xdrar.xyz Open in urlscan Pro
76.223.62.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xdrar.xyz/
Submission: On June 17 via api (June 17th 2023, 3:55:17 am UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 89 HTTP transactions. The main IP is 76.223.62.232, located in United States and belongs to AMAZON-02, US. The main domain is xdrar.xyz.
TLS certificate: Issued by R3 on May 22nd 2023. Valid for: 3 months.

This is the only time xdrar.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	76.223.62.232 76.223.62.232	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.7.8 108.138.7.8	16509 (AMAZON-02) (AMAZON-02)
6	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
6	35.174.189.20 35.174.189.20	14618 (AMAZON-AES) (AMAZON-AES)
10	99.83.128.233 99.83.128.233	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2af9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.32.121.39 13.32.121.39	16509 (AMAZON-02) (AMAZON-02)
1	3.33.235.18 3.33.235.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b900:4c03:3724:d96a:32e5	14618 (AMAZON-AES) (AMAZON-AES)
2	18.66.122.57 18.66.122.57	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
5	2a04:4e42:8d:... 2a04:4e42:8d::760	54113 (FASTLY) (FASTLY)
8	2a04:4e42:8d:... 2a04:4e42:8d::763	54113 (FASTLY) (FASTLY)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:1901:0:5... 2600:1901:0:524d::	15169 (GOOGLE) (GOOGLE)
8	2600:1901:1:81:: 2600:1901:1:81::	15169 (GOOGLE) (GOOGLE)
1 1	65.9.66.15 65.9.66.15	16509 (AMAZON-02) (AMAZON-02)
89	22

11 76.223.62.232 (United States)

ASN16509 (AMAZON-02, US)
PTR: a994e33308a4a5fe8.awsglobalaccelerator.com

xdrar.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-8.fra56.r.cloudfront.net

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.174.189.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-189-20.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 99.83.128.233 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ab85f711de293daa2.awsglobalaccelerator.com

api.prod.tell.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2af9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.getphyllo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-39.fra60.r.cloudfront.net

cdn.tellie.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:4c03:3724:d96a:32e5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net

assets.prod.tell.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:8d::760 (United States)

ASN54113 (FASTLY, US)

encore.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:8d::763 (United States)

ASN54113 (FASTLY, US)

open.spotifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o22381.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

apresolve.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1901:1:81:: (United States)

ASN15169 (GOOGLE, US)

gew4-spclient.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.15 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-15.fra56.r.cloudfront.net

media.prod.tell.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	tell.ie 1 redirects api.prod.tell.ie assets.prod.tell.ie media.prod.tell.ie	11 MB
13	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1309 events.launchdarkly.com — Cisco Umbrella Rank: 974 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1175 Failed	3 KB
11	spotify.com open.spotify.com — Cisco Umbrella Rank: 4057 apresolve.spotify.com — Cisco Umbrella Rank: 1060 gew4-spclient.spotify.com — Cisco Umbrella Rank: 12024	7 KB
11	xdrar.xyz xdrar.xyz	2 MB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
8	spotifycdn.com open.spotifycdn.com — Cisco Umbrella Rank: 7776	491 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1987 ka-p.fontawesome.com — Cisco Umbrella Rank: 3718	220 KB
5	scdn.co encore.scdn.co — Cisco Umbrella Rank: 9233 i.scdn.co — Cisco Umbrella Rank: 1268	364 KB
4	tellie.tv cdn.tellie.tv	220 KB
2	iframe.ly cdn.iframe.ly — Cisco Umbrella Rank: 27293	11 KB
1	sentry.io o22381.ingest.sentry.io — Cisco Umbrella Rank: 10764	301 B
1	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2399	305 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 124	342 B
1	getphyllo.com cdn.getphyllo.com	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	85 KB
89	15

	Domain	Requested by
11	xdrar.xyz	xdrar.xyz
10	api.prod.tell.ie	xdrar.xyz
8	gew4-spclient.spotify.com	open.spotifycdn.com
8	open.spotifycdn.com	open.spotify.com open.spotifycdn.com
6	events.launchdarkly.com	xdrar.xyz
6	app.launchdarkly.com	xdrar.xyz
5	region1.google-analytics.com	www.googletagmanager.com
4	encore.scdn.co	open.spotify.com
4	cdn.tellie.tv
4	www.google-analytics.com	xdrar.xyz
4	ka-p.fontawesome.com	kit.fontawesome.com
2	apresolve.spotify.com	open.spotifycdn.com
2	assets.prod.tell.ie
2	cdn.iframe.ly	xdrar.xyz
2	kit.fontawesome.com	xdrar.xyz kit.fontawesome.com
1	media.prod.tell.ie	1 redirects
1	o22381.ingest.sentry.io	open.spotifycdn.com
1	i.scdn.co	open.spotifycdn.com
1	open.spotify.com	cdn.iframe.ly
1	rum.browser-intake-datadoghq.com	xdrar.xyz
1	stats.g.doubleclick.net	xdrar.xyz
1	clientstream.launchdarkly.com
1	cdn.getphyllo.com	xdrar.xyz
1	www.googletagmanager.com	xdrar.xyz
89	24

This site contains no links.

Subject Issuer	Validity	Valid
xdrar.xyz R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.iframe.ly Amazon RSA 2048 M02	`2022-11-22` - `2023-12-21`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
events.launchdarkly.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-16`	7 months	crt.sh
*.prod.tell.ie Amazon RSA 2048 M02	`2023-02-08` - `2023-11-16`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
getphyllo.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.tellie.tv Amazon RSA 2048 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-02-10` - `2023-10-07`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-07` - `2024-03-06`	a year	crt.sh
*.scdn.co DigiCert TLS RSA SHA256 2020 CA1	`2022-08-02` - `2023-08-02`	a year	crt.sh
*.spotifycdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-02` - `2023-08-02`	a year	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://xdrar.xyz/
Frame ID: 5DB744E53540520CD59E94E63BED8551
Requests: 55 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fopen.spotify.com%2Fartist%2F4GLv12ssY6yST0ZvvgQch0&key=ec1133e249fbfff764ead184bb038761
Frame ID: 47FFFECC1428C26EFB0EB0D3DFBC0A7A
Requests: 1 HTTP requests in this frame

Frame: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Frame ID: AD14386E450343B8454F93946974BDFD
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XD.rarresizeresizeresize

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

89
Requests

96 %
HTTPS

55 %
IPv6

15
Domains

24
Subdomains

22
IPs

3
Countries

14838 kB
Transfer

22166 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://media.prod.tell.ie/image/resize?key=set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp&width=1440 HTTP 307
https://assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xdrar.xyz/ 4 KB
4 KB 596ms
253ms Document
text/html 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xdrar.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.62.232 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a994e33308a4a5fe8.awsglobalaccelerator.com

Software

Caddy / Express

Resource Hash

f5f7a1862aa7f90e3d31907b82b62f057fa8b3c56b35376cec60c591d6de3cbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.tellie-code.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
cache-control: max-age=60
content-length: 4254
content-security-policy: frame-ancestors 'self' https://prod.tellie-code.com;
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 03:55:07 GMT
etag: W/"109e-iCEewrbksXUuN7ozZVTnuPV5V+g"
server: Caddy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1

