pay.bt-platform.xyz Open in urlscan Pro
172.245.112.197  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response pay.bt-platform.xyz/	55 KB 14 KB	2198ms 746ms	Document text/html	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash ee9d262889bbd771abd8fdf665fb2088f759a047f06910d7c9c9195b13cb57a3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 20 May 2024 01:19:05 GMT server openresty vary Accept-Encoding Accept-Encoding Accept-Encoding
GET H2	200	style.css pay.bt-platform.xyz/src/css/	10 KB 2 KB	370ms 367ms	Stylesheet text/css	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/src/css/style.css Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 682d44de7ff2bb6a0f658cc9a70b0bc15d4afc4e0884b6e0980fd20b3f055869 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding gzip server openresty vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css
GET H2	200	form-style.css pay.bt-platform.xyz/src/css/	6 KB 2 KB	416ms 413ms	Stylesheet text/css	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/src/css/form-style.css Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 794a539f9ace5e39daf28b9f9257dea58c6af009c04ac6dca5a4fff412c14175 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding gzip server openresty vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css
GET H2	200	swiper-bundle.min.css cdn.jsdelivr.net/npm/swiper@11/	18 KB 5 KB	72ms 25ms	Stylesheet text/css	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f1837bc285e7622d362a67d45acde591abb8ecabe576aeaced5b0ecec66aa93e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 20 May 2024 01:19:05 GMT x-content-type-options nosniff content-encoding br age 3916 x-jsd-version 11.1.3 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 5095 x-served-by cache-fra-etou8220125-FRA x-jsd-version-type version etag W/"47ff-ecWNuC4rcVymo6yqouA7EPT8Pzg" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H3	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/	85 KB 27 KB	51ms 26ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 336447 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27446 last-modified Tue, 29 Aug 2023 04:36:11 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "64ed75bb-6b36" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ke9THNWwSeLmuW1IU2o%2FV3muCazjH%2FhiHROHtjoS%2Fj8C5GD2bSaiU2Ap8wgseAd1jb3psfN%2BgjLJOkvRaixbHoQDHrvh%2FhNtdoBxhGWCNMGafi7yDQb8%2BETmz3NbfQr1aB8GaUos5wYom8%2FZrqQF5NRl"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88687f1b38774d58-FRA expires Sat, 10 May 2025 01:19:05 GMT
GET H2	200	swiper-bundle.min.js Show response cdn.jsdelivr.net/npm/swiper@11/	147 KB 43 KB	72ms 26ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f8c752704bbae29043ef50715c618484b55501ee60dec7db7ee269aa23c5474d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 20 May 2024 01:19:05 GMT x-content-type-options nosniff content-encoding br age 5678 x-jsd-version 11.1.3 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 43731 x-served-by cache-fra-etou8220125-FRA x-jsd-version-type version etag W/"24a69-5xIT93kUdhAE61GrrqJsUoI3moI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	swiper.js Show response pay.bt-platform.xyz/src/js/	823 B 501 B	423ms 420ms	Script application/javascript	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/src/js/swiper.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash a282098eeb19000f58fabe033b994eaef3f33c47500b082122816661e1ce1f75 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding gzip server openresty vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript
GET H2	200	modalPhoneError.js Show response pay.bt-platform.xyz/src/js/	2 KB 973 B	356ms 354ms	Script application/javascript	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/src/js/modalPhoneError.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 75cb4447b96b3211d95e06a0de0a1800410be3c80885d8e03ff126f9d1e862da Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding gzip server openresty vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript
GET H2	200	main.js Show response pay.bt-platform.xyz/src/js/	2 KB 1 KB	342ms 340ms	Script application/javascript	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/src/js/main.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 28be5e12b20f742cd8aa0366f5e25b3919f041ed5ee1399f36b24ef3dd787754 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding gzip server openresty vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript
