urlscan.io logo urlscan.io
SecurityTrails logo

xivmodarchive.com Open in urlscan Pro
2606:4700:10::6816:28ef  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xivmodarchive.com/
Effective URL: https://xivmodarchive.com/
Submission: On November 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 3 countries across 37 domains to perform 99 HTTP transactions. The main IP is 2606:4700:10::6816:28ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is xivmodarchive.com.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.
This is the only time xivmodarchive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
3 104.17.24.14 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 4 2620:100:a00b... 19750 (AS-CRITEO)
2 74.119.117.17 19750 (AS-CRITEO)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 162.19.138.119 16276 (OVH OVH SAS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.107.165.188 396982 (GOOGLE-CL...)
5 6 35.71.131.137 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
3 35.244.144.25 396982 (GOOGLE-CL...)
1 104.18.3.78 13335 (CLOUDFLAR...)
1 172.67.134.120 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.40.198 15169 (GOOGLE)
1 172.67.193.156 13335 (CLOUDFLAR...)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 162.19.138.118 16276 (OVH OVH SAS)
2 172.67.188.249 13335 (CLOUDFLAR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2602:803:c002... 26667 (RUBICONPR...)
2 69.194.240.11 26120 (RHYTHMONE)
1 68.67.179.166 29990 (ASN-APPNEX)
1 2620:100:a00b::9 19750 (AS-CRITEO)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 34.206.91.202 14618 (AMAZON-AES)
1 3.85.85.132 14618 (AMAZON-AES)
1 104.18.26.193 13335 (CLOUDFLAR...)
1 199.250.161.129 26459 (TTD-ASN-01)
2 142.251.40.98 15169 (GOOGLE)
1 142.251.40.226 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2620:100:a00b::4 19750 (AS-CRITEO)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.81.228 15169 (GOOGLE)
1 104.78.189.111 ()
1 151.101.1.108 ()
1 104.18.24.18 ()
1 35.71.139.29 ()
1 104.78.188.30 ()
2 3 3.226.213.10 ()
2 2 35.211.202.130 ()
1 142.250.65.226 ()
1 1 199.38.167.130 ()
1 2 2607:f350:3:2... ()
2 2 143.244.208.184 ()
2 3.87.46.209 ()
1 98.82.158.241 ()
2 3 34.111.113.62 ()
99 53
25    2606:4700:10::6816:28ef (United States)

ASN13335 (CLOUDFLARENET, US)
xivmodarchive.com
static.xivmodarchive.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com
api.rlcdn.com
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    35.244.144.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.144.244.35.bc.googleusercontent.com
tracker.nitropay.com
1    104.18.3.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    172.67.134.120 (United States)

ASN13335 (CLOUDFLARENET, US)
bt.dns-finder.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.40.198 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net
1    172.67.193.156 (United States)

ASN13335 (CLOUDFLARENET, US)
consent.nitrocnct.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    172.67.188.249 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-rtd.audigent.workers.dev
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    2620:100:a00b::9 (United States)

ASN19750 (AS-CRITEO, US)
grid-bidder.criteo.com
1    2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    34.206.91.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-91-202.compute-1.amazonaws.com
tlx.3lift.com
1    3.85.85.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-85-132.compute-1.amazonaws.com
btlr.sharethrough.com
1    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
2    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
ep1.adtrafficquality.google
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)
3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
2    2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    142.250.81.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f4.1e100.net
www.google.com
1    104.78.189.111 (None, )

ASN- ()
eus.rubiconproject.com
1    151.101.1.108 (None, )

ASN- ()
acdn.adnxs.com
1    104.18.24.18 (None, )

ASN- ()
js-sec.indexww.com
1    35.71.139.29 (None, )

ASN- ()
eb2.3lift.com
1    104.78.188.30 (None, )

ASN- ()
contextual.media.net
3    3.226.213.10 (None, )

ASN- ()
dpm.demdex.net
2    35.211.202.130 (None, )