GET
H2 200 632acf86e6.js Show response
kit.fontawesome.com/ 11 KB
5 KB 144ms
58ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/632acf86e6.js

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33db8788bb18d86ace320933382f2cbe84e3d5282b922c785199cc1e911e19ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://xdrar.xyz/
Origin: https://xdrar.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:08 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7d885af02b452bb9-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F2lWA3DlI89DC9RI4u6i

GET
H2 200 embed.js Show response
cdn.iframe.ly/ 24 KB
8 KB 145ms
42ms Script
application/javascript 108.138.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/embed.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-8.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9e89a92b0ee6959fc76460b414049e3bd12fbe00b119e5a6bdc51faf9f37a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 05:15:19 GMT
content-encoding: br
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 18:19:44 GMT
server: nginx
x-amz-cf-pop: FRA56-P6
age: 81589
etag: W/"644030c0-5ef3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L6LCG1LXeaEWFtqq_eJnKRddH6A1KCU7XOZDpm_YGbAK3p3uxuL0Kw==

GET
H2 200 6.19627560.chunk.css
xdrar.xyz/static/css/ 9 KB
5 KB 180ms
178ms Stylesheet
text/css 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/css/6.19627560.chunk.css
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: c07aaed8860b846f6d2834397b80246ef7511575f55d55f6c4782ea88de405e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:27:03 GMT
content-encoding: br
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:03 GMT
server: Caddy, AmazonS3
age: 59286
x-amz-cf-pop: HIO50-C2
etag: W/"455eaf068a8f721da31032450d135d78"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: NFfqgYmbhIEFVwVM0XsT6_-Ecjj8IR4zcTg_wNri8nPSJmb3VRVwaQ==

GET
H2 200 main.260e2f09.chunk.css
xdrar.xyz/static/css/ 9 KB
2 KB 180ms
179ms Stylesheet
text/css 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/css/main.260e2f09.chunk.css
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: 3e114cbb218ecfda2a29ba8ac0d9e1407c7f9732b396878bdd3cf9424a942f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:59:40 GMT
content-encoding: br
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:03 GMT
server: Caddy, AmazonS3
age: 57757
x-amz-cf-pop: HIO50-C2
etag: W/"7ba57c23a00f67d8a241360d7c3e3a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: XkKTcNo0yqxyJAiAWgQ8goKAcnsapTIDZhZ_xlbSxsiHUlGhxoJWVw==

GET
H2 200 6.6d2f9d2c.chunk.js Show response
xdrar.xyz/static/js/ 5 MB
1 MB 180ms
180ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: d0fb8ead3e32abfb16fafd8551113be02dfea033d4bde1d8b9633e6e764fc1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:52:01 GMT
content-encoding: br
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:04 GMT
server: Caddy, AmazonS3
age: 47669
x-amz-cf-pop: HIO50-C2
etag: W/"e3e33c474991d902f4b85e038691c681"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: ptrDTWh04pIG25sxuzSClnFP40M84oAsg959qoR0kLoHLCRa1YnePA==

GET
H2 200 main.0b9cdd90.chunk.js Show response
xdrar.xyz/static/js/ 298 KB
75 KB 493ms
492ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/main.0b9cdd90.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: ba2b540b396bb5f724ce6344c42a822e07103920fe7908be9c5f39121690a345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:02:17 GMT
content-encoding: gzip
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:05 GMT
server: Caddy, AmazonS3
age: 35572
x-amz-cf-pop: HIO50-C2
etag: W/"f40abf2e1d524eeb3d547083aab175d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: WPh7cdRY2lkbvxEsJXphwpzQKKuGNzs3mftxsA114SCkwor_QRwPOQ==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.4.0/css/ 867 KB
196 KB 84ms
59ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=632acf86e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/632acf86e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 21:29:22 GMT
server: cloudflare
etag: "641cc4b2-31000"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d885af0dbb02bb9-FRA
content-length: 200704

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.4.0/css/ 27 KB
4 KB 124ms
100ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-shims.min.css?token=632acf86e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/632acf86e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: "641cc4b0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d885af0dbb42bb9-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.0/css/ 85 KB
12 KB 124ms
100ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v5-font-face.min.css?token=632acf86e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/632acf86e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
server: cloudflare
etag: "641cc4b1-30f2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d885af0dbb32bb9-FRA
content-length: 12530

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.0/css/ 12 KB
2 KB 123ms
99ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-font-face.min.css?token=632acf86e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/632acf86e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: "641cc4b0-917"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d885af0dbb22bb9-FRA
content-length: 2327

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/632acf86e6/101256065/ 0
131 B 60ms
60ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/632acf86e6/101256065/kit-upload.css

Requested by

Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/632acf86e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:08 GMT
strict-transport-security: max-age=31536000; preload
cf-cache-status: MISS
content-length: 0
x-request-id: F2lWA3WTZf5IOqtL6BOB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 7d885af0ab972bb9-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 6035d9ced97f7509aac2e410 Show response
app.launchdarkly.com/sdk/goals/ 2 B
181 B 395ms
395ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6035d9ced97f7509aac2e410

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xdrar.xyz/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Sat, 17 Jun 2023 03:55:10 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1686974110.865716,VS0,VE356
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7149c8dc88e193e2afa98a5622063be8963d0ee1dbcfdc12212ed221089d9e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/ 5 KB
1 KB 41ms
40ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a84759f5f01f71d1e661335bd0ffbae9dc81eff24d0810f06db6fffa35ed27a

Request headers

Referer: https://xdrar.xyz/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:09 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 700
x-served-by: cache-fra-eddf8230073-FRA, cache-fra-etou8220020-FRA
x-timer: S1686974110.864488,VS0,VE2
etag: "702dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

POST
H2 202 6035d9ced97f7509aac2e410 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 138ms
138ms XHR
application/json 35.174.189.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6035d9ced97f7509aac2e410

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.189.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-189-20.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xdrar.xyz/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Jun 2023 03:55:09 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 200 6035d9ced97f7509aac2e410
app.launchdarkly.com/sdk/goals/ Frame 0
0 409ms
306ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6035d9ced97f7509aac2e410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 17 Jun 2023 03:55:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1686974110.559239,VS0,VE267

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/ Frame 0
0 405ms
304ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 17 Jun 2023 03:55:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1686974110.559344,VS0,VE266

OPTIONS
H2 204 6035d9ced97f7509aac2e410
events.launchdarkly.com/events/diagnostic/ Frame 0
0 357ms
116ms Preflight 35.174.189.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6035d9ced97f7509aac2e410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.189.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-189-20.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 17 Jun 2023 03:55:09 GMT
strict-transport-security: max-age=31536000

OPTIONS
H2 204 siteload
api.prod.tell.ie/web/ Frame 0
0 510ms
173ms Preflight 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/siteload
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:10 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/ Frame 0
0 53ms
53ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 17 Jun 2023 03:55:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1686974110.957494,VS0,VE0

