ilifoani.beget.tech Open in urlscan Pro
5.101.153.32 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ilifoani.beget.tech/uni/
Submission: On August 15 via automatic, source openphish (August 15th 2020, 1:18:38 am UTC)

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 9 countries across 15 domains to perform 53 HTTP transactions. The main IP is 5.101.153.32, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is ilifoani.beget.tech.

This is the only time ilifoani.beget.tech was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spotify (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 4	5.101.153.32 5.101.153.32	198610 (BEGET-AS) (BEGET-AS)
6 13	2a04:4e42:1b:... 2a04:4e42:1b::760	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.155.68 13.226.155.68	16509 (AMAZON-02) (AMAZON-02)
13	151.101.114.91 151.101.114.91	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
1 1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
8 10	3.127.156.137 3.127.156.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.245.222 35.244.245.222	15169 (GOOGLE) (GOOGLE)
1	104.108.41.56 104.108.41.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.154.174.199 54.154.174.199	16509 (AMAZON-02) (AMAZON-02)
1	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::603	54113 (FASTLY) (FASTLY)
1	199.232.46.91 199.232.46.91	54113 (FASTLY) (FASTLY)
1	151.101.130.91 151.101.130.91	54113 (FASTLY) (FASTLY)
1	151.101.194.91 151.101.194.91	54113 (FASTLY) (FASTLY)
1	151.101.98.91 151.101.98.91	54113 (FASTLY) (FASTLY)
2	151.101.14.91 151.101.14.91	54113 (FASTLY) (FASTLY)
1	151.101.38.91 151.101.38.91	54113 (FASTLY) (FASTLY)
1	151.101.18.91 151.101.18.91	54113 (FASTLY) (FASTLY)
1	151.101.198.91 151.101.198.91	54113 (FASTLY) (FASTLY)
53	25

4 5.101.153.32 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)
PTR: m2.iohost.beget.com

ilifoani.beget.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:1b::760 (Ascension Island) 6 redirects

ASN54113 (FASTLY, US)

www.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-68.dus51.r.cloudfront.net

vt.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.114.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hhn-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
astral-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sp-bootstrap.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.127.156.137 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-156-137.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.245.222 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.41.56 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.174.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-174-199.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET, US)

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

pixel.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::603 (Ascension Island)

ASN54113 (FASTLY, US)

fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.46.91 (United States)

ASN54113 (FASTLY, US)

qpg-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.91 (United States)

ASN54113 (FASTLY, US)

0addb654-96eb-4a3c-b7ad-899f1c94bc8f.eu.u.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.91 (United States)

ASN54113 (FASTLY, US)

any-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.98.91 (Brisbane, Australia)

ASN54113 (FASTLY, US)

bne-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

pdata.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.38.91 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

ams-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.18.91 (London, United Kingdom)

ASN54113 (FASTLY, US)

lcy-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.198.91 (Los Angeles, United States)

ASN54113 (FASTLY, US)

bur-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	fastly-insights.com www.fastly-insights.com fastly-insights.com qpg-v4.pops.fastly-insights.com 0addb654-96eb-4a3c-b7ad-899f1c94bc8f.eu.u.fastly-insights.com any-v4.pops.fastly-insights.com bne-v4.pops.fastly-insights.com pdata.pops.fastly-insights.com ams-v4.pops.fastly-insights.com fra-v4.pops.fastly-insights.com hhn-v4.pops.fastly-insights.com lcy-v4.pops.fastly-insights.com astral-v4.pops.fastly-insights.com bur-v4.pops.fastly-insights.com	41 KB
13	scdn.co 6 redirects www.scdn.co	215 KB
11	myvisualiq.net 8 redirects vt.myvisualiq.net t.myvisualiq.net	9 KB
5	googletagmanager.com www.googletagmanager.com	74 KB
4	fastly.net sp-bootstrap.global.ssl.fastly.net	216 KB
4	beget.tech 1 redirects ilifoani.beget.tech	15 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	google-analytics.com www.google-analytics.com	71 KB
1	spotify.com pixel.spotify.com	257 B
1	facebook.com www.facebook.com	258 B
1	exelator.com loadus.exelator.com	124 B
1	bluekai.com tags.bluekai.com	749 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	tapad.com 1 redirects tapestry.tapad.com	465 B
1	gstatic.com encrypted-tbn2.gstatic.com	1 KB
53	15