ASN- ()
x.bidswitch.net
1    142.250.65.226 (None, )

ASN- ()
cm.g.doubleclick.net
1    199.38.167.130 (None, )

ASN- ()
p.rfihub.com
2    2607:f350:3:2569:0:10:0:200c (None, )

ASN- ()
sync.go.sonobi.com
2    143.244.208.184 (None, )

ASN- ()
sid.storygize.net
2    3.87.46.209 (None, )

ASN- ()
match.sharethrough.com
1    98.82.158.241 (None, )

ASN- ()
s.amazon-adsystem.com
3    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
Apex Domain
Subdomains		 Transfer
25 xivmodarchive.com
xivmodarchive.com
static.xivmodarchive.com
465 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
direct.adsrvr.org — Cisco Umbrella Rank: 2340
4 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
mug.criteo.com — Cisco Umbrella Rank: 3746
grid-bidder.criteo.com — Cisco Umbrella Rank: 1731
ssp-sync.criteo.com Failed
2 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
cm.g.doubleclick.net
233 KB
6 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 21536
tracker.nitropay.com — Cisco Umbrella Rank: 20571
232 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
28 KB
3 tapad.com
pixel.tapad.com
1 KB
3 demdex.net
dpm.demdex.net
2 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2931
google-bidout-d.openx.net — Cisco Umbrella Rank: 2790
493 B
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 985
match.sharethrough.com
1 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3131
sync.go.sonobi.com
3 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 947
api.btloader.com — Cisco Umbrella Rank: 1068
31 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
179 KB
2 storygize.net
sid.storygize.net
618 B
2 bidswitch.net
x.bidswitch.net
907 B
2 googlesyndication.com
3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 551
eb2.3lift.com
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
acdn.adnxs.com
832 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 853
235 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 505
eus.rubiconproject.com
1 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1005
contextual.media.net
1 KB
2 workers.dev
prebid-rtd.audigent.workers.dev
699 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
43 KB
1 amazon-adsystem.com
s.amazon-adsystem.com
479 B
1 rfihub.com
p.rfihub.com
733 B
1 indexww.com
js-sec.indexww.com
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2357
8 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 496
702 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
289 B
1 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 26127
38 KB
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 277135
1 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 995
280 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1519
320 B
99 37
Domain Requested by
17 static.xivmodarchive.com xivmodarchive.com
8 xivmodarchive.com xivmodarchive.com
6 match.adsrvr.org 5 redirects s.nitropay.com
4 securepubads.g.doubleclick.net s.nitropay.com
securepubads.g.doubleclick.net
4 gum.criteo.com 1 redirects static.criteo.net
s.nitropay.com
3 pixel.tapad.com 2 redirects
3 dpm.demdex.net 2 redirects
3 tracker.nitropay.com s.nitropay.com
3 id5-sync.com s.nitropay.com
cdn.id5-sync.com
3 s.nitropay.com xivmodarchive.com
s.nitropay.com
3 cdnjs.cloudflare.com xivmodarchive.com
cdnjs.cloudflare.com
2 match.sharethrough.com
2 sid.storygize.net 2 redirects
2 sync.go.sonobi.com 1 redirects
2 x.bidswitch.net 2 redirects
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 oajs.openx.net 1 redirects
2 3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 targeting.unrulymedia.com s.nitropay.com
2 prebid-rtd.audigent.workers.dev s.nitropay.com
2 api.btloader.com btloader.com
2 ad-delivery.net xivmodarchive.com
2 mug.criteo.com xivmodarchive.com
2 cdn.jsdelivr.net xivmodarchive.com
1 s.amazon-adsystem.com
1 p.rfihub.com 1 redirects
1 cm.g.doubleclick.net
1 contextual.media.net s.nitropay.com
1 eb2.3lift.com s.nitropay.com
1 js-sec.indexww.com s.nitropay.com
1 acdn.adnxs.com s.nitropay.com
1 eus.rubiconproject.com s.nitropay.com
1 www.google.com ep2.adtrafficquality.google
1 google-bidout-d.openx.net oa.openxcdn.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 direct.adsrvr.org s.nitropay.com
1 htlb.casalemedia.com s.nitropay.com
1 btlr.sharethrough.com s.nitropay.com
1 tlx.3lift.com s.nitropay.com
1 apex.go.sonobi.com s.nitropay.com
1 grid-bidder.criteo.com s.nitropay.com
1 ib.adnxs.com s.nitropay.com
1 fastlane.rubiconproject.com s.nitropay.com
1 prebid.media.net s.nitropay.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 consent.nitrocnct.com s.nitropay.com
1 ad.doubleclick.net xivmodarchive.com
1 bt.dns-finder.com btloader.com
1 api.rlcdn.com s.nitropay.com
1 cdn.id5-sync.com s.nitropay.com
1 id.hadron.ad.gt s.nitropay.com
1 btloader.com s.nitropay.com
0 ssp-sync.criteo.com Failed
99 55

