now.bt.co Open in urlscan Pro
65.9.67.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Submission: On May 26 via manual (May 26th 2021, 10:35:30 pm UTC) from AE

Summary HTTP 54 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 54 HTTP transactions. The main IP is 65.9.67.46, located in United States and belongs to AMAZON-02, US. The main domain is now.bt.co.
TLS certificate: Issued by Amazon on June 28th 2020. Valid for: a year.

This is the only time now.bt.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	65.9.67.46 65.9.67.46	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:303... 2606:4700:3032::6815:1b1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.11.54 52.217.11.54	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 3	13.226.159.116 13.226.159.116	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:6000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.22.130.173 23.22.130.173	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	23.21.92.252 23.21.92.252	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.94.180.128 185.94.180.128	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2.18.232.234 2.18.232.234	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.83.6.65 54.83.6.65	14618 (AMAZON-AES) (AMAZON-AES)
1	52.23.15.172 52.23.15.172	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
5	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
54	22

5 65.9.67.46 (United States)

ASN16509 (AMAZON-02, US)

now.bt.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3032::6815:1b1f (United States)

ASN13335 (CLOUDFLARENET, US)

production-assets.bundle.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.bundle.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2.bundle.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.11.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.159.116 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-116.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.130.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-130-173.compute-1.amazonaws.com

bundle-geoip.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.21.92.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-92-252.compute-1.amazonaws.com

i-200-b-0-0-5-content-bundles-bench.utorrent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.128 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

js.spotx.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-234.deploy.static.akamaitechnologies.com

aka.spotxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.6.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-6-65.compute-1.amazonaws.com

content-bundles-analytics.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.15.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-15-172.compute-1.amazonaws.com

content-bundles-url-shortener.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bundle.media production-assets.bundle.media img1.bundle.media img2.bundle.media	522 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
5	facebook.com www.facebook.com	148 KB
5	bt.co now.bt.co	59 KB
4	herokuapp.com bundle-geoip.herokuapp.com content-bundles-analytics.herokuapp.com content-bundles-url-shortener.herokuapp.com	549 B
3	gstatic.com fonts.gstatic.com	44 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	facebook.net connect.facebook.net	66 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	utorrent.com i-200-b-0-0-5-content-bundles-bench.utorrent.com	458 B
2	google-analytics.com www.google-analytics.com	20 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	spotxcdn.com aka.spotxcdn.com	200 KB
1	spotx.tv 1 redirects js.spotx.tv	589 B
1	quantcount.com rules.quantcount.com	429 B
1	amazonaws.com s3.amazonaws.com
1	crazyegg.com script.crazyegg.com
1	googleapis.com fonts.googleapis.com	1 KB
54	19

	Domain	Requested by
8	production-assets.bundle.media	now.bt.co production-assets.bundle.media
5	www.facebook.com	now.bt.co connect.facebook.net www.facebook.com
5	now.bt.co	now.bt.co
4	platform.twitter.com	production-assets.bundle.media platform.twitter.com
3	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects now.bt.co
2	syndication.twitter.com	platform.twitter.com
2	connect.facebook.net	production-assets.bundle.media connect.facebook.net
2	bam-cell.nr-data.net	js-agent.newrelic.com now.bt.co
2	img2.bundle.media	now.bt.co
2	img1.bundle.media	now.bt.co
2	content-bundles-analytics.herokuapp.com	now.bt.co
2	i-200-b-0-0-5-content-bundles-bench.utorrent.com	production-assets.bundle.media
2	www.google-analytics.com	production-assets.bundle.media www.google-analytics.com
1	js-agent.newrelic.com	now.bt.co
1	content-bundles-url-shortener.herokuapp.com	now.bt.co
1	aka.spotxcdn.com	now.bt.co
1	js.spotx.tv	1 redirects
1	bundle-geoip.herokuapp.com	now.bt.co
1	pixel.quantserve.com	now.bt.co
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	now.bt.co
1	s3.amazonaws.com	now.bt.co
1	script.crazyegg.com	now.bt.co
1	fonts.googleapis.com	now.bt.co
54	25

This site contains links to these domains. Also see Links.

Domain
www.bittorrent.com
blog.bundle.media

Subject Issuer	Validity	Valid
now.bt.co Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
bundle.media Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2020-06-15` - `2021-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.b-0.ad.bench.utorrent.com Amazon	`2020-08-14` - `2021-09-13`	a year	crt.sh
cdn.spotxcdn.com GeoTrust RSA CA 2018	`2020-05-21` - `2021-06-20`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Frame ID: CB657596D27DF1F590ADF6902D9C974D
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fnow.bt.co
Frame ID: E3D7D8247943CEAC6AEB37776F4CFDE1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: B71FA452B7DE91781CA8F409825E371B
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 4C88ECE6C68099D64D1528BBA925E3D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

54
Requests

94 %
HTTPS

45 %
IPv6

19
Domains

25
Subdomains

22
IPs

3
Countries

1234 kB
Transfer

3593 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bittorrent.com/legal/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: http://blog.bundle.media/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.bittorrent.com/btt/?utm_source=btnow-top-nav
Title: TOKEN

Search URL Search Domain Scan URL

URL: http://www.bittorrent.com/downloads
Title: Get BitTorrent

Search URL Search Domain Scan URL

URL: http://www.bittorrent.com/legal/copyright
Title: DMCA Notice

Search URL Search Domain Scan URL

URL: https://www.bittorrent.com/legal/privacy
Title: Click here.