	Domain	Requested by
13	www.scdn.co	6 redirects ilifoani.beget.tech
11	www.fastly-insights.com	ilifoani.beget.tech www.fastly-insights.com
10	t.myvisualiq.net	8 redirects ilifoani.beget.tech
5	www.googletagmanager.com	ilifoani.beget.tech
4	sp-bootstrap.global.ssl.fastly.net	www.scdn.co
4	ilifoani.beget.tech	1 redirects ilifoani.beget.tech
2	dpm.demdex.net	2 redirects
2	www.google-analytics.com	ilifoani.beget.tech www.google-analytics.com
1	bur-v4.pops.fastly-insights.com	www.fastly-insights.com
1	astral-v4.pops.fastly-insights.com	www.fastly-insights.com
1	lcy-v4.pops.fastly-insights.com	www.fastly-insights.com
1	hhn-v4.pops.fastly-insights.com	www.fastly-insights.com
1	fra-v4.pops.fastly-insights.com	www.fastly-insights.com
1	ams-v4.pops.fastly-insights.com	www.fastly-insights.com
1	pdata.pops.fastly-insights.com	www.fastly-insights.com
1	bne-v4.pops.fastly-insights.com	www.fastly-insights.com
1	any-v4.pops.fastly-insights.com	www.fastly-insights.com
1	0addb654-96eb-4a3c-b7ad-899f1c94bc8f.eu.u.fastly-insights.com	www.fastly-insights.com
1	qpg-v4.pops.fastly-insights.com	www.fastly-insights.com
1	fastly-insights.com	www.fastly-insights.com
1	pixel.spotify.com	ilifoani.beget.tech
1	www.facebook.com	ilifoani.beget.tech
1	loadus.exelator.com	ilifoani.beget.tech
1	tags.bluekai.com	ilifoani.beget.tech
1	idsync.rlcdn.com	ilifoani.beget.tech
1	tapestry.tapad.com	1 redirects
1	vt.myvisualiq.net	ilifoani.beget.tech
1	encrypted-tbn2.gstatic.com	ilifoani.beget.tech
53	28

This site contains links to these domains. Also see Links.

Domain
support.spotify.com

Subject Issuer	Validity	Valid
*.scdn.co DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-09-01`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
fastlyanalytics.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-19` - `2021-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.myvisualiq.net Go Daddy Secure Certificate Authority - G2	`2019-12-12` - `2021-02-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-04-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.spotify.com DigiCert SHA2 Secure Server CA	`2020-06-23` - `2021-09-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ilifoani.beget.tech/uni/
Frame ID: 911B00347F7D7935DA973C8C105872FF
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ilifoani.beget.tech/uni HTTP 301
http://ilifoani.beget.tech/uni/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

53
Requests

92 %
HTTPS

31 %
IPv6

15
Domains

28
Subdomains

25
IPs

9
Countries

636 kB
Transfer

2040 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://support.spotify.com/?utm_source=www.spotify.com&utm_medium=www_header
Title: Aide

Search URL Search Domain Scan URL

URL: https://support.spotify.com/?utm_source=www.spotify.com&utm_medium=www_footer
Title: Aide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ilifoani.beget.tech/uni HTTP 301
http://ilifoani.beget.tech/uni/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.scdn.co/build/css/spotify-b1556c8cc6.css HTTP 301
https://www.scdn.co/build/css/spotify-b1556c8cc6.css

Request Chain 2

http://www.scdn.co/build/css/account-feedd08a3c.css HTTP 301
https://www.scdn.co/build/css/account-feedd08a3c.css

Request Chain 3

http://www.scdn.co/webpack/tracking.download.ac255fbc3bf10c89d901.js HTTP 301
https://www.scdn.co/webpack/tracking.download.ac255fbc3bf10c89d901.js

Request Chain 7

http://www.scdn.co/webpack/spweb-site.min.16dd1ab58f2434c31bbf.js HTTP 301
https://www.scdn.co/webpack/spweb-site.min.16dd1ab58f2434c31bbf.js

Request Chain 8

http://www.scdn.co/webpack/account.2e9fe69385df6a392a5b.js HTTP 301
https://www.scdn.co/webpack/account.2e9fe69385df6a392a5b.js

Request Chain 13

http://www.scdn.co/webpack/sp-analytics.2dc3a5c8f2c32c8a598a.js HTTP 301
https://www.scdn.co/webpack/sp-analytics.2dc3a5c8f2c32c8a598a.js

Request Chain 20

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_3601ea50-de95-11ea-ab6b-0eb41c7d7e37

Request Chain 21

https://t.myvisualiq.net/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
https://idsync.rlcdn.com/420356.gif?partner_uid=a4a71a9a-c690-4c9e-b67c-191dae6958fe

Request Chain 22

https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
https://tags.bluekai.com/site/21398?id=0ad6668b-d8af-4f96-aff6-9f6e5958bf2f

Request Chain 23

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=a4a71a9a-c690-4c9e-b67c-191dae6958fe&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=125310&dpuuid=a4a71a9a-c690-4c9e-b67c-191dae6958fe&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=57432461065828612460264455149126264753

Request Chain 24

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://loadus.exelator.com/load/?p=204&g=1260&buid=0-f23390c3-3c83-4c4c-9202-a2c2247a41d1

Request Chain 25

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1901136573502950%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-cdf7f889-2d17-4586-a2f6-6386b0b96b95

Request Chain 26

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.js&eid=1&tc=105&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0 HTTP 307
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.js&eid=1&tc=105&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0

Request Chain 29

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.dom&eid=10&tc=105&z=0 HTTP 307
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.dom&eid=10&tc=105&z=0

Request Chain 30

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&t=ol&s=h1&h=156&g=77&p=ga&o=2000&l=155&q=151&f=43&e=24&i=16&d=-166&c=81&hc=0&sr=0.050000&ps=0.004761877987434104&cb=693476945 HTTP 307
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&t=ol&s=h1&h=156&g=77&p=ga&o=2000&l=155&q=151&f=43&e=24&i=16&d=-166&c=81&hc=0&sr=0.050000&ps=0.004761877987434104&cb=693476945

Request Chain 43

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=*&eid=45&u=C&tc=105&z=0 HTTP 307
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=*&eid=45&u=C&tc=105&z=0