GET
H2 200 0.3879e66e.chunk.js Show response
xdrar.xyz/static/js/ 103 KB
16 KB 180ms
179ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/0.3879e66e.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: 83be4adfadca333f2b9859d5881c011c43f64c8fbbc129020261826c582ddae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:52:03 GMT
content-encoding: br
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:03 GMT
server: Caddy, AmazonS3
age: 47669
x-amz-cf-pop: HIO50-C2
etag: W/"38a1ecd0fcd2f4cc25b55d09521d09c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: b5d0gr4T05hp97JJVFFZFSFu7WuZDxiB_d04SqN0Pg0AcpJZ1vFEtQ==

GET
H2 200 1.cd633087.chunk.js Show response
xdrar.xyz/static/js/ 62 KB
20 KB 178ms
177ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/1.cd633087.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: 117e57c171d02fdbc0337dfe40044d752c63c1566c6a2426a4028ab7f2cb4894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:27:10 GMT
content-encoding: gzip
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:03 GMT
server: Caddy, AmazonS3
age: 55680
x-amz-cf-pop: HIO50-C2
etag: W/"2b920ca3297eecc8d95830e5261c0f7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: P4IorqtMIIBODkdIgdq-asDWnUxt3_ImsRixRDy3Xk9K5XETOxCEWw==

GET
H2 200 2.ad4c6199.chunk.js Show response
xdrar.xyz/static/js/ 41 KB
14 KB 206ms
206ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/2.ad4c6199.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: 0b0430dcd46793ae894c9881e69268d7cbb8ee1a45cc24db5c5d5eaa27d3704f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:26:41 GMT
content-encoding: gzip
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:04 GMT
server: Caddy, AmazonS3
age: 19062
x-amz-cf-pop: HIO50-C2
etag: W/"a5ea0a0de992dbd49edd4a8e244e5a38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: 0EHAsq6ZSPxyoACGlJX8ahXynKADHpOVmHMAbGDVqH1Wuo3BZZxtew==

GET
H2 200 3.e4b77543.chunk.js Show response
xdrar.xyz/static/js/ 22 KB
8 KB 323ms
323ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/3.e4b77543.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: 2c336c87735c25ee5f238bbb2422a2025d816bbc9d4d3a44183977254225b647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:54:50 GMT
content-encoding: gzip
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:04 GMT
server: Caddy, AmazonS3
age: 54995
x-amz-cf-pop: HIO50-C2
etag: W/"d34c43234923bd660807d89af6acd068"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: jqgIizfBAyXixKMsAoB9koHlZdFF4scDtiGmxcAozh-PvW8G22x2Hg==

GET
H2 200 9.57cf5664.chunk.js Show response
xdrar.xyz/static/js/ 990 KB
343 KB 207ms
206ms Script
text/javascript 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xdrar.xyz/static/js/9.57cf5664.chunk.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.62.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a994e33308a4a5fe8.awsglobalaccelerator.com
Software: Caddy, AmazonS3 /
Resource Hash: 3a82733b6d0a9366fa2bf27e5ced33602040bd5363ab874db71c053801d3c32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:04:38 GMT
content-encoding: gzip
via: 1.1 925e7b77d00fe09d3e904612516a8234.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 01:00:05 GMT
server: Caddy, AmazonS3
age: 47668
x-amz-cf-pop: HIO50-C2
etag: W/"75131a6d5d235965bbba1f2870d5ffb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000
x-amz-cf-id: duPQgSsumaDsozuAUXxSvT38ULesaOp-i0WdMt7lcGZslrzBERSAuA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 146ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 02:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4788
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 17 Jun 2023 04:35:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 146ms
58ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NNQV2G9480

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df388c3ed0089cd002e185fc54c72699cb596ca7c1499fe294debd354925498a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 03:55:10 GMT

POST
H2 200 siteload Show response
api.prod.tell.ie/web/ 4 KB
4 KB 232ms
232ms Fetch
application/json 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/siteload
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: 99ec1c73f855735509166e7529d349789ba6041724eea986a68d7c46ca589982

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:10 GMT
x-powered-by: Express
content-length: 4434
etag: W/"1152-IZJqoVR8FvTzlBbO2ifjcm6CA7w"
content-type: application/json; charset=utf-8

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/ 5 KB
767 B 39ms
39ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/6035d9ced97f7509aac2e410/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a84759f5f01f71d1e661335bd0ffbae9dc81eff24d0810f06db6fffa35ed27a

Request headers

Referer: https://xdrar.xyz/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:09 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 700
x-served-by: cache-fra-eddf8230073-FRA, cache-fra-etou8220020-FRA
x-timer: S1686974110.997027,VS0,VE0
etag: "702dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 2

GET
H2 200 phyllo-connect.js Show response
cdn.getphyllo.com/connect/v2/ 5 KB
2 KB 169ms
48ms Script
application/x-javascript 2606:4700:3108::ac42:2af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getphyllo.com/connect/v2/phyllo-connect.js
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb0c322a9193ae9693555e2dd6f1c65ab5c4d49945f597dbd1f5774ff09e461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 07:09:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: CY9YZV07VWWYYR7N
age: 6724
etag: W/"0e2a5c1603fca33fa3be1739ae58cf78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEPRpIwGNNJMLhRdFcoOmjQHM9oEZZlbV%2BEZunjMja%2Bni%2FcihnoA9E8kYKw2unUl7F4lfQNGzT7JQuO6yfzRC%2BqdTIn66Ddh%2BQPB5lMrXoLFMldrGj5SCFhFyFmIrQe3cPb9A2BNTyDWeKH1bDKl"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 7d885afbef8a3637-FRA
x-amz-id-2: IHOHXYcwa8Nz6KvLIsE4NwGnzw+gWZd5+d9HmI2JMLwSOri83wuujiSwnfpplueYSlxY/4plRm4=

GET
H2 200 SuisseIntl-Bold-WebXL.woff2
cdn.tellie.tv/fonts/Suisse/ 68 KB
68 KB 470ms
345ms Font
binary/octet-stream 13.32.121.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tellie.tv/fonts/Suisse/SuisseIntl-Bold-WebXL.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7535e8d89e4cbf233ff22d938a41ce969f0fde516b81a5eb58c11dc02cd827b7

Request headers

Referer: https://xdrar.xyz/
Origin: https://xdrar.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 06:33:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "34ac361f75b20bfa22e8410087d6e8dd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 69364
x-amz-cf-id: KJ7gFHYfHWDVJbVz-Zz5_8B8R050qqnLC0GNKQegf-O2lrN0hTFN2w==

GET
H2 200 SuisseIntl-Regular-WebXL.woff2
cdn.tellie.tv/fonts/Suisse/ 67 KB
67 KB 521ms
396ms Font
binary/octet-stream 13.32.121.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tellie.tv/fonts/Suisse/SuisseIntl-Regular-WebXL.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 595c9b95cc4d52b94a19987dc9f2e2743c4e74f140510b04a91a9602c6e5bddf

Request headers

Referer: https://xdrar.xyz/
Origin: https://xdrar.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 06:34:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "b5c7cf1c74aa9b19421670f7e0986d67"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 68316
x-amz-cf-id: 2r3yKw5QpWnW5nArhLpAs4LjcvHRVZjRIYHNu63kB4PIzjayjU6UBQ==