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.patreon.com
discordapp.com
Subject Issuer Validity Valid
xivmodarchive.com
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
nitropay.com
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
id.hadron.ad.gt
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.nitropay.com
WR3		 2024-09-30 -
2024-12-29		 3 months crt.sh
dns-finder.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
ad-delivery.net
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
nitrocnct.com
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
api.btloader.com
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
audigent.workers.dev
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
prebid.media.net
WR3		 2024-10-05 -
2025-01-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-30 -
2025-05-31		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
casalemedia.com
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
indexww.com
WE1		 2024-10-01 -
2024-12-31		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh

This page contains 14 frames:

Primary Page: https://xivmodarchive.com/
Frame ID: 7CE9ADAA286128AC59A5BACEC6526E2D
Requests: 82 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: D15402619CFE7DE2B64E8BB188AFB150
Requests: 1 HTTP requests in this frame

Frame: https://3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E05571EAB8393698AD107219000C744
Requests: 1 HTTP requests in this frame

Frame: https://3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE166817777052ED5E5827CDDD9103CF
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D638116855928A8EBDBB3618019123C8
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: AF59ED266B70B469414DC5F209F847FD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44F4F5C9F91E0B7E55B672BBD6EDE1C4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=xivmodarchive.com&gpp=DBABT~1YNN&gpp_sid=6
Frame ID: FC31621E93686752E8F881C0FFCE618B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Frame ID: 06383E476DA5C3EEE647C96FE282BFF9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA94C11C5197A176D16F99BBAD8ECF56
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=xivmodarchive.com&us_privacy=1YNN&gpp=
Frame ID: DF4E5157D85B5F0F159FECF052AF28D7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 657B596AE1470DFED799591D55A2FAE6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 005253AAFA93CB6DE4B76857D7DCADC1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C3038%2C2025%2C2069%2C237%2C556%2C117%2C2024%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C2113%2C446%2C523%2C326%2C404%2C9%2C407%2C408%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C450%2C2009%2C255%2C3018%2C2126%2C3017%2C2125%2C214%2C2124%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C141%2C262%2C3073%2C461%2C222%2C301%2C345%2C225%2C10000%2C624%2C80%2C108%2C229%2C109&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=1&usp_consent=1&uspstring=1YNN
Frame ID: 83B9AE1DF143088D3CF2315078740D87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XIV Mod Archive

Page URL History Show full URLs

  1. http://xivmodarchive.com/ HTTP 307
    https://xivmodarchive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