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ilifoani.beget.tech/uni/
Redirect Chain

http://ilifoani.beget.tech/uni
http://ilifoani.beget.tech/uni/

45 KB
14 KB

56ms
55ms

Document
text/html

5.101.153.32
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Server: 5.101.153.32 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: m2.iohost.beget.com
Software: nginx-reuseport/1.13.4 /
Resource Hash: 28666aaccdf5c60d9bdb9321702fa0356144e0e72c5a72101af603b3586703b9

Request headers

Host: ilifoani.beget.tech
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx-reuseport/1.13.4
Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
Last-Modified: Fri, 07 Aug 2020 11:06:03 GMT
ETag: W/"b45f-5ac479736e060"
Content-Encoding: gzip

Redirect headers

Server: nginx-reuseport/1.13.4
Date: Sat, 15 Aug 2020 01:18:21 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 322
Connection: keep-alive
Keep-Alive: timeout=30
Location: http://ilifoani.beget.tech/uni/

GET
H/1.1 200
OK jquery-2.1.3.min.2aa3ce7ca4d69c76546c.js Show response
www.scdn.co/webpack/ 91 KB
33 KB 34ms
7ms Script
application/javascript 2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/webpack/jquery-2.1.3.min.2aa3ce7ca4d69c76546c.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed795d2047287a848f2349e88d5a8ee58e1a2d0ea9292a3be6717138f55a1d09

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 12246083
x-amz-meta-goog-reserved-file-mtime: 1553092591
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 32842
X-Served-By: cache-ord1728-ORD, cache-hhn4080-HHN
Last-Modified: Wed, 20 Mar 2019 14:44:30 GMT
ETag: "753a199b38e0ec450d911534f2d9718d"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 2, 1

GET
H/1.1

200
OK

spotify-b1556c8cc6.css
www.scdn.co/build/css/
Redirect Chain

http://www.scdn.co/build/css/spotify-b1556c8cc6.css
https://www.scdn.co/build/css/spotify-b1556c8cc6.css

384 KB
59 KB

8ms
7ms

Stylesheet
text/css

2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d10d17cf5f24529157216e13c4acbe72ad2b578718425a250aba86316bc586f

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 46668215
x-amz-meta-goog-reserved-file-mtime: 1550784742
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 59832
X-Served-By: cache-ord1745-ORD, cache-hhn4077-HHN
Last-Modified: Thu, 21 Feb 2019 21:39:38 GMT
ETag: "b1556c8cc6e251dd01b7f14cd18564ec"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

Redirect headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
X-Served-By: cache-hhn4057-HHN
Location: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
X-Cache: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1

200
OK

account-feedd08a3c.css
www.scdn.co/build/css/
Redirect Chain

http://www.scdn.co/build/css/account-feedd08a3c.css
https://www.scdn.co/build/css/account-feedd08a3c.css

146 KB
17 KB

19ms
6ms

Stylesheet
text/css

2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/build/css/account-feedd08a3c.css
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c0d8b67c2e38a5bc978829a1b0711bc4e45b7958139535430ee038537a8e0a9

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 44454072
x-amz-meta-goog-reserved-file-mtime: 1552998629
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 16880
X-Served-By: cache-ord1734-ORD, cache-hhn4032-HHN
Last-Modified: Tue, 19 Mar 2019 12:38:26 GMT
ETag: "feedd08a3c1f373b5ab8852695ceed44"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 2

Redirect headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
X-Served-By: cache-hhn4037-HHN
Location: https://www.scdn.co/build/css/account-feedd08a3c.css
X-Cache: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1

200
OK

tracking.download.ac255fbc3bf10c89d901.js Show response
www.scdn.co/webpack/
Redirect Chain

http://www.scdn.co/webpack/tracking.download.ac255fbc3bf10c89d901.js
https://www.scdn.co/webpack/tracking.download.ac255fbc3bf10c89d901.js

2 KB
1 KB

21ms
7ms

Script
application/javascript

2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/webpack/tracking.download.ac255fbc3bf10c89d901.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e875f5b304a198295727731c3343bedbc9476224e253040ccfcb5d5b2b07e612

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 29180052
x-amz-meta-goog-reserved-file-mtime: 1554748303
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 866
X-Served-By: cache-ord1729-ORD, cache-hhn4020-HHN
Last-Modified: Mon, 08 Apr 2019 18:39:12 GMT
ETag: "588b347dc417e94cd1d000538f47e840"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

Redirect headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
X-Served-By: cache-hhn4067-HHN
Location: https://www.scdn.co/webpack/tracking.download.ac255fbc3bf10c89d901.js
X-Cache: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 404
Not Found xvx.js
ilifoani.beget.tech/uni/js/ 0
0 125ms
113ms Script
text/html 5.101.153.32
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ilifoani.beget.tech/uni/js/xvx.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Server: 5.101.153.32 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: m2.iohost.beget.com
Software: nginx-reuseport/1.13.4 /
Resource Hash

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Server: nginx-reuseport/1.13.4
Connection: keep-alive
Keep-Alive: timeout=30
Content-Length: 294
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found xvx.js
ilifoani.beget.tech/uni/ 0
0 313ms
301ms Script
text/html 5.101.153.32
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ilifoani.beget.tech/uni/xvx.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Server: 5.101.153.32 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: m2.iohost.beget.com
Software: nginx-reuseport/1.13.4 /
Resource Hash