GET H3	200	intlTelInput.css cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/	24 KB 3 KB	75ms 51ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 297469 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2139 last-modified Sun, 14 Jan 2024 14:10:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65a3eb4d-85b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIGvIJTHojh3X573UUct5qi0ikBcIppe5IVcKQgv1sm4krWMoiOILWbC5LaMfI4qfsdZIW31iAYHs10bgYjsi3LYTMgkcq%2BV0f3mFMfJC70UOE0%2BUyRTWrgXVTRI4%2FGceG%2Bz%2FuJA17wyES0eTyexv8G9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88687f1b38744d58-FRA expires Sat, 10 May 2025 01:19:05 GMT
GET H3	200	intlTelInput.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/	30 KB 9 KB	73ms 50ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2059481 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 8765 last-modified Sun, 14 Jan 2024 14:10:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65a3eb4d-223d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVJL3muWVgIDgZQjjENXaet9mC7ildg8L8L4a9r%2FhuE5sTRciUtxmycSWEO8gSoq5kJe7i%2FVlZ09hUCUNiabOVoNY0qh8rFguz%2B0pRjLMoFhi3qY4ZhMhEXiNJEmFu6%2Bp1kzeZSxbWA9XFtVN3WS2qQu"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88687f1b38714d58-FRA expires Sat, 10 May 2025 01:19:05 GMT
GET H2	200	css2 fonts.googleapis.com/	11 KB 2 KB	78ms 31ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/src/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 20 May 2024 01:19:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 20 May 2024 00:44:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 May 2024 01:19:05 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	88ms 26ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 20 May 2024 01:19:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1326, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug 00MmVjTfy05eFuAencccUrSkLu9aeIUsl0yLZn9cT3407lxvnPb4mw1JiViMngARCsn4j/Zbt+HPaV6/qEQhKQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bg-1.webp pay.bt-platform.xyz/src/images/bacground/	31 KB 31 KB	459ms 459ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/bacground/bg-1.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/src/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 7b522d62499978a64f879337d7834d1aa74bd5207e5c39cd4c2c0237f40c56f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/src/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	71ms 20ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://pay.bt-platform.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 00:50:53 GMT x-content-type-options nosniff age 520092 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 May 2025 00:50:53 GMT
GET H2	200	bg-2.webp pay.bt-platform.xyz/src/images/bacground/	10 KB 10 KB	557ms 557ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/bacground/bg-2.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/src/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 7809a0340d95be9f2dfcc51acd7a31bbf0cc15406be8f6d57f54604a757f642b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/src/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	26 KB 26 KB	103ms 52ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://pay.bt-platform.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 08:08:53 GMT x-content-type-options nosniff age 493812 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26736 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 May 2025 08:08:53 GMT
GET H2	200	agricole.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	2 KB 2 KB	326ms 324ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/agricole.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 6455eef48864f06109fed9ed07a3614372da2c340757b2b4541084b663416d5e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	barclays.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	6 KB 6 KB	427ms 426ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/barclays.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 668e9e093bd6cbd8f1c429c698d979d0c97f0bf0ede6b2da9e067d4812307153 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	bnp.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	2 KB 2 KB	315ms 313ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/bnp.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 4342cd5bf62c24c5e7ecc7e38bb971b0d5310e6630bbf1e2715019ad14c5b7e4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	bpce.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	1 KB 1 KB	449ms 447ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/bpce.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 83815336d61c62d6d6ca1872a329070084c6ec91a40f3ed323fb337017fd4483 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	hsbc.