Search URL Search Domain Scan URL

URL: http://www.bittorrent.com/legal/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://sb.scorecardresearch.com/b?c1=2&c2=17330952&ns__t=1622068511808&ns_c=UTF-8&cv=3.5&c8=YAFEE%20AUDIOS%20-%20JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS&c7=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=17330952&ns__t=1622068511808&ns_c=UTF-8&cv=3.5&c8=YAFEE%20AUDIOS%20-%20JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS&c7=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&c9=

Request Chain 23

https://js.spotx.tv/directsdk/v1/152532.js HTTP 307
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e Show response
now.bt.co/bundles/ 31 KB
12 KB 101ms
35ms Document
text/html 65.9.67.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: f8baab6b878683c68e42fd79f7502978f7276ae6af869a2c77409a908ac0f2d8

Request headers

:method: GET
:authority: now.bt.co
:scheme: https
:path: /bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: Cowboy
access-control-allow-credentials: true
cache-control: public, max-age=300
etag: W/"7cd5-ZR34zVa1OnYLTLn5srIJ1w"
content-encoding: gzip
date: Wed, 26 May 2021 22:34:57 GMT
via: 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 8R9H5z4H-AmxcdmsjcJIVDzyRtmJrrKJ5aluRZ-rLG1-i4VHfJcdpw==
age: 14

GET
H2 200 public.a316ff4d7a1602fc58a9332344e3786e.gz.css
production-assets.bundle.media/stylesheets/ 177 KB
32 KB 49ms
21ms Stylesheet
text/css 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8d2adda95f1fece42444c05b2731ebafd0cb6d858a17331247cde87fede76f

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 f08d6273dc5cb518c4c1c81c2bc6d723.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3808540
cf-polished: origSize=182083
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4c6a5bb900004a855921a000000001
last-modified: Thu, 14 May 2020 22:04:42 GMT
server: cloudflare
etag: W/"8e3969a6474bf3c2d374b9811d17948a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iJ2ClKA3dz9HWKg0SO4wqBTl1VNwiwFIlIT5iXmlbXUQgGOHxpX6B4qSR8cDhExiDhJXUWCpL%2B3bq%2FJOVkXokStLs%2BtXE1ZDWy%2FJhSDXcGuSxC%2FyG%2BDF11km0fYHfq6RRmHXnbKXMd0WtTYCiWs5Q3kozjvzrqW2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: LHR62-C5
cf-ray: 655a79a5fa7d4a85-FRA
x-amz-cf-id: 99I7uJnrkmJiTsMxFo2WToGoEWEtDNaMA0yPzqef6-t6sASgQmw3Bg==
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 33ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfcb0ec300dea884d31445998d9e2893ba8e42fbe8673d9e04dd0eb8ab2d4ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 21:49:19 GMT
server: ESF
date: Wed, 26 May 2021 22:35:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 22:35:11 GMT

GET
H2 200 modernizr.825b5ae4edf9e6196b2a7f6e11a0f0bb.gz.js Show response
production-assets.bundle.media/vendor/ 13 KB
6 KB 43ms
16ms Script
application/javascript 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://production-assets.bundle.media/vendor/modernizr.825b5ae4edf9e6196b2a7f6e11a0f0bb.gz.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c639c5c29215a52554b838861142fa0a0737e4149774f338ef758ffc20856a

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 fb46cc113baf9ab401b947e7b40efb21.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3317449
cf-polished: origSize=13423
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4c6a5bb900004a855b9e9000000001
last-modified: Thu, 14 May 2020 22:04:42 GMT
server: cloudflare
etag: W/"09d0285c781d4118552dd05c624d7b96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lY%2FaALYXNe3oKuF4tb0MJkJ0M5KUCHcgleTiqCueabhP1mHQsOb%2Fml1yy33H9sm%2F7dZWdEPw9124XHg2W95Op6CIYxmjW0NK03jX1YqmYAmqARXqT7xV%2BA0LLSYTRgUWgj4aFZD5RnNNmKb94HDzBFM%2BCmuvloVx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: LHR62-C1
cf-ray: 655a79a5fa814a85-FRA
x-amz-cf-id: 0HaTieCu-ApSBsGRH4gvvACPKxj3CzpLQnCl7C1HUQclEdlC3Heq-Q==
cf-bgj: minify

GET
H2 410 8965.js
script.crazyegg.com/pages/scripts/0011/ 0
0 29ms
14ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0011/8965.js?450574
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
cf-cache-status: HIT
last-modified: Wed, 26 May 2021 14:27:10 GMT
server: cloudflare
age: 29281
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 655a79a6284805f9-FRA
content-length: 0
cf-request-id: 0a4c6a5bda000005f9a63d7000000001

GET
H/1.1 403
Forbidden aDT.js
s3.amazonaws.com/ki.js/49207/ 0
0 484ms
127ms Script
application/xml 52.217.11.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/49207/aDT.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.11.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 25ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 02 Jun 2021 22:35:11 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 98ms
31ms Script
application/javascript 13.226.159.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-116.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:06:45 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: BL6zU40Z_R2KxROm6AW6fKqNg_SzFtOiivj_fVt6mDPdMqyMUReWbA==

GET
H3-29 200 public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js
production-assets.bundle.media/javascripts/public/ 26 KB
26 KB 55ms
34ms Image
application/javascript 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2913178
cf-polished: origSize=961816
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4c6a5bf100004e929b214000000001
last-modified: Thu, 14 May 2020 22:04:42 GMT
server: cloudflare
etag: W/"bb831a53d8640a257772af39bed53d2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gz5iItUWLfan8Ioz7l9DFCfvMjhezdXb910fAVTnlImO7s7DCDCHfRS2Ji%2FhmXJv3ZXNkSv8hAJQGg%2Bf%2BYwI1%2FdhdZeS98i6Np5qOkL2qh%2BDg7ARouAtHh8Sl%2BiChrcLM7sBehKL81lFhdCyuxIgHUVrGjP65T7c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
cf-ray: 655a79a64b9e4e92-FRA
x-amz-cf-id: LVl-X6EHvpqJTiBR6yYpRByYBoMazH39UFQCtyvGPzSe0N7vQjGVSA==
cf-bgj: minify

GET
H3-29 200 bundle-logo-large.b049e3f1e4aa142045d83cced5c97560.png
production-assets.bundle.media/img/ 1 KB
2 KB 39ms
18ms Image
image/png 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production-assets.bundle.media/img/bundle-logo-large.b049e3f1e4aa142045d83cced5c97560.png
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fd434a4da14d91371e4b94270988d93cd0bf3e070b1419923006f2e75217c1

Request headers

Referer: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3254425
x-cache: Hit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1340
cf-request-id: 0a4c6a5bf000004e92722d6000000001
last-modified: Thu, 14 May 2020 22:04:41 GMT
server: cloudflare
etag: "b049e3f1e4aa142045d83cced5c97560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ev6NmvkIIE4MjpzCbqSRgArFiTyDPF5O8PmMa2hBEVR6K4waTL4SIUzP1z447PH%2FxWYYvYcYFhlTc4f9ZrEa3gVVcdBwU3oUOflbACF3v0%2FQPbZ65y1bPoYVAF1IEOMVYr%2F%2BBUpuY1BKpiI3xj6%2FiAvS58J9V7uR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 655a79a64b9b4e92-FRA
x-amz-cf-id: Ka6nuBZlAJu-DNPJGemlx8UNB_-JkL9ff5QQWYA3mEKvbxRK6WC4fg==