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Server: nginx-reuseport/1.13.4
Connection: keep-alive
Keep-Alive: timeout=30
Content-Length: 291
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 images
encrypted-tbn2.gstatic.com/ 686 B
1 KB 60ms
38ms Image
image/png 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcQqm8ZOWwKAOjhwU1n-WyEZyXTeu5CcV5c3Ylo5uTKg5NfX5C_2bdfboJE

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c260b4be6ad5ef0bdd756f19e5e12da7eb384cbd2b2ee81e3abe4cfaa1d5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 15 Aug 2020 01:18:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:26:55 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 686
x-xss-protection: 0
expires: Sun, 15 Aug 2021 01:18:22 GMT

GET
H/1.1

200
OK

spweb-site.min.16dd1ab58f2434c31bbf.js Show response
www.scdn.co/webpack/
Redirect Chain

http://www.scdn.co/webpack/spweb-site.min.16dd1ab58f2434c31bbf.js
https://www.scdn.co/webpack/spweb-site.min.16dd1ab58f2434c31bbf.js

276 KB
62 KB

7ms
6ms

Script
application/javascript

2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/webpack/spweb-site.min.16dd1ab58f2434c31bbf.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a289836fd7e2f91b714e0dd9e480c8f11f93973ab361bcc2631d8b8ef3884ed1

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 10766758
x-amz-meta-goog-reserved-file-mtime: 1553092591
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 62768
X-Served-By: cache-ord1735-ORD, cache-hhn4080-HHN
Last-Modified: Wed, 20 Mar 2019 14:44:30 GMT
ETag: "3eff259f4810980af368b1c63884f514"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

Redirect headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
X-Served-By: cache-hhn4031-HHN
Location: https://www.scdn.co/webpack/spweb-site.min.16dd1ab58f2434c31bbf.js
X-Cache: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1

200
OK

account.2e9fe69385df6a392a5b.js Show response
www.scdn.co/webpack/
Redirect Chain

http://www.scdn.co/webpack/account.2e9fe69385df6a392a5b.js
https://www.scdn.co/webpack/account.2e9fe69385df6a392a5b.js

133 KB
37 KB

8ms
7ms

Script
application/javascript

2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/webpack/account.2e9fe69385df6a392a5b.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c19aae5f0075527e1dddb320fd8f10d56f0e410d21a1ff21cf889585b92c106d

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 28056602
x-amz-meta-goog-reserved-file-mtime: 1553092591
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 37577
X-Served-By: cache-ord1731-ORD, cache-hhn4032-HHN
Last-Modified: Wed, 20 Mar 2019 14:44:29 GMT
ETag: "fcada41dd20b559d151cc4f440e2b91f"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 8, 1

Redirect headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
X-Served-By: cache-hhn4079-HHN
Location: https://www.scdn.co/webpack/account.2e9fe69385df6a392a5b.js
X-Cache: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK vt-150.js Show response
vt.myvisualiq.net/2/afTxMmlGwCNRJiC5Bd75ug%3D%3D/ 7 KB
3 KB 91ms
31ms Script
application/x-javascript 13.226.155.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vt.myvisualiq.net/2/afTxMmlGwCNRJiC5Bd75ug%3D%3D/vt-150.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Server: 13.226.155.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-68.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d0c03eb202adbec944044a58d130e9bc430eff8525f3520c6c6d8f3ad1ea9e4

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 14 Aug 2020 15:24:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 May 2020 15:49:06 GMT
Server: AmazonS3
Age: 35660
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: Qkf5NhlV791MJhPKo8YJnKzcTpLZOV87
Via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/x-javascript
X-Amz-Cf-Id: O8LPtdwYlsT9va-K0jN0Sv3oYZsxbeQEWc_rnPU8yWuMRJZ2kwJ0OA==

GET
H/1.1 200
OK insights.js Show response
www.fastly-insights.com/ 56 KB
25 KB 69ms
18ms Script
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b950d0bf1be722756f170243857b8dbace6cc88cad0207a8126479fccb4ff9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
Age: 83871
transfer-encoding: chunked
X-Cache: HIT
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Connection: keep-alive
content-encoding: br
Fastly-Restarts: 1
X-Served-By: cache-hhn4067-HHN
Last-Modified: Wed, 12 Aug 2020 17:10:40 GMT
X-Timer: S1597454302.281517,VS0,VE0
ETag: "15bb0cfb494300ec3747481010ebf85f"
vary: accept-encoding
Strict-Transport-Security: max-age=86400; includeSubDomains
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: none
X-Cache-Hits: 151589

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 2681
date: Sat, 15 Aug 2020 00:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 15 Aug 2020 02:33:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
74 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-7BJJ

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

112115af69cc02ec68e223daed293657fd491b1faac884c2dd3e35e15f49becd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 15 Aug 2020 01:18:22 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75440
x-xss-protection: 0
last-modified: Sat, 15 Aug 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Aug 2020 01:18:22 GMT

GET
H/1.1

200
OK

sp-analytics.2dc3a5c8f2c32c8a598a.js Show response
www.scdn.co/webpack/
Redirect Chain

http://www.scdn.co/webpack/sp-analytics.2dc3a5c8f2c32c8a598a.js
https://www.scdn.co/webpack/sp-analytics.2dc3a5c8f2c32c8a598a.js