GET eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
clientstream.launchdarkly.com/eval/6035d9ced97f7509aac2e410/ 0
0

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
clientstream.launchdarkly.com/eval/6035d9ced97f7509aac2e410/ 5 KB
0 114ms
64ms EventSource
text/event-stream 3.33.235.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/6035d9ced97f7509aac2e410/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.235.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:10 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 47ms
46ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1652778867&t=pageview&_s=1&dl=https%3A%2F%2Fxdrar.xyz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=XD.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=580503214&gjid=390180527&cid=1296138605.1686974110&tid=UA-129024950-6&_gid=377124403.1686974110&_r=1&_slc=1&z=2105952135

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 03:55:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1652778867&t=timing&_s=2&dl=https%3A%2F%2Fxdrar.xyz%2F&ul=en-us&de=UTF-8&dt=XD.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1961&pdt=0&dns=27&rrt=1&srt=253&tcp=316&dit=1960&clt=1960&_gst=2426&_gbt=2588&_u=IEBAAAABAAAAAC~&jid=&gjid=&cid=1296138605.1686974110&tid=UA-129024950-6&_gid=377124403.1686974110&z=1687698170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 10:28:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62819
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 159ms
47ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-129024950-6&cid=1296138605.1686974110&jid=580503214&gjid=390180527&_gid=377124403.1686974110&_u=IEBAAAAAAAAAAC~&z=584846894

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Jun 2023 03:55:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 142ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NNQV2G9480&gtm=45je36e0&_p=1652778867&cid=1296138605.1686974110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686974110&sct=1&seg=0&dl=https%3A%2F%2Fxdrar.xyz%2F&dt=XD.rar&en=page_view&_fv=1&_ss=1&_ee=1&ep.name=Tellie&epn.siteSpeedSampleRate=100&ep.debug_mode=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNQV2G9480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 03:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 135ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NNQV2G9480&gtm=45je36e0&_p=1652778867&cid=1296138605.1686974110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&dp=%2F&sid=1686974110&sct=1&seg=1&dl=https%3A%2F%2Fxdrar.xyz%2F&dt=XD.rar&en=page_view&_ee=1&ep.name=Tellie&epn.siteSpeedSampleRate=100&ep.debug_mode=false&ep.product=Tellie&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNQV2G9480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 03:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
305 B 571ms
292ms Fetch
application/json 2600:1f18:24e6:b900:4c03:3724:d96a:32e5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.23.3%2Cenv%3Aprod&dd-api-key=pube5812719a3dcdc3c5dc1c00625343151&dd-evp-origin-version=4.23.3&dd-evp-origin=browser&dd-request-id=1af209df-825b-4392-86d0-8247db7ed858&batch_time=1686974110666

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:4c03:3724:d96a:32e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

85f3ebe0d63f0ab3b3292c083aca9f18ee92ce90f6e3c06dd74d1df126607911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H2 200 verify Show response
api.prod.tell.ie/web/page/paywall/ 22 B
179 B 173ms
172ms Fetch
application/json 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/page/paywall/verify?pageGroupId=dc91cce2-a0c3-471e-8238-3caac350c856
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: 271414395081ae6a070a08870db6e6c5e3bae2b33453b69a7f4ad0597d930ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:10 GMT
x-powered-by: Express
content-length: 22
etag: W/"16-F+I9+JCpMVEOaUrmOlRAgzDV0Cw"
content-type: application/json; charset=utf-8

GET
H2 200 null
xdrar.xyz/ 5 KB
5 KB 217ms
216ms Image
text/html 76.223.62.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xdrar.xyz/null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.62.232 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a994e33308a4a5fe8.awsglobalaccelerator.com

Software

Caddy / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.tellie-code.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://prod.tellie-code.com;
date: Sat, 17 Jun 2023 03:55:10 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Caddy
etag: W/"12fe-VDPFebFQf2DXYs4s92kr4Jw6eJo"
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
alt-svc: h3=":443"; ma=2592000
content-length: 4862
x-xss-protection: 1

GET
H2 200 SuisseIntl-Medium-WebXL.woff2
cdn.tellie.tv/fonts/Suisse/ 66 KB
67 KB 498ms
498ms Font
binary/octet-stream 13.32.121.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tellie.tv/fonts/Suisse/SuisseIntl-Medium-WebXL.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 944e04e5f6f5bbbbf455e9b67109cbacc6da5e7677a313395da92040ab953206

Request headers

Referer: https://xdrar.xyz/
Origin: https://xdrar.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:12 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 06:34:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "bbcb294300c9f4839f6cf4f8dcafb604"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 68064
x-amz-cf-id: kd-bKvlnvsle6shFdQnYJwOZEoMq1ipqYbOzUKpv8ZphjJRaGDQFNQ==

OPTIONS
H2 204 page
api.prod.tell.ie/web/ Frame 0
0 174ms
174ms Preflight 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/page?username=xd.rar
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: tellie-client,tellie-session
Access-Control-Request-Method: GET
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: tellie-client,tellie-session
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:10 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NNQV2G9480&gtm=45je36e0&_p=1652778867&cid=1296138605.1686974110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=3&sid=1686974110&sct=1&seg=1&dl=https%3A%2F%2Fxdrar.xyz%2F&dt=XD.rar&dp=%2F&en=scroll&ep.name=Tellie&epn.siteSpeedSampleRate=100&ep.debug_mode=false&epn.percent_scrolled=90&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNQV2G9480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 03:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1652778867&t=pageview&_s=3&dl=https%3A%2F%2Fxdrar.xyz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=XD.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAAABAAAAAC~&jid=&gjid=&cid=1296138605.1686974110&tid=UA-129024950-6&_gid=377124403.1686974110&z=1883171532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:38:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4627
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page Show response
api.prod.tell.ie/web/ 4 KB
4 KB 232ms
232ms Fetch
application/json 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/page?username=xd.rar
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: ff90de3bb2efdabee654f5012f22d3545d41760e72dabfe5784dbd2b31b0ae9f

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
tellie-session: DjWe18t90fXhxYoF70J5U
tellie-client: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6ImM1NTFiMDU3LTMzZGUtNGY1MC05Zjc4LWFiNDkyY2YxOWRkYyIsImlhdCI6MTY4Njk3NDExMH0.AxeGkvO9GS6VkPvdZF6LHqDv80fhVu79RjJFu1mV614

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:11 GMT
x-powered-by: Express
content-length: 4200
etag: W/"1068-L1/syMVZWNw4UwrF2hYMXvFK4x0"
content-type: application/json; charset=utf-8

POST
H2 200 events
api.prod.tell.ie/web/beacon/ 2 B
153 B 497ms
174ms Ping
text/plain 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/beacon/events
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/main.0b9cdd90.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:11 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET iframe
cdn.iframe.ly/api/ Frame 47FF 0
0