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://now.bt.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:35:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
age: 89953
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
expires: Wed, 25 May 2022 21:35:58 GMT

GET
H2 200 rules-p-zddNYNtUkUhdQ.js Show response
rules.quantcount.com/ 3 B
429 B 24ms
7ms Script
application/javascript 2600:9000:211e:6000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-zddNYNtUkUhdQ.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 00:34:39 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
age: 79233
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:25:56 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: h1XTY7ryfvSRtZ8Rk_pC3eOzMiCZIjAQ5l1CRE4CSdVRe4d2pv8a4w==

GET
H2 200 pixel;r=2147074499;rf=0;a=p-zddNYNtUkUhdQ;url=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e;uht=2;fpan=1;fpa=P0-247074612-1622068511762;pbcn=u...
pixel.quantserve.com/ 35 B
371 B 12ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2147074499;rf=0;a=p-zddNYNtUkUhdQ;url=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e;uht=2;fpan=1;fpa=P0-247074612-1622068511762;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=bt.co;je=0;sr=1600x1200x24;dst=1;et=1622068511762;tzo=-120;ogl=url.http%3A%2F%2Fnow%252Ebt%252Eco%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b6%2Ctype.website%2Ctitle.YAFEE%20AUDIOS%20-%20JANAB%20E%252EM%252EHANIFFA%20ISLAMIC%20MP3%20SONGS%2Cdescription.%2Cimage.https%3A%2F%2Fimg4%252Ebundle%252Emedia%2Fbittorrent%2Fimage%2Fupload%2Ff_jpg%252Cw_400%252Cq_70%2Fcontent-bundl

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 22:35:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js Show response
production-assets.bundle.media/javascripts/public/ 939 KB
247 KB 35ms
35ms Script
application/javascript 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/vendor/modernizr.825b5ae4edf9e6196b2a7f6e11a0f0bb.gz.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b5c67c37b6725396b5d7ec80923f7b7137169e9933ee9a1e1d402ddcb7fd84

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2913178
cf-polished: origSize=961816
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4c6a5c1600004e92cf936000000001
last-modified: Thu, 14 May 2020 22:04:42 GMT
server: cloudflare
etag: W/"bb831a53d8640a257772af39bed53d2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=znNbg5O7BugVs01HgA%2BM5uTAQKZgax0lcpImv4FAefz87%2FGV1p%2BBWu0zyE%2Bk5D8xNq74zkNs9x0%2FQm%2B0f3D35Q45asRGYvfeeSyh2Zfovc1LoE27zJkvuT%2Bhxw9bKVtQiC8ujELtZKWWsGZcqGDWAqC5O6fCUBZB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
cf-ray: 655a79a68c024e92-FRA
x-amz-cf-id: LVl-X6EHvpqJTiBR6yYpRByYBoMazH39UFQCtyvGPzSe0N7vQjGVSA==
cf-bgj: minify

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=17330952&ns__t=1622068511808&ns_c=UTF-8&cv=3.5&c8=YAFEE%20AUDIOS%20-%20JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS&c7=https%3A%2F%2Fnow.bt.co%2Fbundles%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=17330952&ns__t=1622068511808&ns_c=UTF-8&cv=3.5&c8=YAFEE%20AUDIOS%20-%20JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS&c7=https%3A%2F%2Fnow.bt.co%2Fbundles%2...

64 B
330 B

41ms
40ms

Image
image/gif

13.226.159.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=17330952&ns__t=1622068511808&ns_c=UTF-8&cv=3.5&c8=YAFEE%20AUDIOS%20-%20JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS&c7=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&c9=
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-116.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 26YaN8zfmNrm1lVid477JQdIcDATWRlAEMGGMsyUrJiiPfjqd5z8mQ==

Redirect headers

date: Wed, 26 May 2021 22:35:11 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=17330952&ns__t=1622068511808&ns_c=UTF-8&cv=3.5&c8=YAFEE%20AUDIOS%20-%20JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS&c7=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&c9=
content-length: 288
x-amz-cf-id: LlHW455_Jp00fqXF8hLJrsYkdE0SKVp36zZEnBXhKIjm2ckaJIAKpA==

GET
H/1.1 200
OK / Show response
bundle-geoip.herokuapp.com/ 4 B
278 B 607ms
245ms XHR
application/json 23.22.130.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bundle-geoip.herokuapp.com/
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.130.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-130-173.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:12 GMT
Via: 1.1 vegur
Etag: W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
Server: Cowboy
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 4

GET
H2 200 translation.json Show response
now.bt.co/locales/en/ 4 KB
2 KB 31ms
30ms XHR
application/json 65.9.67.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.bt.co/locales/en/translation.json
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 84272e462b34fa0af11036020d32ea348efee19fc9b7b941a3bfe07a826bd49d

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: __qca=P0-247074612-1622068511762; i18next=en
:path: /locales/en/translation.json
pragma: no-cache
x-newrelic-id: UQcPWFdWGwACU1dSAQc=
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: now.bt.co
referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQcPWFdWGwACU1dSAQc=
X-Requested-With: XMLHttpRequest
Referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 14:49:43 GMT
content-encoding: gzip
age: 16357528
x-cache: Hit from cloudfront
last-modified: Thu, 14 May 2020 21:59:40 GMT
x-newrelic-app-data: PxQCUF5aCQYTV1NVAQEBUEYdFHYaFhEHQxFSERd/cWYcShtNAU8DUlAaB09WUg0AAFVRWgIdGldIEwICVlBXVlMHW1YLCQQKEUlfAF0SVj8=
server: Cowboy
etag: W/"1110-172153340e0"
vary: Accept-Encoding
content-type: application/json
via: 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: drs2O4Hi6W7rrCXa9mBdjIh9lUtZ1AjAuZsuDbcEhCmJBRgWhqMQMQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 500
date: Wed, 26 May 2021 22:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 27 May 2021 00:26:52 GMT