9 KB
4 KB

7ms
6ms

Script
application/javascript

2a04:4e42:1b::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scdn.co/webpack/sp-analytics.2dc3a5c8f2c32c8a598a.js
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::760 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 020cede188f9c3d1fe3f49465dd3bce0be494e60bd6b88f1e717c2db7f6388d3

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Content-Encoding: gzip
Age: 5601879
x-amz-meta-goog-reserved-file-mtime: 1554748303
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3284
X-Served-By: cache-ord1728-ORD, cache-hhn4020-HHN
Last-Modified: Mon, 08 Apr 2019 18:39:12 GMT
ETag: "e1713e70e512587b652dc6f00b2bbbd6"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

Redirect headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
X-Served-By: cache-hhn4035-HHN
Location: https://www.scdn.co/webpack/sp-analytics.2dc3a5c8f2c32c8a598a.js
X-Cache: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27c6c010b56541288cf75fa5e8773311aadac4e60add1a00351da2664fcad6cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK circular-bold.woff2
sp-bootstrap.global.ssl.fastly.net/8.7.0/fonts/ 74 KB
74 KB 73ms
20ms Font
application/font-woff 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.7.0/fonts/circular-bold.woff2
Requested by: Host: www.scdn.co
URL: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: http://ilifoani.beget.tech
Referer: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sa9U_tafPNBf9KVFtXFe8CxiXKBQ46h4
Last-Modified: Wed, 20 Feb 2019 19:23:02 GMT
Age: 7038529
ETag: "c094813cfe6be5d188f4e506b6ffca1b"
X-Served-By: cache-lcy19283-LCY, cache-fra19133-FRA
X-Cache: HIT, HIT
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Date: Sat, 15 Aug 2020 01:18:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75488
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK circular-book.woff2
sp-bootstrap.global.ssl.fastly.net/8.7.0/fonts/ 68 KB
69 KB 71ms
19ms Font
application/font-woff 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.7.0/fonts/circular-book.woff2
Requested by: Host: www.scdn.co
URL: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: http://ilifoani.beget.tech
Referer: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8UOgVmnKCVNvSVvvH177GmcS_T4XwnlB
Last-Modified: Wed, 20 Feb 2019 19:23:02 GMT
Age: 7038552
ETag: "c4f753e765823b94234e7f5ccd733f44"
X-Served-By: cache-lcy19235-LCY, cache-fra19183-FRA
X-Cache: HIT, HIT
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Date: Sat, 15 Aug 2020 01:18:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70092
X-Cache-Hits: 1, 2

GET
H/2+Q/46 200 js Show response
www.google-analytics.com/gtm/ 270 KB
53 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P9JKJ53&cid=2038962231.1597454302

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00b972c5c371581774e6956e72fdf67ef400f65585a2ea6e119fd4159c92679d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 15 Aug 2020 01:18:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54121
x-xss-protection: 0
expires: Sat, 15 Aug 2020 01:18:22 GMT

GET
H/1.1 200
OK be.svg
sp-bootstrap.global.ssl.fastly.net/8.7.0/images/flags/ 232 B
650 B 62ms
21ms Image
image/svg+xml 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.7.0/images/flags/be.svg
Requested by: Host: www.scdn.co
URL: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ab7be110e7203add27e1cda437d77f39568c16bc0c674ef4aa3c2e066074b1de

Request headers

Referer: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tvgn4yq27l9uqL7e_0jhG_BRtjunOYNN
Content-Encoding: gzip
Last-Modified: Wed, 20 Feb 2019 19:23:02 GMT
Age: 7038611
ETag: "33f90c4672ee26ee79c461b6627e853e"
X-Served-By: cache-lcy19281-LCY, cache-fra19146-FRA
X-Cache: HIT, HIT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Date: Sat, 15 Aug 2020 01:18:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 166
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK circular-black.woff2
sp-bootstrap.global.ssl.fastly.net/8.7.0/fonts/ 72 KB
73 KB 21ms
21ms Font
application/font-woff 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-bootstrap.global.ssl.fastly.net/8.7.0/fonts/circular-black.woff2
Requested by: Host: www.scdn.co
URL: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: http://ilifoani.beget.tech
Referer: https://www.scdn.co/build/css/spotify-b1556c8cc6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: oQ.a3ThkDgQtU1UwmB3cN4Go3Wau9WMU
Last-Modified: Wed, 20 Feb 2019 19:23:02 GMT
Age: 7038552
ETag: "56b510f616f840ffde8f3955349a6c5a"
X-Served-By: cache-lcy19249-LCY, cache-fra19133-FRA
X-Cache: HIT, HIT
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Date: Sat, 15 Aug 2020 01:18:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73892
X-Cache-Hits: 1, 8

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_3601ea50-de95-11ea-ab6b-0eb41c7d7e37

43 B
300 B

57ms
21ms

Image
image/gif

3.127.156.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_3601ea50-de95-11ea-ab6b-0eb41c7d7e37
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.156.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-156-137.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Sat, 15 Aug 2020 01:18:22 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
status: 302
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_3601ea50-de95-11ea-ab6b-0eb41c7d7e37
strict-transport-security: max-age=31536000
alt-svc: clear
content-length: 0