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	2 KB 2 KB	448ms 446ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/hsbc.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 1e3200b81bd4003dcea1d234daaf9dbaa65eccd3c192394e67804dfdae9478d8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	intesa.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	4 KB 4 KB	428ms 426ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/intesa.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 05636ad5a3c30c14b800903109c8335f8298cc05138c2ff73d4fa4f7b25dde43 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	santander.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	3 KB 3 KB	438ms 437ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/santander.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 5f631c3e63226aa4b6c710bfcb4ccd62fcf98d20f19d648ea9167adcf74c1916 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	societe.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	2 KB 2 KB	439ms 438ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/societe.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash bc9988bc5e8d8d09c9cd1825268ed00c2aaf02783c22920c11f1ea2dc66e0995 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	deutsche.webp pay.bt-platform.xyz/src/images/slider-img/banks-img/	4 KB 4 KB	559ms 558ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/slider-img/banks-img/deutsche.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash a87962a2dca31ab46e24deb57ccac4715e4b0ba73fd86ad2bdd55cf84e7d4861 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	1.webp pay.bt-platform.xyz/src/images/img/	8 KB 8 KB	560ms 559ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/img/1.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 34add2095c5095176069dfbe0a1aa284f63ed922961c4c93a9a2cd8a7d52c978 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	2.webp pay.bt-platform.xyz/src/images/img/	32 KB 32 KB	559ms 558ms	Image image/webp	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bt-platform.xyz/src/images/img/2.webp Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 4c74f2b880d2aaf18bf8a33b2bf3e5f6e580e3d2f00b549b4239b66ee0118c57 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty vary Accept-Encoding content-type image/webp
GET H2	200	geolocation Show response getyourapi.site/api/	107 B 516 B	118ms 35ms	XHR application/json	3.122.218.248 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://getyourapi.site/api/geolocation Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-218-248.eu-central-1.compute.amazonaws.com Software openresty / Express Resource Hash e265dc0b244c63bb2dc7e0c6faed076f4ae4091a266db87f994a5dcca1962cab Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/javascript, */*; q=0.01 Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT server openresty x-powered-by Express etag W/"6b-Hfv8HWypnpbNzw8Ieb6+mFG/97U" access-control-max-age 600 access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://pay.bt-platform.xyz access-control-expose-headers content-type, authorization, x-request-id access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization content-length 107 x-request-id e11d65e4-b9dc-4c82-8ecb-af54e352b5e3
GET H2	200	454821740540446 Show response connect.facebook.net/signals/config/	56 KB 12 KB	141ms 140ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/454821740540446?v=2.9.156&r=stable&domain=pay.bt-platform.xyz&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f8981f37846e964d2007d98469c76fefb12f3c10b8c2c1a57baa5a84d592efe3 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 20 May 2024 01:19:06 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=27, rtx=0, c=59, mss=1326, tbw=63375, tp=-1, tpl=-1, uplat=118, ullat=0 pragma public x-fb-debug uaAUsd1yIIsF09L4T2Jbl6vFyvnICx8JGdZqOz2KN6OeYzS8u2rqpqfdp99NpdkSvRUCChc7Qc2hsey2J2sTeA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	flags.png cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/	66 KB 66 KB	36ms 36ms	Image image/png	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 441634 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 67119 last-modified Sun, 14 Jan 2024 14:10:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65a3eb4d-1062f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hp%2BdIsdUSI3ozliPufdVTXzinYYPCLxITPQcjUUtfa8voOOchJfKxBCXSKxEkC2Fc7JTrSU%2BPr9ibfsbtsU%2FzYrRuZkzXlGcS5dGRPWCA4ccX1t3nSHmzKFP7ekzx%2B%2BkmFzeF40HZIPHJSpgngQC4Xfz"}],"group":"cf-nel","max_age":604800} content-type image/png; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88687f1efa8a4d58-FRA expires Sat, 10 May 2025 01:19:06 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	71ms 19ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=454821740540446&ev=PageView&dl=https%3A%2F%2Fpay.bt-platform.xyz%2F&rl=&if=false&ts=1716167946188&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716167946187.943324446&ler=empty&cdl=API_unavailable&it=1716167946037&coo=false&rqm=GET Requested by Host: pay.bt-platform.xyz URL: https://pay.bt-platform.