GET
H3-29 200 bt_now_logo_blue.a8e1acdba802309dcdafafd64927d966.png
production-assets.bundle.media/img/ 8 KB
9 KB 11ms
11ms Image
image/png 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production-assets.bundle.media/img/bt_now_logo_blue.a8e1acdba802309dcdafafd64927d966.png
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fde8f80762c44177d77aaacd9ce91723b1f5e55547c05432406492c093d9c8c

Request headers

Referer: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2913179
x-cache: Hit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8475
cf-request-id: 0a4c6a5d0200004e92579a0000000001
last-modified: Thu, 14 May 2020 22:04:41 GMT
server: cloudflare
etag: "a8e1acdba802309dcdafafd64927d966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dw9IVrTFfOTGlU%2Bi%2BU%2Fkfnvh3qiphfVXiv%2FRvHMAKk%2FXlAeXmVhnQBhWledGnh6d91QmsuDpHUhkDpG2MS1XOygRFmHSB8fHFszaMXIcpcKVScMSvMtuR%2B%2F4ByK2A%2FudZdt9p1otkh0jZkr%2BsP2VYkk%2BIGTAsYeN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 655a79a80e574e92-FRA
x-amz-cf-id: cM70QT47rYPUqVLAvCm8q3RAJOvJ-qojTSagZ-7GMlMbybG5r1v-gA==

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://now.bt.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 90172
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:20 GMT

GET
H3-29 200 public.a316ff4d7a1602fc58a9332344e3786e.gz.css
production-assets.bundle.media/stylesheets/ 177 KB
32 KB 28ms
17ms Font
text/css 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8d2adda95f1fece42444c05b2731ebafd0cb6d858a17331247cde87fede76f

Request headers

Origin: https://now.bt.co
Referer: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2913099
cf-polished: origSize=182083
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4c6a5d0e00004e13342d1000000001
last-modified: Thu, 14 May 2020 22:04:42 GMT
server: cloudflare
etag: W/"8e3969a6474bf3c2d374b9811d17948a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N%2B5OilhQCdNa0fnRIoebDcYcEpbWsStLqqPE5MPg00W%2FCajEtEphcn9Cef3c6alTx4UkFt3IyF3GxkBavgiSkiIEuqeJKcASPgf1KqF769%2FwbBWeOEedtIMt3poSkdTwft3pxvyi1Yf%2FZCIreP1kTIEqg2rp42cS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
cf-ray: 655a79a81b544e13-FRA
x-amz-cf-id: Am8swjQ9uQgQ3qGUJj7ZyKF3wDkowkPu9GQNGuFPUaq9g86eHXZNZQ==
cf-bgj: minify

GET
H2 200 9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e Show response
now.bt.co/api/v1/bundles/ 112 KB
8 KB 36ms
36ms XHR
application/json 65.9.67.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.bt.co/api/v1/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 40775250e2a49920d8137a5d3d5e20d16422d14e814ec74382d74d3c15ff73bd

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: __qca=P0-247074612-1622068511762; i18next=en
:path: /api/v1/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
pragma: no-cache
x-newrelic-id: UQcPWFdWGwACU1dSAQc=
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: now.bt.co
referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQcPWFdWGwACU1dSAQc=
X-Requested-With: XMLHttpRequest
Referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:00 GMT
content-encoding: gzip
x-newrelic-app-data: PxQCUF5aCQYTV1NVAQEBUEYdFHYaFhEHQxFSERd/cWYcShtNAU8DUlYaB09WUAsLAVBXWgQBB1ZUAQYDUlNPTwFOGlFbWgQLBl1fBQUFAgdSFBsHBw9LVm0=
server: Cowboy
age: 12
etag: W/"1beed-xrRrFHnpkhbXMWX/tbqbqw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: public, max-age=300
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: _NNyZI4sA0lzv6fiTMiNqr_ed_JJLAsTpKCjLEQu7QOVghHECef1QA==

GET
H/1.1 200
OK e Show response
i-200-b-0-0-5-content-bundles-bench.utorrent.com/ 63 B
229 B 629ms
119ms Script
text/html 23.21.92.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i-200-b-0-0-5-content-bundles-bench.utorrent.com/e?callback=jQuery35007593107376703534_1622068511855&i=ContentBundles&e=eyJzZXF1ZW5jZUlEIjoxLCJ1bmlxdWVJRCI6ImFhYTgxNzc4LTBlM2YtNGQwZi1hYjBjLWNhNWRkY2FiMDZkMSIsInNzYiI6MCwiZXZlbnROYW1lIjoiQ29udGVudEJ1bmRsZXMiLCJjYXRlZ29yeSI6IiIsImFjdGlvbiI6InBhZ2V2aWV3IiwibGFiZWwiOiJidW5kbGVzLzkzOTJmZTdiNDJhNjA5YTJlZTE1ZThjOWJhZWZiYzFhM2I5MzA5ZWUxMTFhNDM4ZGI0YzAyYjY5ODA0YzU5MWUifQ%3D%3D&_=1622068511856
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.92.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-92-252.compute-1.amazonaws.com
Software: nginx / PHP/5.4.30
Resource Hash: 00202e5a13c3c37689d862e105c28ce1396e2898c88a7a770ee7b02d097b8393

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:12 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.30
Content-Length: 63
Content-Type: text/html

GET
H2 200 close_grey.f439f78ac7e4b9810840477b859bff35.png
now.bt.co/bundles/img/ 31 KB
31 KB 41ms
41ms Image
text/html 65.9.67.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.bt.co/bundles/img/close_grey.f439f78ac7e4b9810840477b859bff35.png
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /bundles/img/close_grey.f439f78ac7e4b9810840477b859bff35.png
pragma: no-cache
cookie: __qca=P0-247074612-1622068511762; i18next=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: now.bt.co
referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:00 GMT
via: 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server: Cowboy
age: 12
etag: W/"7d1e-3ZdxRwL4vXkXS/7iqM2jtg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
cache-control: public, max-age=300
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: X0-RysEEzwhmD2-D5ERVjgN5Y7TBUUrAaQAg_EhevC49ZU1RF5aOuw==

GET
H/1.1

200
OK

directsdk.js Show response
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain

https://js.spotx.tv/directsdk/v1/152532.js
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js