GET
H2

451

420356.gif
idsync.rlcdn.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID}
https://t.myvisualiq.net/ul_cb/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID}
https://idsync.rlcdn.com/420356.gif?partner_uid=a4a71a9a-c690-4c9e-b67c-191dae6958fe

0
66 B

181ms
150ms

Image
text/plain

35.244.245.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420356.gif?partner_uid=a4a71a9a-c690-4c9e-b67c-191dae6958fe
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.245.222 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.245.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Sat, 15 Aug 2020 01:18:22 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/420356.gif?partner_uid=a4a71a9a-c690-4c9e-b67c-191dae6958fe
Date: Sat, 15 Aug 2020 01:18:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

21398
tags.bluekai.com/site/
Redirect Chain

https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D
https://tags.bluekai.com/site/21398?id=0ad6668b-d8af-4f96-aff6-9f6e5958bf2f

62 B
749 B

218ms
171ms

Image
image/gif

104.108.41.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/21398?id=0ad6668b-d8af-4f96-aff6-9f6e5958bf2f
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.41.56 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 581a
Content-Type: image/gif

Redirect headers

Location: https://tags.bluekai.com/site/21398?id=0ad6668b-d8af-4f96-aff6-9f6e5958bf2f
Date: Sat, 15 Aug 2020 01:18:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253D...
https://t.myvisualiq.net/ul_cb/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fpri...
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=a4a71a9a-c690-4c9e-b67c-191dae6958fe&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=125310&dpuuid=a4a71a9a-c690-4c9e-b67c-191dae6958fe&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UU...
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=57432461065828612460264455149126264753

43 B
300 B

27ms
26ms

Image
image/gif

3.127.156.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=57432461065828612460264455149126264753
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.156.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-156-137.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Px6IzUiyTg4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=57432461065828612460264455149126264753
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
loadus.exelator.com/load/
Redirect Chain

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://loadus.exelator.com/load/?p=204&g=1260&buid=0-f23390c3-3c83-4c4c-9202-a2c2247a41d1

124 B
124 B

45ms
14ms

Image
application/x-javascript

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=1260&buid=0-f23390c3-3c83-4c4c-9202-a2c2247a41d1
Requested by: Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 15 Aug 2020 01:18:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 200
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

Location: https://loadus.exelator.com/load/?p=204&g=1260&buid=0-f23390c3-3c83-4c4c-9202-a2c2247a41d1
Date: Sat, 15 Aug 2020 01:18:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

tr
www.facebook.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1901136573502950%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-cdf7f889-2d17-4586-a2f6-6386b0b96b95

44 B
258 B

6ms
6ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-cdf7f889-2d17-4586-a2f6-6386b0b96b95

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 15 Aug 2020 01:18:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 15 Aug 2020 01:18:22 GMT

Redirect headers

Location: https://www.facebook.com/tr?id=1901136573502950&ev=PageView&cd[order_id]=0-cdf7f889-2d17-4586-a2f6-6386b0b96b95
Date: Sat, 15 Aug 2020 01:18:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/2+Q/46

204

a
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.js&eid=1&tc=105&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.js&eid=1&tc=105&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0

0
305 B

35ms
21ms

Image
image/gif

2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.js&eid=1&tc=105&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Aug 2020 01:18:22 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.js&eid=1&tc=105&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0
Non-Authoritative-Reason: HSTS

GET
H2 200 cpua
pixel.spotify.com/v1/ 0
257 B 31ms
15ms Image
text/plain 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.spotify.com/v1/cpua

Requested by

Host: ilifoani.beget.tech
URL: http://ilifoani.beget.tech/uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff
server: envoy
date: Sat, 15 Aug 2020 01:18:22 GMT
status: 200
cache-control: private, max-age=0
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK 040e3997-282c-4275-ba9b-a406ce78b133 Show response
fastly-insights.com/api/v1/config/ 13 KB
3 KB 21ms
6ms Fetch
application/json 2a04:4e42:200::603
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fastly-insights.com/api/v1/config/040e3997-282c-4275-ba9b-a406ce78b133

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::603 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

73013943651eae62be28078305b49b4889bb5291f923bcb7529071b0005f1753

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600, "include_subdomains": true}
Age: 35823
transfer-encoding: chunked
X-Cache: HIT
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}], "include_subdomains": true}
Connection: keep-alive
content-encoding: br
X-Served-By: cache-fra19180-FRA
Last-Modified: Mon, 12 Aug 2019 10:54:16 GMT
X-Timer: S1597454303.912533,VS0,VE0
ETag: "73b94a1a1ce6bb6c08fcdca571071c4e"
vary: accept-encoding
Strict-Transport-Security: max-age=86400; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
accept-ranges: none
X-Cache-Hits: 28469

GET
H/2+Q/46

204

a
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.dom&eid=10&tc=105&z=0
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.dom&eid=10&tc=105&z=0

0
20 B

16ms
15ms

Image
image/gif

2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.dom&eid=10&tc=105&z=0

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Aug 2020 01:18:22 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=gtm.dom&eid=10&tc=105&z=0
Non-Authoritative-Reason: HSTS