99
Requests

89 %
HTTPS

29 %
IPv6

37
Domains

55
Subdomains

53
IPs

3
Countries

1306 kB
Transfer

3094 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xivmodarchive.com/ HTTP 307
    https://xivmodarchive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxivmodarchive.com%2F&domain=xivmodarchive.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=S1PvUnxUVDZFUHJONVVtUndjQnNKQWI2bzE3RG5KZGluZWVOeVdzUjZRN2tLcy9MMk95Y3JvUWtDSGswYXU3Q2ZpZUQyeDFkeHlYbHVvSjM5NzFRK2hOY2I0MGhORHprOGEwb2c2VUd5WFZ2RHhWdTdJdVd3d0pVaWlDeU11eFpVQmRDYksyelM2UUI2K1NPS2dIYVRVRXc3Si9hZmVEMVNWVFF6UXM0WWpiZzdTL3JUK0JQb2U5MVRQQVdvdmhSTXUwdEV3L0MreHlRK2RMV2NvOXpPWkhDQzZXUmlpNTVyU2h0bmdZbEVuQjczRXVyNUF6UGQxUmUxSTl2OHIzbUErcDRhfA&cppv=2
Request Chain 73
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fxivmodarchive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fxivmodarchive.com%2F&rid=esp&cc=1
Request Chain 89
  • https://match.adsrvr.org/track/usersync?us_privacy=1YNN&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d
Request Chain 90
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5e31174a-6e25-4f79-ad92-1a77867e6e4a&google_hm=NWUzMTE3NGEtNmUyNS00Zjc5LWFkOTItMWE3Nzg2N2U2ZTRh&gdpr_consent=&gdpr=0
Request Chain 91
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758904556496384
Request Chain 92
  • https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491 HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dm3k4T1aBLLPMpeMdFP9tJTiB%26source_user_id%3D66489056-e9e3-488c-a3d3-af678e722d3f HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=66489056-e9e3-488c-a3d3-af678e722d3f
Request Chain 93
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=
Request Chain 95
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=97d6fcd501&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2fd876ca-d6fd-47c0-a495-6d82512c587d&pubid=97d6fcd501 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=6d57fa24-48bc-460b-b106-34409025d1a4 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=6d57fa24-48bc-460b-b106-34409025d1a4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c4df0360-39de-4076-a3a1-fe106ebb0226%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&ttd_puid=c4df0360-39de-4076-a3a1-fe106ebb0226%2C%2C
Request Chain 96
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=P4jzWV9oSm8lMkZaRyUyQlVFQ0lqYVg1YTBJV3A4TlVVWm9zckU2Y2lnNzNTZW5LWGNidyUzRA&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-iZeOHuNBRdzbTW31VGQK3x9a7ih8oeqML1bJNw HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-iZeOHuNBRdzbTW31VGQK3x9a7ih8oeqML1bJNw&gdpr=0&gdpr_consent=
Request Chain 97
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fssp-sync.criteo.com%252fuser-sync%252fmatch%253fp%253d6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q%2526u%253d%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q&u=5313464103115149008&gdpr=0&gdpr_consent=

99 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xivmodarchive.com/
Redirect Chain
  • http://xivmodarchive.com/
  • https://xivmodarchive.com/
105 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
27e4a542b9804e3bb59f1105c0be1a2e11aaf793a1cabecc323d2a23e81964cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8e951aa75e660fdc-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 27 Nov 2024 21:10:17 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732741817&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=KGJEaK6Ufk1pbw4BkZzeiO8P%2BFmgqLOn3GsXeLgbDjw%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732741817&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=KGJEaK6Ufk1pbw4BkZzeiO8P%2BFmgqLOn3GsXeLgbDjw%3D
server
cloudflare
vary
Origin
via
1.1 vegur
x-powered-by
Express