GET
H2 200 zA6GGZhNH930.webp
assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/ 6 MB
6 MB 188ms
48ms Image
image/webp 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5db07848ee1fe880114ff203979b3fd291b02298eb33ef9d25eb80b234dac8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 07:12:42 GMT
content-encoding: base64
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 07:34:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 74550
etag: "4459d361b99186903b4f39cb68e895a5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 5968076
x-amz-cf-id: qS5zrFFN01AFOoSC-gJxhrkVxTWUyeuTgRRyZQ_lufzSClpz1lI0Mw==

GET
H2 200 SuisseIntlMono-Regular-WebXL.woff2
cdn.tellie.tv/fonts/Suisse/ 17 KB
17 KB 486ms
485ms Font
binary/octet-stream 13.32.121.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tellie.tv/fonts/Suisse/SuisseIntlMono-Regular-WebXL.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5346fbed3e4ca9365ca281fc6f8859e9183ea05ceb33cd624aeb4d86fda0a967

Request headers

Referer: https://xdrar.xyz/
Origin: https://xdrar.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:12 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 06:34:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "137247300fbf6e10ffd1485cb017057c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 17284
x-amz-cf-id: UlFeLsaz8htdptZ3ykHk1IKIIVnwuB_k2HgtDbnAI5GjY1D3RANBsQ==

POST
H2 200 events
api.prod.tell.ie/web/beacon/ 2 B
152 B 476ms
176ms Ping
text/plain 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/beacon/events
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/main.0b9cdd90.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:11 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 iframe Show response
cdn.iframe.ly/api/ Frame AD14 8 KB
3 KB 165ms
165ms Document
text/html 108.138.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fopen.spotify.com%2Fartist%2F4GLv12ssY6yST0ZvvgQch0&key=ec1133e249fbfff764ead184bb038761
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-8.fra56.r.cloudfront.net
Software: nginx / iframe.ly
Resource Hash: cffb1ed3dd92b9ab551d28671b257e260993305ef2f915dfb7a74e18b95b7914

Request headers

Referer: https://xdrar.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 03:55:11 GMT
etag: W/"2c9bcf4506206e56e4868efc14911db9"
expires: Sat, 17 Jun 2023 04:55:11 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-id: fS0GwL2qzv3s-LU4rjNyVgURFUQPW_SikZ7YlKAbq3I4I6YvixMntQ==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-powered-by: iframe.ly

GET
H2 200 4GLv12ssY6yST0ZvvgQch0 Show response
open.spotify.com/embed/artist/ Frame AD14 15 KB
7 KB 227ms
129ms Document
text/html 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed

Requested by

Host: cdn.iframe.ly
URL: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fopen.spotify.com%2Fartist%2F4GLv12ssY6yST0ZvvgQch0&key=ec1133e249fbfff764ead184bb038761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

1ab29de3355c6d9c8a441fdc84fa6adfb5efea76dc99d061344640a86bb6cb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.iframe.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 03:55:11 GMT
server: envoy
sp-trace-id: 0cc0c55fa0f0a87f
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff
x-envoy-upstream-service-time: 75

GET
H2 200 verify Show response
api.prod.tell.ie/web/page/paywall/ 22 B
179 B 173ms
173ms Fetch
application/json 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/page/paywall/verify?pageGroupId=dc91cce2-a0c3-471e-8238-3caac350c856
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: 271414395081ae6a070a08870db6e6c5e3bae2b33453b69a7f4ad0597d930ef6

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
tellie-session: DjWe18t90fXhxYoF70J5U
tellie-client: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6ImM1NTFiMDU3LTMzZGUtNGY1MC05Zjc4LWFiNDkyY2YxOWRkYyIsImlhdCI6MTY4Njk3NDExMH0.AxeGkvO9GS6VkPvdZF6LHqDv80fhVu79RjJFu1mV614

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:11 GMT
x-powered-by: Express
content-length: 22
etag: W/"16-F+I9+JCpMVEOaUrmOlRAgzDV0Cw"
content-type: application/json; charset=utf-8

OPTIONS
H2 204 verify
api.prod.tell.ie/web/page/paywall/ Frame 0
0 173ms
173ms Preflight 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/page/paywall/verify?pageGroupId=dc91cce2-a0c3-471e-8238-3caac350c856
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: tellie-client,tellie-session
Access-Control-Request-Method: GET
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: tellie-client,tellie-session
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:11 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H/1.1 200
OK CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
encore.scdn.co/fonts/ Frame AD14 82 KB
83 KB 146ms
41ms Font
font/woff2 2a04:4e42:8d::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8d::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 03:55:11 GMT
Content-Encoding: gzip
Age: 20640716
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 84027
X-Served-By: cache-chi-klot8100118-CHI, cache-fra-eddf8230038-FRA
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: "f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 84027
Accept-Ranges: bytes
X-Cache-Hits: 130506, 158052

GET
H/1.1 200
OK CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
encore.scdn.co/fonts/ Frame AD14 87 KB
88 KB 145ms
40ms Font
font/woff2 2a04:4e42:8d::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8d::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 03:55:11 GMT
Content-Encoding: gzip
Age: 20640717
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 89529
X-Served-By: cache-chi-klot8100084-CHI, cache-fra-eddf8230130-FRA
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: "216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 89529
Accept-Ranges: bytes
X-Cache-Hits: 81751, 163771

GET
H/1.1 200
OK CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
encore.scdn.co/fonts/ Frame AD14 85 KB
86 KB 145ms
40ms Font
font/woff2 2a04:4e42:8d::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8d::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 03:55:11 GMT
Content-Encoding: gzip
Age: 362725
X-Cache: HIT, HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 87344
X-Served-By: cache-ord1746-ORD, cache-chi-klot8100110-CHI, cache-fra-eddf8230051-FRA
Last-Modified: Thu, 19 May 2022 07:59:23 GMT
ETag: "db1a27b35e26398fef4be920ea96078d"
x-goog-generation: 1652947162999500
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 87344
Accept-Ranges: bytes
X-Cache-Hits: 1, 20238, 43095

GET
H/1.1 200
OK CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
encore.scdn.co/fonts/ Frame AD14 84 KB
84 KB 145ms
41ms Font
font/woff2 2a04:4e42:8d::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8d::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c60fd01004a4b5f4997c54e3fed4e0a1080ae7c6c263af83fa7f4a0fff96c15

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 03:55:11 GMT
Content-Encoding: gzip
Age: 20640717
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 85585
X-Served-By: cache-chi-kigq8000115-CHI, cache-fra-eddf8230020-FRA
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
x-goog-generation: 1652947162414027
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
x-goog-stored-content-length: 85585
Accept-Ranges: bytes
X-Cache-Hits: 23185, 26488

GET
H2 200 spoticon_regular_2.d728648c.woff2
open.spotifycdn.com/cdn/fonts/ Frame AD14 56 KB
56 KB 147ms
47ms Font
font/woff2 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
age: 17346771
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56996
x-served-by: cache-chi-klot8100082-CHI, cache-fra-eddf8230027-FRA
last-modified: Mon, 28 Nov 2022 09:18:52 GMT
etag: "3b7bbfac9ed3e75d426728e900579aa9"
x-goog-generation: 1669627132083473
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 56996
accept-ranges: bytes
x-cache-hits: 63, 39651