GET
H/2+Q/46

204

a
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&t=ol&s=h1&h=156&g=77&p=ga&o=2000&l=155&q=151&f=43&e=24&i=16&d=-166&c=81&hc=0&sr=0.050000&ps=0.004761877987434104&cb=693476945
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&t=ol&s=h1&h=156&g=77&p=ga&o=2000&l=155&q=151&f=43&e=24&i=16&d=-166&c=81&hc=0&sr=0.050000&ps=0.004761877987434104&cb=693476945

0
20 B

15ms
14ms

Image
image/gif

2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&t=ol&s=h1&h=156&g=77&p=ga&o=2000&l=155&q=151&f=43&e=24&i=16&d=-166&c=81&hc=0&sr=0.050000&ps=0.004761877987434104&cb=693476945

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Aug 2020 01:18:22 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&t=ol&s=h1&h=156&g=77&p=ga&o=2000&l=155&q=151&f=43&e=24&i=16&d=-166&c=81&hc=0&sr=0.050000&ps=0.004761877987434104&cb=693476945
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK o.svg Show response
qpg-v4.pops.fastly-insights.com/ 378 B
1 KB 534ms
171ms Fetch
image/svg+xml 199.232.46.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qpg-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.46.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:23 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: QPG
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-qpg1251-QPG
Server: Varnish
X-Timer: S1597454303.383860,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

GET
H/1.1 200
OK l Show response
0addb654-96eb-4a3c-b7ad-899f1c94bc8f.eu.u.fastly-insights.com/ 585 B
1 KB 69ms
25ms Fetch
application/json 151.101.130.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://0addb654-96eb-4a3c-b7ad-899f1c94bc8f.eu.u.fastly-insights.com/l

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

205f3ee021fbb22aecd7594cbc697bad6754c76ee880a758f019255776992bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:22 GMT
Via: 1.1 varnish
X-Backend: lookup-eu
X-Cache: HIT
Connection: keep-alive
Content-Length: 585
X-Served-By: cache-ams21066-AMS
Server: Varnish
X-Timer: S1597454303.987931,VS0,VE11
Strict-Transport-Security: max-age=86400; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes, bytes
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 57ms
18ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/b?k=040e3997-282c-4275-ba9b-a406ce78b133&s=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIwNDBlMzk5Ny0yODJjLTQyNzUtYmE5Yi1hNDA2Y2U3OGIxMzMiLCJleHAiOjE1OTc0NTQzNjIsImlhdCI6MTU5NzQ1NDMwM30.GHiHoFWfGyU3--qG-5w_Glwev2KZmO6_ud_kDPqX7K0

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:23 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454304.579764,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
any-v4.pops.fastly-insights.com/ 378 B
1 KB 46ms
13ms Fetch
image/svg+xml 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://any-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:23 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: AMS
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-ams21039-AMS
Server: Varnish
X-Timer: S1597454304.571446,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 19ms
18ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:23 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454304.641495,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
bne-v4.pops.fastly-insights.com/ 378 B
1 KB 968ms
323ms Fetch
image/svg+xml 151.101.98.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bne-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.98.91 Brisbane, Australia, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: BNE
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-bne7720-BNE
Server: Varnish
X-Timer: S1597454304.441373,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 19ms
19ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.661440,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
pdata.pops.fastly-insights.com/ 378 B
1 KB 79ms
24ms Fetch
image/svg+xml 151.101.14.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pdata.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: FRA
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-fra19183-FRA
Server: Varnish
X-Timer: S1597454305.718971,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 19ms
19ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.792531,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
ams-v4.pops.fastly-insights.com/ 378 B
1 KB 40ms
13ms Fetch
image/svg+xml 151.101.38.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ams-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.38.91 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: AMS
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-ams21039-AMS
Server: Varnish
X-Timer: S1597454305.815873,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 19ms
18ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.886474,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
fra-v4.pops.fastly-insights.com/ 378 B
1 KB 61ms
20ms Fetch
image/svg+xml 151.101.14.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fra-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:24 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: FRA
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-fra19182-FRA
Server: Varnish
X-Timer: S1597454305.928084,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

GET
H/2+Q/46

204

a
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=*&eid=45&u=C&tc=105&z=0
https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=*&eid=45&u=C&tc=105&z=0

0
43 B

14ms
14ms

Image
image/gif

2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=*&eid=45&u=C&tc=105&z=0

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Aug 2020 01:18:24 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.googletagmanager.com/a?id=GTM-P9JKJ53&cv=1768&v=3&t=t&pid=1127669640&rv=871&es=1&e=*&eid=45&u=C&tc=105&z=0
Non-Authoritative-Reason: HSTS

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 19ms
19ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.000327,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
hhn-v4.pops.fastly-insights.com/ 378 B
1 KB 58ms
20ms Fetch
image/svg+xml 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hhn-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: HHN
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-hhn4049-HHN
Server: Varnish
X-Timer: S1597454305.037748,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 24ms
24ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.110631,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
lcy-v4.pops.fastly-insights.com/ 378 B
1 KB 75ms
20ms Fetch
image/svg+xml 151.101.18.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://lcy-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.18.91 London, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: LCY
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-lcy19280-LCY
Server: Varnish
X-Timer: S1597454305.165763,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 20ms
20ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.239744,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
astral-v4.pops.fastly-insights.com/ 378 B
1 KB 63ms
19ms Fetch
image/svg+xml 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://astral-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: HHN
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-hhn4030-HHN
Server: Varnish
X-Timer: S1597454305.282884,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 18ms
18ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454305.353426,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
bur-v4.pops.fastly-insights.com/ 378 B
1 KB 485ms
160ms Fetch
image/svg+xml 151.101.198.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bur-v4.pops.fastly-insights.com/o.svg?u=0addb654-96eb-4a3c-b7ad-899f1c94bc8f