Redirect headers

Location
https://xivmodarchive.com/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xivmodarchive.com
Referer
https://xivmodarchive.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
age
2326175
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230063-FRA, cache-bur-kbur8200106-BUR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
26373
x-jsd-version
4.6.2
jquery.min.js
xivmodarchive.com/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/js/jquery.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"15d9d-18e49417f48"
age
21959084
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710782733&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=1JW7GdnYMWjvXFAyaYUlNVCiO61ELq8uxunSrtgdPIs%3D"}]}
date
Wed, 27 Nov 2024 21:10:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Origin, Accept-Encoding
last-modified
Sat, 16 Mar 2024 21:53:33 GMT
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710782733&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=1JW7GdnYMWjvXFAyaYUlNVCiO61ELq8uxunSrtgdPIs%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951aa9ca620fdc-LAX
x-powered-by
Express
server
cloudflare
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xivmodarchive.com
Referer
https://xivmodarchive.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-4f71"
age
7905
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oNeobnLU5JdCUchvTCX3v6kO7mOQ6jvlG3Ya3yRk1YnTtS2Jvz%2FcSQIhIbevB3tIb8hBeozb4%2F5dOyabBsPA2eUYIR3TJJd%2FuGELWV0Vtg6dFrAODGdaxJ0%2FH2yOpXH%2B4511Jm5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 17 Nov 2025 21:10:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 21:10:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e951aaa6b83cf26-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
6451
server
cloudflare
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xivmodarchive.com
Referer
https://xivmodarchive.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
age
3068615
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230119-FRA, cache-bur-kbur8200106-BUR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
16588
x-jsd-version
4.6.2
common.js
xivmodarchive.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/js/common.js?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
45cfbec3b27a85da58af3baf0fcd043cfa362396f1d6bff64f1999a0fb398ab1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1e96-1927e2a3bb0"
age
1420896
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731320921&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=mCXPEqYcjqE4PXFeniJXjnFlSSpPAXVW6h1CkhdOWa4%3D"}]}
date
Wed, 27 Nov 2024 21:10:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Origin, Accept-Encoding
last-modified
Sat, 12 Oct 2024 00:39:10 GMT
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731320921&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=mCXPEqYcjqE4PXFeniJXjnFlSSpPAXVW6h1CkhdOWa4%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951aa9ca650fdc-LAX
x-powered-by
Express
server
cloudflare
ads-876.js
s.nitropay.com/ 		570 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-876.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0733f5c1da56efbc1bb2c10576466e7b05276b74d4a546480f48fdd4e7b007e1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-meta-goog-reserved-file-mtime
1732653439
x-goog-hash
crc32c=haj7sQ==, md5=+gZ5AKcR5SpvrioOsZ5WJQ==
cf-cache-status
HIT
etag
W/"fa067900a711e52a6fae2a0eb19e5625:1732736282000:US"
age
5534
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Thu, 27 Nov 2025 19:38:04 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
578875
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 19:38:02 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7iU59_bVig8uPwH1DDtd3ZSdCqbQowFYcoCTiQpG0nSyYaDw-vzmggqSusZUBn5WxJgEex_m1_Ug
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
private, max-age=600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e951aaebdf51011-LAX
access-control-allow-origin
*
x-goog-generation
1732654520986136
server
cloudflare
main.css
xivmodarchive.com/stylesheets/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/stylesheets/main.css?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5ffef28671c38dbad6c6df45af137fd7743104985b8f2661bb27969ab184403