GET
H2 200 de.2159cf97.json
open.spotifycdn.com/cdn/generated-locales/embed/ Frame AD14 3 KB
1 KB 147ms
48ms Other
application/json 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/generated-locales/embed/de.2159cf97.json
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2159cf9707837b842fefd213a99e2da3e8f860863e24ec43f6c999fcd91b25c2

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 304394
x-cache: MISS, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1105
x-served-by: cache-chi-klot8100091-CHI, cache-fra-eddf8230027-FRA
last-modified: Tue, 13 Jun 2023 13:31:19 GMT
etag: "cba5629e20c9976d7295f697a025860f"
x-goog-generation: 1686663079173981
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1105
accept-ranges: bytes
x-cache-hits: 0, 8

GET
H2 200 embed.6245f081.css
open.spotifycdn.com/cdn/build/embed/ Frame AD14 121 KB
16 KB 139ms
39ms Stylesheet
text/css 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/embed.6245f081.css
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60bdaa75527109a0f3925d8f8b28ececc9fb0e1e061dd5103c56c2e4cad4c553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 795865
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-chi-klot8100064-CHI, cache-fra-eddf8230040-FRA
last-modified: Wed, 07 Jun 2023 14:08:17 GMT
etag: "646235ed357d40b7eded696e4843f2a1"
x-goog-generation: 1686146897845224
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 16162
accept-ranges: bytes
x-cache-hits: 2326, 11193

GET
H2 200 vendor~embed.359598f4.css
open.spotifycdn.com/cdn/build/embed/ Frame AD14 10 KB
1 KB 144ms
44ms Stylesheet
text/css 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.359598f4.css
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 786e22f91df71cf586b793e30764448ac25401d9cc2173ee5c57b79cede0fa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 5058302
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1047
x-served-by: cache-chi-klot8100109-CHI, cache-fra-eddf8230040-FRA
last-modified: Wed, 19 Apr 2023 13:42:52 GMT
etag: "766c8201056b834ff771325062f0caf0"
x-goog-generation: 1681911772140374
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1047
accept-ranges: bytes
x-cache-hits: 3, 10362

GET
H2 200 embed.11128b77.js Show response
open.spotifycdn.com/cdn/build/embed/ Frame AD14 204 KB
53 KB 242ms
143ms Script
application/javascript 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/embed.11128b77.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de45f645ddd7bacd1804742807239e49486ae32c16825464625a08468d24198e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 1634
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53871
x-served-by: cache-chi-kigq8000165-CHI, cache-fra-eddf8230040-FRA
last-modified: Sat, 17 Jun 2023 03:24:01 GMT
etag: "b04d7bd202c5d8dc4b522e2db0811a11"
x-goog-generation: 1686972240985123
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 53871
accept-ranges: bytes
x-cache-hits: 1, 35

GET
H2 200 vendor~embed.4a022388.js Show response
open.spotifycdn.com/cdn/build/embed/ Frame AD14 1 MB
305 KB 145ms
46ms Script
application/javascript 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7adad49d56c25875d1bbba55f11e7514eeb879e7621881c779642a1b4740d77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 310799
x-cache: MISS, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 312067
x-served-by: cache-chi-kigq8000035-CHI, cache-fra-eddf8230040-FRA
last-modified: Tue, 13 Jun 2023 13:31:10 GMT
etag: "0c64f90dc9b4cd4db5bcac30f06a132b"
x-goog-generation: 1686663070061974
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 312067
accept-ranges: bytes
x-cache-hits: 0, 2840

OPTIONS
H2 204 6035d9ced97f7509aac2e410
events.launchdarkly.com/events/bulk/ Frame 0
0 117ms
116ms Preflight 35.174.189.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6035d9ced97f7509aac2e410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.189.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-189-20.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 17 Jun 2023 03:55:11 GMT
strict-transport-security: max-age=31536000

POST
H2 202 6035d9ced97f7509aac2e410 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 119ms
119ms XHR
application/json 35.174.189.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6035d9ced97f7509aac2e410

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.189.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-189-20.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: c2157940-0cc2-11ee-a545-c500326672d5
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json
Referer: https://xdrar.xyz/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H/1.1 200
OK ab676161000051741b86b5a81987c0aca7edea71
i.scdn.co/image/ Frame AD14 22 KB
23 KB 129ms
40ms Image
image/jpeg 2a04:4e42:8d::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab676161000051741b86b5a81987c0aca7edea71
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.6245f081.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8d::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: acd56a33f8cbed40fe97ca56711383d12fcea69f809c0696fe22833f83d19bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotifycdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 03:55:11 GMT
Age: 812979
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 22809
X-Served-By: cache-chi-kigq8000145-CHI, cache-fra-eddf8230042-FRA
Last-Modified: Sat, 09 Jul 2022 00:38:27 GMT
ETag: "9bae9bd2de08b64c9ce408215328d334"
x-goog-generation: 1657327107241497
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
x-goog-stored-content-length: 22809
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 5, 1

POST
H2 200 / Show response
o22381.ingest.sentry.io/api/1409086/envelope/ Frame AD14 2 B
301 B 134ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.46.0

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://open.spotify.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 / Show response
apresolve.spotify.com/ Frame AD14 273 B
270 B 165ms
47ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0cd33b767a835bb2a59064a568c7580b4eb28093f995ee1d18f1520e32f27c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

GET
H2 200 / Show response
apresolve.spotify.com/ Frame AD14 273 B
171 B 140ms
48ms XHR
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 94fb5e55c76b47aa1803643be13dc68ecae1bfbe4438d8f5b9f3f4cb127f735f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108

GET
H2 200 154.e6c7e602.js Show response
open.spotifycdn.com/cdn/build/embed/ Frame AD14 228 KB
51 KB 40ms
40ms Script
application/javascript 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/154.e6c7e602.js
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.11128b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a869098bb600fb0bf884a15818b903616ab8909b146619ede15f1ada4022091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 826981
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51964
x-served-by: cache-chi-kigq8000106-CHI, cache-fra-eddf8230040-FRA
last-modified: Wed, 07 Jun 2023 14:08:18 GMT
etag: "d1fe39250a0f6a50e83006f693472353"
x-goog-generation: 1686146898124232
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 51964
accept-ranges: bytes
x-cache-hits: 4, 10920

GET
H2 200 spotify_player_o.ab54b680.js Show response
open.spotifycdn.com/cdn/build/embed/ Frame AD14 28 KB
7 KB 44ms
43ms Script
application/javascript 2a04:4e42:8d::763
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.spotifycdn.com/cdn/build/embed/spotify_player_o.ab54b680.js
Requested by: Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.11128b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99e86f8a5468a2177eda1389bea947db15d41867475dd984c265d742d9f86d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:55:11 GMT
content-encoding: gzip
age: 826981
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7435
x-served-by: cache-chi-klot8100078-CHI, cache-fra-eddf8230040-FRA
last-modified: Wed, 07 Jun 2023 14:08:17 GMT
etag: "cdc15dd656652baef4bfb0a078e104e6"
x-goog-generation: 1686146897796537
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 7435
accept-ranges: bytes
x-cache-hits: 3, 10289