521 KB
200 KB

106ms
35ms

Script
text/javascript

2.18.232.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 70af40e7464e3e72e59f9bd786732aba8abf20c7a8cb62192a168de617c069b0

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 22:39:21 UTC
Server: nginx
Access-Control-Allow-Headers
ETag: 28d1d4acae1660399ce826f0d9e53ce6
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=40
Connection: keep-alive
Timing-Allow-Origin: *
X-SpotX-Build-Version: 1.46.0-20210520.2223
Content-Length: 203930

Redirect headers

Pragma: no-cache
Date: Wed, 26 May 2021 22:35:12 GMT
Last-Modified: Wed, 26 May 2021 22:35:12 UTC
Server: nginx
Location: //aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 32
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
761 B 15ms
14ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 21:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3588
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Wed, 26 May 2021 22:35:24 GMT

GET
H3-29 200 fontawesome-webfont.d9ee23d59d0e0e727b51368b458a0bff.woff
production-assets.bundle.media/components/font-awesome-stylus/fonts/ 70 KB
71 KB 12ms
12ms Font
application/font-woff 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://production-assets.bundle.media/components/font-awesome-stylus/fonts/fontawesome-webfont.d9ee23d59d0e0e727b51368b458a0bff.woff?v=4.3.0
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Request headers

Origin: https://now.bt.co
Referer: https://production-assets.bundle.media/stylesheets/public.a316ff4d7a1602fc58a9332344e3786e.gz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2963970
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4c6a5d3a00004e131d143000000001
last-modified: Thu, 14 May 2020 22:04:41 GMT
server: cloudflare
etag: W/"d9ee23d59d0e0e727b51368b458a0bff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rGNFqPpne%2BXtY6wNUhFPs7ohpXqf0IMj%2F%2BgPYLe1yauFjVsj6xEX6WdfVeCHntqhchPKkdMyhzk66yo8hv0skB3HURWmsnHwo%2BZpnlQF2ImXaaPg3fgNaDNVENqk1y%2BUo0saPd6QDipMM22wHV7kAXa6rBAFjoXe"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
cf-ray: 655a79a85bd74e13-FRA
x-amz-cf-id: XE_i-Sh95tKYmp4xyQ5rzoO6F8G4axwTg1eEjH_s2rtuBWaG81QRNA==

OPTIONS
H/1.1 200
OK /
content-bundles-analytics.herokuapp.com/ Frame 0
0 809ms
443ms Preflight
text/html 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-bundles-analytics.herokuapp.com/
Protocol: HTTP/1.1
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://now.bt.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type
Allow: POST
Content-Type: text/html; charset=utf-8
Content-Length: 4
Etag: W/"4-6c1f8139"
Date: Wed, 26 May 2021 22:35:12 GMT
Via: 1.1 vegur

GET
H/1.1 200
OK e Show response
i-200-b-0-0-5-content-bundles-bench.utorrent.com/ 63 B
229 B 508ms
123ms Script
text/html 23.21.92.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i-200-b-0-0-5-content-bundles-bench.utorrent.com/e?callback=jQuery35007593107376703534_1622068511857&i=ContentBundles&e=eyJzZXF1ZW5jZUlEIjoyLCJ1bmlxdWVJRCI6ImFhYTgxNzc4LTBlM2YtNGQwZi1hYjBjLWNhNWRkY2FiMDZkMSIsInNzYiI6MCwiZXZlbnROYW1lIjoiQ29udGVudEJ1bmRsZXMiLCJhY3Rpb24iOiJXZWJfUGFnZVZpZXctU3VjY2VlZCIsImxhYmVsIjoiUHVibGljR2F0ZVBhZ2UiLCJjYXRlZ29yeSI6IjkzOTJmZTdiNDJhNjA5YTJlZTE1ZThjOWJhZWZiYzFhM2I5MzA5ZWUxMTFhNDM4ZGI0YzAyYjY5ODA0YzU5MWUiLCJ2YWx1ZSI6MH0%3D&_=1622068511858
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.92.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-92-252.compute-1.amazonaws.com
Software: nginx / PHP/5.4.30
Resource Hash: 073453b6ef1d2ac295d5fb2aa0e4f8b3f1699bc8bd3f4d158c5f68e67d171a43

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:12 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.30
Content-Length: 63
Content-Type: text/html

POST
H/1.1 200
OK / Show response
content-bundles-analytics.herokuapp.com/ 0
271 B 124ms
124ms XHR
text/plain 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-bundles-analytics.herokuapp.com/
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 26 May 2021 22:35:13 GMT
Via: 1.1 vegur
Server: Cowboy
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 play-button.b2579dc0b8f3e62f1a204bfa79a4b481.png
now.bt.co/img/ 5 KB
6 KB 30ms
30ms Image
image/png 65.9.67.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.bt.co/img/play-button.b2579dc0b8f3e62f1a204bfa79a4b481.png
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 8d22242d899b103a1607d766510b9c7a8affa600d120bbe3df4b787f13a8460f

Request headers

:path: /img/play-button.b2579dc0b8f3e62f1a204bfa79a4b481.png
pragma: no-cache
cookie: __qca=P0-247074612-1622068511762; i18next=en; _ga=GA1.3.1497545724.1622068512; _gid=GA1.3.1723484640.1622068512
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: now.bt.co
referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 04:07:25 GMT
via: 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Thu, 14 May 2020 22:04:38 GMT
server: Cowboy
age: 16396067
etag: W/"1519-1721537ccf0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5401
x-amz-cf-id: xd8Nn7Ie4Sv_JmcTpsNhJGB8Ya2F5AjlUOfiTeSlTEyXkTvrHHezpw==

GET
H2 200 odnHues2_cover.jpg
img1.bundle.media/bittorrent/image/upload/f_jpg,w_170,c_scale,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e/ 8 KB
8 KB 24ms
15ms Image
image/jpeg 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.bundle.media/bittorrent/image/upload/f_jpg,w_170,c_scale,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e/odnHues2_cover.jpg