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"2bf7-190faf6ca20"
age
10544282
cf-cache-status
HIT
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722197535&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=ew96BWH0B77UFVuQy5J8pDOLaXQM96GJuYS4Fw3WywE%3D"}]}
cf-polished
origSize=11255
date
Wed, 27 Nov 2024 21:10:17 GMT
content-type
text/css; charset=UTF-8
last-modified
Sun, 28 Jul 2024 20:09:56 GMT
vary
Origin, Accept-Encoding
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722197535&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=ew96BWH0B77UFVuQy5J8pDOLaXQM96GJuYS4Fw3WywE%3D
cache-control
public, max-age=31536000, immutable
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951aa9ca5d0fdc-LAX
x-powered-by
Express
server
cloudflare
glide.min.js
xivmodarchive.com/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/js/glide.min.js?cachbreak=ver2023sept
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
84e61441effe1acd86cc5ccb8666919fe788165442d3f45544a8b29b36b889ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6d0a-1927e2a3bb0"
age
241
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732741576&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Wnv%2FRIgs369chCgFfuhXeec5I3nVDFjTPGLdGPeD2IE%3D"}]}
date
Wed, 27 Nov 2024 21:10:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Origin, Accept-Encoding
last-modified
Sat, 12 Oct 2024 00:39:10 GMT
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732741576&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Wnv%2FRIgs369chCgFfuhXeec5I3nVDFjTPGLdGPeD2IE%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951aa9ca6a0fdc-LAX
x-powered-by
Express
server
cloudflare
spinner.gif
xivmodarchive.com/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xivmodarchive.com/spinner.gif
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
W/"14a44-18e49417f48"
age
21951702
cf-cache-status
HIT
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710790115&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=qzauJQ5Kx29g3%2FNcGOb%2BUrMpE7cOm3HH00UIF1qopCU%3D"}]}
cf-polished
origSize=84548, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:17 GMT
content-type
image/gif
last-modified
Sat, 16 Mar 2024 21:53:33 GMT
vary
Origin, Accept-Encoding
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710790115&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=qzauJQ5Kx29g3%2FNcGOb%2BUrMpE7cOm3HH00UIF1qopCU%3D
cache-control
public, max-age=31536000, immutable
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951aa9ca6b0fdc-LAX
accept-ranges
bytes
content-length
63162
x-powered-by
Express
server
cloudflare
update.png
static.xivmodarchive.com/images/overlays/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/images/overlays/update.png
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1f07664cc5495e6d1b6e96166b091dc31f0533d4895f8e4455f483b496ebe9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"f3ddb23de405931587e97c5fbb002468"
age
416888
cf-cache-status
HIT
cf-polished
origSize=6577, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:17 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Sun, 13 Feb 2022 20:37:32 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=604800
x-amz-request-id
tx0000000000000037d407e-00671688c3-494abd14-nyc3a
cf-ray
8e951aa9ca6c0fdc-LAX
accept-ranges
bytes
content-length
4262
server
cloudflare
new.png
static.xivmodarchive.com/images/overlays/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/images/overlays/new.png
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ce66c05e7a78e1364ea035e83ef617bc10490f39096ec6ebbb34cef11f8e36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"b06c2a9c871eb23b7786f5f5b5c6c398"
age
40997
cf-cache-status
HIT
cf-polished
origSize=4705, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Sun, 13 Feb 2022 20:37:32 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=604800
x-amz-request-id
tx0000000000000074750b5-006729dcf5-494abd14-nyc3a
cf-ray
8e951aabbd270fdc-LAX
accept-ranges
bytes
content-length
2805
server
cloudflare
blobpeek.png
xivmodarchive.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xivmodarchive.com/blobpeek.png
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
W/"23af-1927e2a3bb0"
age
1939229
cf-cache-status
HIT
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730802589&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=4cZfoAZrWUSXfGI5tumZJUjao%2B%2FXQg%2BS%2BJo%2F69PGSSk%3D"}]}
cf-polished
origSize=9135, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
image/png
last-modified
Sat, 12 Oct 2024 00:39:10 GMT
vary
Origin, Accept-Encoding
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730802589&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=4cZfoAZrWUSXfGI5tumZJUjao%2B%2FXQg%2BS%2BJo%2F69PGSSk%3D
cache-control