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NNQV2G9480&gtm=45je36e0&_p=1652778867&cid=1296138605.1686974110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&sid=1686974110&sct=1&seg=1&dl=https%3A%2F%2Fxdrar.xyz%2Fhome&dt=XD.rar&dp=%2F&_s=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNQV2G9480
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 03:55:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 183ms
48ms Preflight 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin: https://open.spotify.com
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 17 Jun 2023 03:55:11 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST
H2 200 events Show response
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame AD14 13 B
163 B 99ms
98ms Fetch
application/json 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 03:55:12 GMT
via: HTTP/2 edgeproxy, 1.1 google
server: envoy
content-type: application/json
access-control-allow-origin: https://open.spotify.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39

GET
H2

200

zA6GGZhNH930.webp
assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/
Redirect Chain

https://media.prod.tell.ie/image/resize?key=set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp&width=1440
https://assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp

6 MB
6 MB

43ms
42ms

Image
image/webp

18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp
Protocol: H2
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5db07848ee1fe880114ff203979b3fd291b02298eb33ef9d25eb80b234dac8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 07:12:42 GMT
content-encoding: base64
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 07:34:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 74551
etag: "4459d361b99186903b4f39cb68e895a5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 5968076
x-amz-cf-id: KKqC9Q6UZR-uc8fLvWBJTqkNI5XqF_t_M-M0fI23gQpTbDWs_uqhDQ==

Redirect headers

date: Fri, 16 Jun 2023 02:38:03 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 91029
x-cache: Hit from cloudfront
location: https://assets.prod.tell.ie/set/ee15c820-02eb-42d0-82a1-6f99901bfb0f/tile/63b0b241-d660-45cf-90a5-946d63deb2f8/zA6GGZhNH930.webp
cache-control: max-age=31536000
content-length: 0
apigw-requestid: GlypzgFWvHcESnA=
x-amz-cf-id: llrcFLePgBqY8Xmqxo_01nnVz6sFMedYSgPm6crN-MG_TlQ6aISbdw==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NNQV2G9480&gtm=45je36e0&_p=1652778867&cid=1296138605.1686974110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=5&dl=https%3A%2F%2Fxdrar.xyz%2Fhome&dr=https%3A%2F%2Fxdrar.xyz%2F&sid=1686974110&sct=1&seg=1&dt=XD.rar&dp=%2F&en=page_view&ep.name=Tellie&epn.siteSpeedSampleRate=100&ep.debug_mode=false&_et=980
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNQV2G9480
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xdrar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 03:55:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xdrar.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events
api.prod.tell.ie/web/beacon/ 2 B
152 B 175ms
175ms Ping
text/plain 99.83.128.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.tell.ie/web/beacon/events
Requested by: Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/main.0b9cdd90.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.233 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab85f711de293daa2.awsglobalaccelerator.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://xdrar.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 03:55:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

OPTIONS
H3 200 events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 48ms
48ms Preflight 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin: https://open.spotify.com
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 17 Jun 2023 03:55:11 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST
H3 200 events Show response
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame AD14 13 B
58 B 162ms
162ms Fetch
application/json 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 03:55:11 GMT
via: HTTP/2 edgeproxy, 1.1 google
server: envoy
content-type: application/json
access-control-allow-origin: https://open.spotify.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39

OPTIONS
H2 204 6035d9ced97f7509aac2e410
events.launchdarkly.com/events/bulk/ Frame 0
0 117ms
116ms Preflight 35.174.189.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6035d9ced97f7509aac2e410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.189.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-189-20.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://xdrar.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 17 Jun 2023 03:55:13 GMT
strict-transport-security: max-age=31536000

POST
H2 202 6035d9ced97f7509aac2e410 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 131ms
131ms XHR
application/json 35.174.189.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6035d9ced97f7509aac2e410

Requested by

Host: xdrar.xyz
URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.189.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-189-20.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: c346cd50-0cc2-11ee-a545-c500326672d5
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json
Referer: https://xdrar.xyz/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2

Response headers

date: Sat, 17 Jun 2023 03:55:13 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H3 200 events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 48ms
48ms Preflight 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin: https://open.spotify.com
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 17 Jun 2023 03:55:15 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST
H3 200 events Show response
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame AD14 13 B
58 B 65ms
64ms XHR
application/json 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 03:55:15 GMT
via: HTTP/2 edgeproxy, 1.1 google
server: envoy
content-type: application/json
access-control-allow-origin: https://open.spotify.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39

POST
H3 200 events Show response
gew4-spclient.spotify.com/gabo-receiver-service/v3/ Frame AD14 94 B
105 B 159ms
159ms XHR
application/json 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew4-spclient.spotify.com/gabo-receiver-service/v3/events

Requested by

Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

482c79281f9c39b41409866dcf058ebe0abf62bb2ec081617ac7749082d3f161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer BQBu7lstSwvhPCv6eMg_jc4z2xq0xHoBuc0uK6k3XO9ZAfWqHXOTw3veI44c2zjb2Lacxk5S-3EXvv8IKab-SrHdmd4HLT2gIbSYFL9T6ydB4IKooO8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 03:55:15 GMT
via: HTTP/2 edgeproxy, 1.1 google
server: envoy
content-type: application/json
access-control-allow-origin: https://open.spotify.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

OPTIONS
H3 200 events
gew4-spclient.spotify.com/gabo-receiver-service/v3/ Frame 0
0 48ms
48ms Preflight 2600:1901:1:81::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gew4-spclient.spotify.com/gabo-receiver-service/v3/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://open.spotify.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin: https://open.spotify.com
access-control-max-age: 604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 17 Jun 2023 03:55:15 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clientstream.launchdarkly.com
URL: https://clientstream.launchdarkly.com/eval/6035d9ced97f7509aac2e410/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Domain: cdn.iframe.ly
URL: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fopen.spotify.com%2Fartist%2F4GLv12ssY6yST0ZvvgQch0&key=ec1133e249fbfff764ead184bb038761

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NNQV2G9480&gtm=45je36e0&_p=1652778867&cid=1296138605.1686974110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=6&sid=1686974110&sct=1&seg=1&dl=https%3A%2F%2Fxdrar.xyz%2Fhome&dr=https%3A%2F%2Fxdrar.xyz%2F&dt=XD.rar&dp=%2F&en=Loaded&_ee=1&ep.name=Tellie&epn.siteSpeedSampleRate=100&ep.debug_mode=false&ep.event_category=Image%20Tile%20%2F%20XTRA%20FORMS%203.0&ep.non_interaction=true&_et=308

