqE6xk79Lvh3xVp54Si2HR%2Fyfox1zZckV74ZcgnGF2pmI0ymNLiNu48Xl2eZnjEXZTCMcWs03ih0%2FYBbFPNC8aOIF5T2tPrYMVcM8ATQ0LzFMqDVOtUoSghT9oJXh0YLeW9WQxuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16407&min_rtt=14825&rtt_var=3646&sent=10&recv=11&lost=0&retrans=0&sent_bytes=2184&recv_bytes=6263&delivery_rate=692&cwnd=12000&unsent_bytes=0&cid=c0497628674bf0f1&ts=142&x=1", cfHdrFlush;dur=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
date
Tue, 03 Dec 2024 13:27:30 GMT
content-type
text/plain; charset=UTF-8
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ec3e4fccde59fb1-AMS
access-control-allow-origin
https://btinternet-login.pagedemo.co
content-length
2
server
cloudflare
favicon-64x64.ico
storage.googleapis.com/instapage-assets/favicon/
Redirect Chain
  • https://btinternet-login.pagedemo.co/favicon.ico
  • https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico
6 KB
6 KB
Other
General
Full URL
https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico
Protocol
H2
Server
2a00:1450:4001:808::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
45081fda9c0a99c2c4d82ed4914f53f265517ae082352e334035635ae8b46d4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://btinternet-login.pagedemo.co/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=tq74/g==, md5=ZF8EkJN5ti7doW9fUgZnKw==
etag
"645f04909379b62edda16f5f5206672b"
age
3234
x-goog-stored-content-encoding
identity
expires
Tue, 03 Dec 2024 13:33:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5694
date
Tue, 03 Dec 2024 12:33:36 GMT
last-modified
Tue, 07 Mar 2023 10:55:53 GMT
content-type
image/x-icon
x-guploader-uploadid
AFiumC59EgZwIl9S9Po89LfrSXvFMnZzh_CMYUVNCmFuw5S6_swYQX-_Mp4Oy8uu2vBPbvUys_A3bKX1ug
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1678186553210949
content-length
5694
content-language
en
server
UploadServer

Redirect headers

cache-control
public, max-age=14400
location
https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico
cf-cache-status
MISS
via
1.1 google
cf-ray
8ec3e4fba9b16657-AMS
expires
Tue, 03 Dec 2024 17:27:30 GMT
access-control-allow-origin
*
content-length
95
date
Tue, 03 Dec 2024 13:27:30 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
server
cloudflare
8ec3e4f77cde6657
btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6FCB
0
609 B
XHR
General
Full URL
https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/h/b/jsd/r/8ec3e4f77cde6657
Requested by
Host: btinternet-login.pagedemo.co
URL: https://btinternet-login.pagedemo.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8ec3e4fc1a186657-AMS
content-length
0
date
Tue, 03 Dec 2024 13:27:29 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| _instapageConsentManagement object| webpackChunk object| __config number| __workspaceWidth object| __session object| __eventBus boolean| __cradleReady object| __featuresReady object| unknown object| _htmp object| _snowplowTrackerWrapper

5 Cookies

Domain/Path Name / Value
.pagedemo.co/ Name: __cf_bm
Value: 2YQTz5G0H.YS8ttjEUiOvjawclsYh8jgS2RwrSgRgyw-1733232449-1.0.1.1-89Gjd4lik3TTGnn25zgJkbPaL4quC3U3JieDpzr2KDLdXhIvcS.mlsmmEVrjBOaob8bfF8W8KoMS5_7RrXyoFg
.instapage.com/ Name: __cf_bm
Value: Z9jw2pJKOb4v6edcC8Z8ZVsg6De6OfJJlc.c.sEnLaQ-1733232449-1.0.1.1-RBz.UdnCWhesS1CH_cdDY8itN1YCe.4sEFJ6EAbFc8zTD1THbdr5tLqBwoKEv5cmmD7L3af7lNMn7SpJ3B_Q.g
btinternet-login.pagedemo.co/ Name: instap-spses.6412
Value: *
btinternet-login.pagedemo.co/ Name: instap-spid.6412
Value: 571df2d0-11bd-46bf-91e0-d13839e71602.1733232450.1.1733232450.1733232450.6c3e7811-cc0b-48ce-867a-c23725fb6d30
.pagedemo.co/ Name: cf_clearance
Value: 1sjDhiVHLpIi8aJiNTg3JW.672goNriE4S4RWvTcBMI-1733232449-1.2.1.1-zjbZdaKQHY30NjsOcECbVDbnm.afOY8HywLOK8XyYoicWTmWewKig9JGH4aMUAaWD0F1fR4a3AmeXgcwINt1TF9Jvg8EEogtVD8vqsviTsPoeyd8t37kXfKyPqXkVedalNzdtydmGFW_huMdJkvHXMV8BAGd3lRgrg0TJ_iOGs3vqMW0SFTbYFj0IIAliOriibkeiBv10OiGoSk0H3FEf7fICc8rOQBaxWUs8Zv4xQKEp.sHPdZJgbT4Dqw6BH7RGrr2PH21r44rH4hcIIUsBA.7QW9r7sf0k7gCnp0FyOMCZYIrRlQp9YeXP6NZAgShyISzh2q_c0BLK6zrlxDtalarruveeURkPQa7Zv0KQbi303ArpCXEsEIV3OGkFvt9

1 Console Messages

Source Level URL
Text
network error URL: https://btinternet-login.pagedemo.co/
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btinternet-login.pagedemo.co
cdn.instapagemetrics.com
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
heatmap-events-collector.instapage.com
storage.googleapis.com
v.fastcdn.co
172.67.185.227
2606:4700:4400::6812:2505
2606:4700:4400::6812:29da
2606:4700:4400::ac40:9226
2606:4700:4400::ac40:9373
2a00:1450:4001:808::201b
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
34.36.17.181
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2f501a1f108450d30ba92757a996b5220f3619d86629a664bd72715676928b6f
45081fda9c0a99c2c4d82ed4914f53f265517ae082352e334035635ae8b46d4d
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
821af22c4807e3ceab1ca12b4ab60314a6ba1901111330c64f998f75c8558485
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
bdd3c3281da48ec2b5967b39bcf303f8f0d1bfa54644eca50214f8c4ef76d8dd
cc158bf632b71eef63b6f219b2b9ddc2444b5342e6f033813ed7a381f3803aea
d3f78cb0b847eb9b33ee21c6e92fbf4bf4d9fd9cc992963d5491149242d6d1b6
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b
fa1a93d550b583a263cec8b7244ac05bcae791d9f8e7700215cc4fde68c21b50