public, max-age=31536000, immutable
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951aac0dd20fdc-LAX
accept-ranges
bytes
content-length
5008
x-powered-by
Express
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xivmodarchive.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65692999-49ad"
age
3604
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQgiE%2Fu9nFkNx5aTDK3BqaPJsEtPYwCPOGIbBnR8vqhwgWAXubDUnqVZPoUPh%2BrKZzd20%2BVrhbqsV15FBbxEiF5rMgQhkLwVCHMy7kCMKEM8vzg%2FRkx11pGyAKs3uoIAwYkvFAcA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 17 Nov 2025 21:10:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
vary
Accept-Encoding
priority
u=4,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e951aac0f12cf26-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
18861
server
cloudflare
51ed1033-8cf5-4f3b-9da8-8b729b96bc08.jpg
static.xivmodarchive.com/mod-thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/51ed1033-8cf5-4f3b-9da8-8b729b96bc08.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7539e577e19fa74ea22d44ff87f4e799f22e8a0847b52dafd5f3a287ec493000
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"047c5ad50c2c2dd52d47e4216cceaee3"
age
7595
cf-cache-status
HIT
cf-polished
origSize=28036, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_114391_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 18:58:58 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000ca1013d-0067476ce0-494bc47d-nyc3a
cf-ray
8e951aac5e450fdc-LAX
accept-ranges
bytes
content-length
26754
server
cloudflare
3deeec56-868f-4b8b-b99c-8ef98f68831f.jpg
static.xivmodarchive.com/mod-thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/3deeec56-868f-4b8b-b99c-8ef98f68831f.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb40f9e5b925560c80aaf9196f82a8c98ae5bb1b9f3d79be34c7e1ef00c4de76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"e9a8082756ebb20c8827af9386e7a419"
age
10669
cf-cache-status
HIT
cf-polished
origSize=18072, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123015_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 17:59:27 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000c9dca35-00674760fd-494bc47d-nyc3a
cf-ray
8e951aac5e4c0fdc-LAX
accept-ranges
bytes
content-length
17531
server
cloudflare
2b35e50f-6b91-4e5e-8a26-e9c0901a1af6.jpg
static.xivmodarchive.com/mod-thumbnails/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/2b35e50f-6b91-4e5e-8a26-e9c0901a1af6.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62706e55a4ba01a7f2ba8d7dc177c7e9f4d58ddf13d03b570427c8be61d4dbe5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"80060debcc31deb3c1cb20acfd79520a"
age
14219
cf-cache-status
HIT
cf-polished
origSize=26822, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123010_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 17:03:54 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx000000000000009e8437d-00674752f6-494bc369-nyc3a
cf-ray
8e951aac5e500fdc-LAX
accept-ranges
bytes
content-length
25702
server
cloudflare
63e652dc-d27f-47b0-a258-286748c3fdbb.jpg
static.xivmodarchive.com/mod-thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/63e652dc-d27f-47b0-a258-286748c3fdbb.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c32f6b0699c328731a7d4780f77195c89bd563bfa5a937d73077cbb915f40cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"d702f92b64a732f8a3964e7b5e37bc79"
age
20259
cf-cache-status
HIT
cf-polished
origSize=31228, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123005_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:24:15 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx000000000000009e15b64-0067473b83-494bc369-nyc3a
cf-ray
8e951aac5e540fdc-LAX
accept-ranges
bytes
content-length
29669
server
cloudflare
06481933-be0b-4c76-885a-ffc2a600569a.jpg
static.xivmodarchive.com/mod-thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/06481933-be0b-4c76-885a-ffc2a600569a.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30a67595fda8225da292937dedf55f3d6f2cacf9e905f8b0965f7ac02b23bf7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"12bcf58f7607a8d8511771c2f7166182"
age
241
cf-cache-status
HIT
cf-polished
origSize=24963, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123003_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 14:41:52 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000bc0be98-006747303f-494abf94-nyc3a
cf-ray
8e951aac5e580fdc-LAX
accept-ranges
bytes
content-length
23997
server
cloudflare
f594ce41-8179-41eb-89d4-61eeec862851.jpg
static.xivmodarchive.com/mod-thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/f594ce41-8179-41eb-89d4-61eeec862851.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3d120ca88255637d2e38412f9820afe44f41245f894f0c8a6ea236ab9c78ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"22566ca4766e32b7d09ac96f992390d9"