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.198.91 Los Angeles, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
X-Datacenter: BUR
X-Cache-Hits: 0
Connection: close
Content-Length: 378
X-Served-By: cache-bur17559-BUR
Server: Varnish
X-Timer: S1597454306.751250,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Ip-Version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 20ms
19ms Fetch
application/javascript 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/insights.js?k=040e3997-282c-4275-ba9b-a406ce78b133&dnt=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://ilifoani.beget.tech/uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Aug 2020 01:18:25 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 3600}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-hhn4021-HHN
Server: Varnish
X-Timer: S1597454306.892350,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 3600, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spotify (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ilifoani.beget.tech/	1970-01-23 03:20:14	Name: spAnalytics_id Value: eyJkZXZpY2VJZCI6ImJhNzczZjM1YzQzOGVhMjU0Mzc5ZmI3YjI3ZGEwMjM5IiwidXNlcklkIjpudWxsfQ==
.beget.tech/	1970-01-19 11:45:40	Name: _gid Value: GA1.2.2028588171.1597454302
.beget.tech/	1970-01-20 05:15:26	Name: _ga Value: GA1.2.2038962231.1597454302

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0addb654-96eb-4a3c-b7ad-899f1c94bc8f.eu.u.fastly-insights.com
ams-v4.pops.fastly-insights.com
any-v4.pops.fastly-insights.com
astral-v4.pops.fastly-insights.com
bne-v4.pops.fastly-insights.com
bur-v4.pops.fastly-insights.com
dpm.demdex.net
encrypted-tbn2.gstatic.com
fastly-insights.com
fra-v4.pops.fastly-insights.com
hhn-v4.pops.fastly-insights.com
idsync.rlcdn.com
ilifoani.beget.tech
lcy-v4.pops.fastly-insights.com
loadus.exelator.com
pdata.pops.fastly-insights.com
pixel.spotify.com
qpg-v4.pops.fastly-insights.com
sp-bootstrap.global.ssl.fastly.net
t.myvisualiq.net
tags.bluekai.com
tapestry.tapad.com
vt.myvisualiq.net
www.facebook.com
www.fastly-insights.com
www.google-analytics.com
www.googletagmanager.com
www.scdn.co
104.108.41.56
13.226.155.68
147.75.102.200
151.101.114.91
151.101.13.194
151.101.130.91
151.101.14.91
151.101.18.91
151.101.194.91
151.101.198.91
151.101.38.91
151.101.98.91
199.232.46.91
2600:1901:1:c36::
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:821::2008
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::760
2a04:4e42:200::603
3.127.156.137
35.227.248.159
35.244.245.222
5.101.153.32
54.154.174.199
00b972c5c371581774e6956e72fdf67ef400f65585a2ea6e119fd4159c92679d
020cede188f9c3d1fe3f49465dd3bce0be494e60bd6b88f1e717c2db7f6388d3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112115af69cc02ec68e223daed293657fd491b1faac884c2dd3e35e15f49becd
205f3ee021fbb22aecd7594cbc697bad6754c76ee880a758f019255776992bd6
27c6c010b56541288cf75fa5e8773311aadac4e60add1a00351da2664fcad6cf
28666aaccdf5c60d9bdb9321702fa0356144e0e72c5a72101af603b3586703b9
2d10d17cf5f24529157216e13c4acbe72ad2b578718425a250aba86316bc586f
3c0d8b67c2e38a5bc978829a1b0711bc4e45b7958139535430ee038537a8e0a9
4d0c03eb202adbec944044a58d130e9bc430eff8525f3520c6c6d8f3ad1ea9e4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02
61c260b4be6ad5ef0bdd756f19e5e12da7eb384cbd2b2ee81e3abe4cfaa1d5be
73013943651eae62be28078305b49b4889bb5291f923bcb7529071b0005f1753
a289836fd7e2f91b714e0dd9e480c8f11f93973ab361bcc2631d8b8ef3884ed1
ab7be110e7203add27e1cda437d77f39568c16bc0c674ef4aa3c2e066074b1de
b950d0bf1be722756f170243857b8dbace6cc88cad0207a8126479fccb4ff9d9
c19aae5f0075527e1dddb320fd8f10d56f0e410d21a1ff21cf889585b92c106d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e875f5b304a198295727731c3343bedbc9476224e253040ccfcb5d5b2b07e612
ed795d2047287a848f2349e88d5a8ee58e1a2d0ea9292a3be6717138f55a1d09
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

ilifoani.beget.tech Open in urlscan Pro 5.101.153.32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

92 %HTTPS

31 %IPv6

15 Domains

28 Subdomains

25 IPs

9 Countries

636 kBTransfer

2040 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

ilifoani.beget.tech Open in urlscan Pro
5.101.153.32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

92 %
HTTPS

31 %
IPv6

15
Domains

28
Subdomains

25
IPs

9
Countries

636 kB
Transfer

2040 kB
Size

3
Cookies

53 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!