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xdrar.xyz/	1970-01-20 12:37:40	Name: _gid Value: GA1.2.377124403.1686974110
.xdrar.xyz/	1970-01-20 12:36:14	Name: _gat_Tellie Value: 1
.xdrar.xyz/	1970-01-20 22:12:14	Name: _ga Value: GA1.1.1296138605.1686974110
.spotify.com/	1970-01-20 21:21:50	Name: sp_t Value: 5f537be22a07758a7bb2a1902a89c30b
.spotify.com/	1970-01-20 12:37:40	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Fembed%2Fartist%2F4GLv12ssY6yST0ZvvgQch0%3Fsp_cid%3D5f537be22a07758a7bb2a1902a89c30b%26device%3Ddesktop%26utm_source%3Doembed
.xdrar.xyz/	1970-01-20 22:12:14	Name: _ga_NNQV2G9480 Value: GS1.1.1686974110.1.1.1686974112.0.0.0
xdrar.xyz/	1970-01-20 12:36:15	Name: _dd_s Value: rum=2&id=c0feb35d-8dec-4e99-a35d-a6246484c118&created=1686974109913&expire=1686975009913

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://xdrar.xyz/static/js/6.6d2f9d2c.chunk.js(Line 1) Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	warning	URL: https://open.spotifycdn.com/cdn/build/embed/embed.11128b77.js Message: It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
javascript	warning	URL: https://open.spotify.com/embed/artist/4GLv12ssY6yST0ZvvgQch0?utm_source=oembed Message: The resource https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://prod.tellie-code.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.prod.tell.ie
app.launchdarkly.com
apresolve.spotify.com
assets.prod.tell.ie
cdn.getphyllo.com
cdn.iframe.ly
cdn.tellie.tv
clientstream.launchdarkly.com
encore.scdn.co
events.launchdarkly.com
gew4-spclient.spotify.com
i.scdn.co
ka-p.fontawesome.com
kit.fontawesome.com
media.prod.tell.ie
o22381.ingest.sentry.io
open.spotify.com
open.spotifycdn.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
xdrar.xyz
cdn.iframe.ly
clientstream.launchdarkly.com
region1.google-analytics.com
108.138.7.8
13.32.121.39
151.101.2.217
18.66.122.57
2001:4860:4802:34::36
2600:1901:0:524d::
2600:1901:1:81::
2600:1901:1:c36::
2600:1f18:24e6:b900:4c03:3724:d96a:32e5
2606:4700:3108::ac42:2af9
2606:4700::6812:1634
2a00:1450:4001:812::200e
2a00:1450:4001:828::2008
2a00:1450:400c:c06::9a
2a04:4e42:8d::760
2a04:4e42:8d::763
3.33.235.18
34.120.195.249
35.174.189.20
65.9.66.15
76.223.62.232
99.83.128.233
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
0b0430dcd46793ae894c9881e69268d7cbb8ee1a45cc24db5c5d5eaa27d3704f
0c60fd01004a4b5f4997c54e3fed4e0a1080ae7c6c263af83fa7f4a0fff96c15
0cd33b767a835bb2a59064a568c7580b4eb28093f995ee1d18f1520e32f27c29
117e57c171d02fdbc0337dfe40044d752c63c1566c6a2426a4028ab7f2cb4894
1ab29de3355c6d9c8a441fdc84fa6adfb5efea76dc99d061344640a86bb6cb18
1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2
2159cf9707837b842fefd213a99e2da3e8f860863e24ec43f6c999fcd91b25c2
271414395081ae6a070a08870db6e6c5e3bae2b33453b69a7f4ad0597d930ef6
2a84759f5f01f71d1e661335bd0ffbae9dc81eff24d0810f06db6fffa35ed27a
2c336c87735c25ee5f238bbb2422a2025d816bbc9d4d3a44183977254225b647
33db8788bb18d86ace320933382f2cbe84e3d5282b922c785199cc1e911e19ac
3a82733b6d0a9366fa2bf27e5ced33602040bd5363ab874db71c053801d3c32e
3e114cbb218ecfda2a29ba8ac0d9e1407c7f9732b396878bdd3cf9424a942f26
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
482c79281f9c39b41409866dcf058ebe0abf62bb2ec081617ac7749082d3f161
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb0c322a9193ae9693555e2dd6f1c65ab5c4d49945f597dbd1f5774ff09e461
5346fbed3e4ca9365ca281fc6f8859e9183ea05ceb33cd624aeb4d86fda0a967
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
595c9b95cc4d52b94a19987dc9f2e2743c4e74f140510b04a91a9602c6e5bddf
5a869098bb600fb0bf884a15818b903616ab8909b146619ede15f1ada4022091
5db07848ee1fe880114ff203979b3fd291b02298eb33ef9d25eb80b234dac8e9
60bdaa75527109a0f3925d8f8b28ececc9fb0e1e061dd5103c56c2e4cad4c553
681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7149c8dc88e193e2afa98a5622063be8963d0ee1dbcfdc12212ed221089d9e5b
7535e8d89e4cbf233ff22d938a41ce969f0fde516b81a5eb58c11dc02cd827b7
786e22f91df71cf586b793e30764448ac25401d9cc2173ee5c57b79cede0fa9a
7adad49d56c25875d1bbba55f11e7514eeb879e7621881c779642a1b4740d77e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83be4adfadca333f2b9859d5881c011c43f64c8fbbc129020261826c582ddae9
85f3ebe0d63f0ab3b3292c083aca9f18ee92ce90f6e3c06dd74d1df126607911
944e04e5f6f5bbbbf455e9b67109cbacc6da5e7677a313395da92040ab953206
94fb5e55c76b47aa1803643be13dc68ecae1bfbe4438d8f5b9f3f4cb127f735f
99e86f8a5468a2177eda1389bea947db15d41867475dd984c265d742d9f86d85
99ec1c73f855735509166e7529d349789ba6041724eea986a68d7c46ca589982
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
9e89a92b0ee6959fc76460b414049e3bd12fbe00b119e5a6bdc51faf9f37a9cc
acd56a33f8cbed40fe97ca56711383d12fcea69f809c0696fe22833f83d19bf6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba2b540b396bb5f724ce6344c42a822e07103920fe7908be9c5f39121690a345
c07aaed8860b846f6d2834397b80246ef7511575f55d55f6c4782ea88de405e5
cffb1ed3dd92b9ab551d28671b257e260993305ef2f915dfb7a74e18b95b7914
d0fb8ead3e32abfb16fafd8551113be02dfea033d4bde1d8b9633e6e764fc1e7
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
de45f645ddd7bacd1804742807239e49486ae32c16825464625a08468d24198e
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
df388c3ed0089cd002e185fc54c72699cb596ca7c1499fe294debd354925498a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f5f7a1862aa7f90e3d31907b82b62f057fa8b3c56b35376cec60c591d6de3cbe
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86
ff90de3bb2efdabee654f5012f22d3545d41760e72dabfe5784dbd2b31b0ae9f

xdrar.xyz Open in urlscan Pro 76.223.62.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

96 %HTTPS

55 %IPv6

15 Domains

24 Subdomains

22 IPs

3 Countries

14838 kBTransfer

22166 kBSize

7 Cookies

0 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xdrar.xyz Open in urlscan Pro
76.223.62.232 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

55 %
IPv6

15
Domains

24
Subdomains

22
IPs

3
Countries

14838 kB
Transfer

22166 kB
Size

7
Cookies

89 HTTP transactions
2 data transactions