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1326, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 20 May 2024 01:19:06 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	utils.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/	244 KB 46 KB	29ms 29ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 417485 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46045 last-modified Sun, 14 Jan 2024 14:10:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65a3eb4d-b3dd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F22UdVutW4g44cJ%2Fz8M6gv09qiFRzXWBTAuset7ZdziwrtwJmdND63MjMCCn3ihqvZrb%2BwM5Y8uuY61EdtpoUDhBNskmZVPVJ%2BHWFyUNWKCKqZNCTKW76BUBK%2FECJuCEs49UL53oKNUliFFCAzguxai1"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88687f218c014d58-FRA expires Sat, 10 May 2025 01:19:06 GMT
GET H2	200	favicon.svg pay.bt-platform.xyz/	1 KB 812 B	410ms 409ms	Other image/svg+xml	172.245.112.197 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://pay.bt-platform.xyz/favicon.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-112-197-host.colocrossing.com Software openresty / Resource Hash 3e842c6c5c1e6b90343cf93f06a93f7104635a08fda5a14af3b089eda8d9b288 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://pay.bt-platform.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 01:19:06 GMT content-encoding gzip server openresty vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery function| Swiper function| createSlider function| _0x2d53 function| _0x3db0 function| handleFaqItem object| intlTelInputGlobals function| intlTelInput function| parseURLParams object| intlTelInputUtils

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bt-platform.xyz/	1970-01-20 22:52:23	Name: _fbp Value: fb.1.1716167946187.943324446

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/454821740540446?v=2.9.156&r=stable&domain=pay.bt-platform.xyz&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
pay.bt-platform.xyz
www.facebook.com
172.245.112.197
2606:4700::6811:180e
2a00:1450:4001:802::200a
2a00:1450:4001:81d::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::485
3.122.218.248
05636ad5a3c30c14b800903109c8335f8298cc05138c2ff73d4fa4f7b25dde43
1e3200b81bd4003dcea1d234daaf9dbaa65eccd3c192394e67804dfdae9478d8
28be5e12b20f742cd8aa0366f5e25b3919f041ed5ee1399f36b24ef3dd787754
34add2095c5095176069dfbe0a1aa284f63ed922961c4c93a9a2cd8a7d52c978
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e842c6c5c1e6b90343cf93f06a93f7104635a08fda5a14af3b089eda8d9b288
4342cd5bf62c24c5e7ecc7e38bb971b0d5310e6630bbf1e2715019ad14c5b7e4
4c74f2b880d2aaf18bf8a33b2bf3e5f6e580e3d2f00b549b4239b66ee0118c57
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
5f631c3e63226aa4b6c710bfcb4ccd62fcf98d20f19d648ea9167adcf74c1916
631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2
6455eef48864f06109fed9ed07a3614372da2c340757b2b4541084b663416d5e
668e9e093bd6cbd8f1c429c698d979d0c97f0bf0ede6b2da9e067d4812307153
682d44de7ff2bb6a0f658cc9a70b0bc15d4afc4e0884b6e0980fd20b3f055869
75cb4447b96b3211d95e06a0de0a1800410be3c80885d8e03ff126f9d1e862da
7809a0340d95be9f2dfcc51acd7a31bbf0cc15406be8f6d57f54604a757f642b
794a539f9ace5e39daf28b9f9257dea58c6af009c04ac6dca5a4fff412c14175
7b522d62499978a64f879337d7834d1aa74bd5207e5c39cd4c2c0237f40c56f8
83815336d61c62d6d6ca1872a329070084c6ec91a40f3ed323fb337017fd4483
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
a282098eeb19000f58fabe033b994eaef3f33c47500b082122816661e1ce1f75
a87962a2dca31ab46e24deb57ccac4715e4b0ba73fd86ad2bdd55cf84e7d4861
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
bc9988bc5e8d8d09c9cd1825268ed00c2aaf02783c22920c11f1ea2dc66e0995
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
e265dc0b244c63bb2dc7e0c6faed076f4ae4091a266db87f994a5dcca1962cab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ee9d262889bbd771abd8fdf665fb2088f759a047f06910d7c9c9195b13cb57a3
f1837bc285e7622d362a67d45acde591abb8ecabe576aeaced5b0ecec66aa93e
f8981f37846e964d2007d98469c76fefb12f3c10b8c2c1a57baa5a84d592efe3
f8c752704bbae29043ef50715c618484b55501ee60dec7db7ee269aa23c5474d
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a