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c79c83a108f8e3a9f961624c155c0c3cc71b373902a881ff6c5b99110933f192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 72260
x-cache: Miss from cloudfront
server-timing: fastly;dur=196;cpu=0;start=2021-05-26T02:30:52.364Z;desc=miss,rtt;dur=1,cloudinary;dur=107;start=2021-05-26T02:30:52.409Z
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7891
cf-request-id: 0a4c6a5d9900004a853a959000000001
timing-allow-origin: *
last-modified: Thu, 21 Jan 2016 12:02:56 GMT
server: cloudflare
etag: "d98a8b272de19aaa28901055766140c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iJItULnINYs61tSzS5T%2Fv9%2Bk20DY38D7LInFBm636t3XoFZcbGxGphEAP04k4%2BLwkidzfaENYD%2F2c8SYqRQ8V08yeUOTYbsetcOgv%2F6JgdECsFJZDHPiTLVNogQyvDl3BLh0L5SBo%2B4Ej%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2592000, no-transform, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 655a79a8ff3b4a85-FRA
x-amz-cf-id: rDf67lWbl6Wo85dnnIgDUMkc9xxOfWSiCozCIM05BXdJ_ZfU4FstDQ==

GET
H2 200 VcAbv3M7_background.jpg
img1.bundle.media/bittorrent/image/upload/f_jpg,w_1440,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e/ 75 KB
76 KB 75ms
66ms Image
image/jpeg 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.bundle.media/bittorrent/image/upload/f_jpg,w_1440,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e/VcAbv3M7_background.jpg

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fdde34c5469fde967ae7b7c4a74ef85f93fd589574b91ca14e0ead69c6006aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
server-timing: fastly;dur=259;cpu=1;start=2021-05-21T06:26:19.324Z;desc=miss,rtt;dur=0,cloudinary;dur=73;start=2021-05-21T06:26:19.374Z
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77246
cf-request-id: 0a4c6a5d9900004a85eeab1000000001
timing-allow-origin: *
last-modified: Thu, 21 Jan 2016 12:02:56 GMT
server: cloudflare
etag: "fe59dfc26674dc475eb9a1f1ae828529"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ibNo4rNS%2BG6wkYbA1MJrzSswcgv7VJVLw29UmWFLQwqnOkFXoE%2FzwUNuNEotJEjVReH9yuf9ihxLSlKxwij7xDiqno9tRrAsQdZO7wG4Y9VjRbjIZbfUhGnbD9%2F8%2BqGTl%2F78rLqiUV6AQJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2592000, no-transform, immutable
accept-ranges: bytes
cf-ray: 655a79a8ff3e4a85-FRA
x-amz-cf-id: fsCl_vwlrzXEXNTsIHlqOOwGHxllIZx7Z4UOX2KHJm9wlQu3m-HpTQ==

GET
H2 200 EM-HANIFFA-02.jpg
img2.bundle.media/bittorrent/image/upload/f_jpg,w_320,e_blur:500,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591... 3 KB
4 KB 67ms
58ms Image
image/jpeg 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.bundle.media/bittorrent/image/upload/f_jpg,w_320,e_blur:500,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e/0000000000000-000000/JANAB%20E.M.HANIFFA%20ISLAMIC%20MP3%20SONGS/EM-HANIFFA-02.jpg

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b22f698777e4eab68f64645bc7ad39b18e76d9bde3b3bc3ab735301e56b7bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
server-timing: fastly;dur=241;cpu=0;start=2021-05-21T06:26:19.323Z;desc=miss,rtt;dur=0,cloudinary;dur=148;start=2021-05-21T06:26:19.372Z
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3415
cf-request-id: 0a4c6a5d9c00004a855dabb000000001
timing-allow-origin: *
last-modified: Fri, 06 May 2016 20:35:12 GMT
server: cloudflare
etag: "ccbc616a7b7e1625bcaec39760cd6398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UuUyuBhsfNrTyuKBPFAzPoIDhf4dIQNFQ2qbCUzFJWzXWD8ydJxrb4pRcvCzY8qrRjR57GPsj6D8%2FkwDg%2FeF%2BAFvabcQZWzz%2FKhMRYAAXMRjiRzRCtHYxVAgKE3y9%2F9qgyeiqnyY2AH6jw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2592000, no-transform, immutable
accept-ranges: bytes
cf-ray: 655a79a8ff4b4a85-FRA
x-amz-cf-id: MEam7lSKtVDKJHJk9c0-GM1aX9DPI7XFn_rhADdmsZheBGts9mvoqQ==

GET
H2 200 EM-HANIFFA-01.jpeg
img2.bundle.media/bittorrent/image/upload/f_jpg,w_320,e_blur:500,q_70/content-bundles/production-df0ec56d-0fbb-bc2c-11e7-354ff3af9c4e/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591... 9 KB
9 KB 68ms
59ms Image
image/jpeg 2606:4700:3032::6815:1b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3032::6815:1b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c015c76693d9374b74387ce3f667f0f2d49436f562340792c11377ea3f74018a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:12 GMT
via: 1.1 25fe70cc18ad9b2503949e3460083641.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
server-timing: fastly;dur=2;cpu=1;start=2021-05-21T06:26:19.335Z;desc=hit,rtt;dur=0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8903
cf-request-id: 0a4c6a5d9c00004a85111fc000000001
timing-allow-origin: *
last-modified: Fri, 06 May 2016 20:35:12 GMT
server: cloudflare
etag: "757c3a4bd83646274ec30bc1b7299e62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z1Y9djGF4eVAIHLhM%2FDNfGmCSTQg1Hy%2BvRTjb3p18Icktdjn0Xxsr2nsmm8mth6IHQIqZrcO6GBrP7Jg5RLP13iFAK3WJY2xkwHLqS7m6VfQWy7u%2FffZDbQbxLCs9HlBXb977w5r23oE2ic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2592000, no-transform, immutable
accept-ranges: bytes
cf-ray: 655a79a8ff4d4a85-FRA
x-amz-cf-id: 9fDrcO3DtcckKp_IOGCOaE59hJkjSsH5g24tSy4dq64tX2xc8EbbmA==

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://now.bt.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
age: 90163
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:29 GMT

OPTIONS
H/1.1 503
Service Unavailable /
content-bundles-url-shortener.herokuapp.com/ Frame 0
0 5490ms
5125ms Preflight
text/html 52.23.15.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content-bundles-url-shortener.herokuapp.com/
Protocol: HTTP/1.1
Server: 52.23.15.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-15-172.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://now.bt.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

POST /
content-bundles-url-shortener.herokuapp.com/ 0
0

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 97ms
28ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: WF368HHBCV4BPDPP
x-cache: HIT
content-length: 11777
x-amz-id-2: Sju0Kn3tkH0pRSC0aE2XQRhlBx2SQ4e1b8nxTLXRSNXFVWWWpTDNMV6sXkQ3nbajK11ElnEOwuw=
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1622068513.734706,VS0,VE0
date: Wed, 26 May 2021 22:35:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 622

GET
H/1.1 200
OK 8b9486d826 Show response
bam-cell.nr-data.net/1/ 49 B
911 B 660ms
622ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/8b9486d826?a=3276066&v=1208.49599aa&to=MQZSYkBUXUYFBUcLXghMdU5CR1ZGFwxATXYjNx8ZUEBdUQgDQE0LDgJDXhg%3D&rst=1219&ck=1&ref=https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&qt=1&ap=72.654116&be=110&fe=1115&dc=170&tt=6dd98847e1a510&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1622068511538,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:8,%22c%22:8,%22s%22:24,%22ce%22:67,%22rq%22:67,%22rp%22:102,%22rpe%22:107,%22dl%22:104,%22di%22:170,%22ds%22:170,%22de%22:170,%22dc%22:1114,%22l%22:1114,%22le%22:1116%7D,%22navigation%22:%7B%7D%7D&fp=176&fcp=215&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:13 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlVSAAIHVFBTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoKAVQPVnRMB05WAhtDB1RaBQhdWQRRAgEDAgkFC0BKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 655a79ad0e2838b9-VIE
cf-request-id: 0a4c6a6023000038b9160be000000001

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 26ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/669F)
Age: 850
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 48ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: production-assets.bundle.media
URL: https://production-assets.bundle.media/javascripts/public/public.e7339d38ddc908a9ab06ef6ca44b6729.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1080d9f1a823800d01936d79ce384498518b50bb71f76d9e9b2700a4ba343b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ENpvCIxQRmlB89KlG2JATQ==
cross-origin-resource-policy: cross-origin
expires: Wed, 26 May 2021 22:52:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: qm4RCu29xTSjJ9ClJ/631stw5ZBSDr5UFiAMP2VbTB59Vn6dkzHoLb02vG21PBbYaDttRuJzGBhrWN01BEeb/g==
x-fb-trip-id: 686109401
x-fb-content-md5: f6a88628ef525aaef4a8f28daaf7db14
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 May 2021 22:35:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "02a6af312df594d9e39cd08d9cedaefa"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame E3D7 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fnow.bt.co
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://now.bt.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://now.bt.co/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 850
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 26 May 2021 22:35:17 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 217 KB
64 KB 33ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=11b45cb3c84a30cb553d2a417575a551&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48cb4005279ee593fc4020243e7c2435c2935cbd1d57c33ae13b06329956827c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://now.bt.co
Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VfOBFBprQgi+NBnd++pbwQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65526
x-fb-rlafr: 0
x-fb-debug: +rvLbKRzQvbw5WuUwj7vKSNOCxj2sdpOvcM9JKLpfNxYKAjFMqJ5C1Of0LbETe35Db6BRkrM2bpYXKItV903IQ==
x-fb-content-md5: d9e5a21afee772522a763e45b9406f9a
x-frame-options: DENY
date: Wed, 26 May 2021 22:35:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6fa71522a247e10530d8bfcdfb094cbb"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 20:54:39 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E3D7 256 B
440 B 207ms
148ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1b4def0ae8a8d2fa8ce871564965e0901bdd163c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fnow.bt.co

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:17 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 22:35:17 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 052c3512446be7d3a6eeadd3eff6bfec4053e12f1e0001eea0342b4c418da75e
content-length: 176

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 73ms
41ms Fetch
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=633178566717045&input_token&origin=1&redirect_uri=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&sdk=joey&wants_cookie_data=true

Requested by

Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 8SIdAd2uG0SbJ8/nuxBggaDUuEUflnq2icGvox7rVdNz0/FgCKo/xmhsqjr1dKtASEMcAbyxoiAlabm4IxzprQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 May 2021 22:35:17 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://now.bt.co
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame B71F 47 KB
16 KB 121ms
94ms Document
text/html 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=11b45cb3c84a30cb553d2a417575a551&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54fe972aeb413d7b06018aa500845715320a8ac494153ab3a7b50e988d719e0c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://now.bt.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://now.bt.co/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: Y921irR4rTOPhMHLmFoyvBKhV8aSWuYwZjRgTRI1JOC8VfbDCqNJFAtg72J90r1pbmlK6HmW5MagoHLKZcH0nQ==
date: Wed, 26 May 2021 22:35:17 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame B71F 400 B
449 B 17ms
17ms Image
image/png 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: aQEf/nGcYNWQto3FbuE6japJp8guod4Sg0UiojLEQPaFi2Copyc42yH+wgUrToU1TZGPBM1Gy+sQmebFEIBx4g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Wed, 26 May 2021 01:53:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Thu, 26 May 2022 01:53:26 GMT

GET
H3-29 200 Yf_9Poc2gzb.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yI/l/en_US/ Frame B71F 505 KB
132 KB 16ms
15ms XHR
application/x-javascript 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yI/l/en_US/Yf_9Poc2gzb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d1aec7cece35bebca12e88512532c624a0df10fd911cac95e37f28e595cdf2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 06:52:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ILMQRW8F/v+3QrJodtHEEQ==
cross-origin-resource-policy: cross-origin
content-length: 135154
x-fb-rlafr: 0
x-fb-debug: CYMBpR/pDipFtFhFBvCJjMqKkU9qADlW/x+xxx3eZ7dGBQAQl9cBaVg8lpgondolnodrpDmXM4m5JK79NjBSMA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 25 May 2022 06:52:07 GMT

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 22:35:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/669F)
Age: 850
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 4C88 32 KB
12 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://now.bt.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://now.bt.co/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 851
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 26 May 2021 22:35:17 GMT
Etag: "a87932e0f094e1fb4cced05f7d97ab94+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669F)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12228

GET
DATA 200
OK truncated
/ Frame 4C88 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame B71F 67 B
97 B 44ms
43ms Image
image/png 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1622068517941&t_start=1622068517941&t_domcontent=1622068517961&t_layout=1622068518014&t_onload=1622068518014&t_paint=1622068518014&t_creport=1622068518014&t_tti=1622068517961&lid=6966731233243653600-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=633178566717045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df371ca47430458%26domain%3Dnow.bt.co%26origin%3Dhttps%253A%252F%252Fnow.bt.co%252Ff120977e37ad15c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3XQzkkhYTmABKV1ecCZZ66MOx0HdVoGdjo5OXBXaNDbuXuT8pc+GApPfbCQXFnglSu9P+csZLkv2WFDnc5DJnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 26 May 2021 22:35:18 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 150ms
150ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fnow.bt.co%2Fbundles%2F9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22bittorrent%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1622068518088%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 26 May 2021 22:35:18 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 052c3512446be7d3a6eeadd3eff6bfec4053e12f1e0001eea0342b4c418da75e
x-transaction: 0fa3d6670716362a
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200
OK 8b9486d826 Show response
bam-cell.nr-data.net/events/1/ 24 B
485 B 660ms
626ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/8b9486d826?a=3276066&v=1208.49599aa&to=MQZSYkBUXUYFBUcLXghMdU5CR1ZGFwxATXYjNx8ZUEBdUQgDQE0LDgJDXhg%3D&rst=11219&ck=1&ref=https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Requested by: Host: now.bt.co
URL: https://now.bt.co/bundles/9392fe7b42a609a2ee15e8c9baefbc1a3b9309ee111a438db4c02b69804c591e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://now.bt.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 26 May 2021 22:35:23 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://now.bt.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 655a79eb7c5cfc99-VIE
Content-Length: 24
cf-request-id: 0a4c6a872f0000fc996f044000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content-bundles-url-shortener.herokuapp.com
URL: https://content-bundles-url-shortener.herokuapp.com/

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.now.bt.co/	1970-01-19 18:35:54	Name: _gid Value: GA1.3.1723484640.1622068512
.now.bt.co/	1970-01-20 12:05:40	Name: _ga Value: GA1.3.1497545724.1622068512
now.bt.co/	1969-12-31 23:59:59	Name: i18next Value: en
.bt.co/	1970-01-20 03:58:57	Name: __qca Value: P0-247074612-1622068511762

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://production-assets.bundle.media/vendor/modernizr.825b5ae4edf9e6196b2a7f6e11a0f0bb.gz.js(Line 2) Message: yepnope.js (aka Modernizr.load) is no longer included as part of Modernizr. yepnope appears to be available on the page, so we’ll use it to handle this call to Modernizr.load, but please update your code to use yepnope directly. See http://github.com/Modernizr/Modernizr/issues/1182 for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.spotxcdn.com
bam-cell.nr-data.net
bundle-geoip.herokuapp.com
connect.facebook.net
content-bundles-analytics.herokuapp.com
content-bundles-url-shortener.herokuapp.com
fonts.googleapis.com
fonts.gstatic.com
i-200-b-0-0-5-content-bundles-bench.utorrent.com
img1.bundle.media
img2.bundle.media
js-agent.newrelic.com
js.spotx.tv
now.bt.co
pixel.quantserve.com
platform.twitter.com
production-assets.bundle.media
rules.quantcount.com
s3.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
secure.quantserve.com
syndication.twitter.com
www.facebook.com
www.google-analytics.com
content-bundles-url-shortener.herokuapp.com
104.244.42.200
13.226.159.116
151.101.114.110
162.247.243.147
185.94.180.128
2.18.232.234
23.21.92.252
23.22.130.173
2600:9000:211e:6000:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3032::6815:1b1f
2606:4700::6813:9308
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
52.217.11.54
52.23.15.172
54.83.6.65
65.9.67.46
00202e5a13c3c37689d862e105c28ce1396e2898c88a7a770ee7b02d097b8393
073453b6ef1d2ac295d5fb2aa0e4f8b3f1699bc8bd3f4d158c5f68e67d171a43
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1080d9f1a823800d01936d79ce384498518b50bb71f76d9e9b2700a4ba343b51
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3fdde34c5469fde967ae7b7c4a74ef85f93fd589574b91ca14e0ead69c6006aa
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
40775250e2a49920d8137a5d3d5e20d16422d14e814ec74382d74d3c15ff73bd
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7
48cb4005279ee593fc4020243e7c2435c2935cbd1d57c33ae13b06329956827c
54fe972aeb413d7b06018aa500845715320a8ac494153ab3a7b50e988d719e0c
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6b22f698777e4eab68f64645bc7ad39b18e76d9bde3b3bc3ab735301e56b7bdd
6d1aec7cece35bebca12e88512532c624a0df10fd911cac95e37f28e595cdf2e
70af40e7464e3e72e59f9bd786732aba8abf20c7a8cb62192a168de617c069b0
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
82c639c5c29215a52554b838861142fa0a0737e4149774f338ef758ffc20856a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84272e462b34fa0af11036020d32ea348efee19fc9b7b941a3bfe07a826bd49d
8c8d2adda95f1fece42444c05b2731ebafd0cb6d858a17331247cde87fede76f
8d22242d899b103a1607d766510b9c7a8affa600d120bbe3df4b787f13a8460f
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
92fd434a4da14d91371e4b94270988d93cd0bf3e070b1419923006f2e75217c1
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
9fde8f80762c44177d77aaacd9ce91723b1f5e55547c05432406492c093d9c8c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5b5c67c37b6725396b5d7ec80923f7b7137169e9933ee9a1e1d402ddcb7fd84
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c015c76693d9374b74387ce3f667f0f2d49436f562340792c11377ea3f74018a
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c79c83a108f8e3a9f961624c155c0c3cc71b373902a881ff6c5b99110933f192
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cfcb0ec300dea884d31445998d9e2893ba8e42fbe8673d9e04dd0eb8ab2d4ce9
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
f8baab6b878683c68e42fd79f7502978f7276ae6af869a2c77409a908ac0f2d8

now.bt.co Open in urlscan Pro 65.9.67.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

45 %IPv6

19 Domains

25 Subdomains

22 IPs

3 Countries

1234 kBTransfer

3593 kBSize

4 Cookies

7 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

now.bt.co Open in urlscan Pro
65.9.67.46 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

45 %
IPv6

19
Domains

25
Subdomains

22
IPs

3
Countries

1234 kB
Transfer

3593 kB
Size

4
Cookies

54 HTTP transactions
1 data transactions