age
77265
cf-cache-status
HIT
cf-polished
origSize=18974, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_122951_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 26 Nov 2024 23:31:07 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000c5d0282-0067465b30-494bc47d-nyc3a
cf-ray
8e951aaccf3e0fdc-LAX
accept-ranges
bytes
content-length
18277
server
cloudflare
9b1e318d-d57b-420a-9c97-f12fe432aac9.jpg
static.xivmodarchive.com/mod-thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/9b1e318d-d57b-420a-9c97-f12fe432aac9.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b6eab2704e7295885e7a9dda96b41a7e7e957c4784e80113569eeece330216
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"6c591a80695b6cd850fa83d010b5123e"
age
55319
cf-cache-status
HIT
cf-polished
origSize=23555, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_122913_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 26 Nov 2024 00:51:59 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000c099ba2-0067451ff9-494bc47d-nyc3a
cf-ray
8e951aacdf550fdc-LAX
accept-ranges
bytes
content-length
22679
server
cloudflare
8f9186b2-fc48-498c-a0ba-85a3ebdac4dc.jpg
static.xivmodarchive.com/mod-thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/8f9186b2-fc48-498c-a0ba-85a3ebdac4dc.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f2b21423a9c9e0faaf1c9d012cfdec6221e12f2e3bcdffe5acb8133a8c56e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"fdde3c671eead69811c9dbe72d183105"
age
73091
cf-cache-status
HIT
cf-polished
origSize=21786, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_122921_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 26 Nov 2024 03:57:48 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000b4627b0-0067454822-494abf94-nyc3a
cf-ray
8e951aacdf520fdc-LAX
accept-ranges
bytes
content-length
20935
server
cloudflare
d49c6208-ea75-478a-9b9f-c1a731f68778.jpg
static.xivmodarchive.com/mod-thumbnails/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/d49c6208-ea75-478a-9b9f-c1a731f68778.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdffe12453a07d56542866473e3b2ad3c0cd866b9d5e8028f3371c2ed4368b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"1dee731c32da3acc68b4d421715d6cd2"
age
36096
cf-cache-status
HIT
cf-polished
origSize=17081, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_122974_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 03:31:17 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx000000000000009bac081-0067469382-494bc369-nyc3a
cf-ray
8e951aacff7a0fdc-LAX
accept-ranges
bytes
content-length
16632
server
cloudflare
b7b1a2bd-4be2-420b-8916-530c8bac94da.jpg
static.xivmodarchive.com/mod-thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/b7b1a2bd-4be2-420b-8916-530c8bac94da.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352cc5f2d647a12891fca4629c44fd4581eb3b54d76b3b1528f30528b2468180
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"fa60b611fb5c6489ceca830e04a75cad"
age
85087
cf-cache-status
HIT
cf-polished
origSize=17558, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_122944_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 26 Nov 2024 21:23:57 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000c55664d-0067463e54-494bc47d-nyc3a
cf-ray
8e951aacff800fdc-LAX
accept-ranges
bytes
content-length
17022
server
cloudflare
e9e28d51-3df9-48f1-a25b-c64c201c473c.jpg
static.xivmodarchive.com/mod-thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/e9e28d51-3df9-48f1-a25b-c64c201c473c.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47396ced1f5d2637e921333b440530110ecb0710ea04e8d785a82aedc06b3b50
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"ea50a4a36091908a889daaf89573db65"
age
1674
cf-cache-status
HIT
cf-polished
origSize=23157, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123027_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 20:24:20 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx000000000000009f58d28-0067478430-494bc369-nyc3a
cf-ray
8e951aacff840fdc-LAX
accept-ranges
bytes
content-length
22212
server
cloudflare
b046d9f9-8f19-4a15-b006-89041331ea7c.jpg
static.xivmodarchive.com/mod-thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/b046d9f9-8f19-4a15-b006-89041331ea7c.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea1d409b1b6bc805ca67c2c3a096950d73d04fe64e46508f62c7faccda0f60a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"9d79edc2d064072387aae2a0e9059dca"
age
16
cf-cache-status
HIT
cf-polished
origSize=17804, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123024_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 20:19:02 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx000000000000009f4eb08-00674781c5-494bc369-nyc3a
cf-ray
8e951aad68230fdc-LAX
accept-ranges
bytes
content-length
17421
server
cloudflare
16ffa2f3-12db-4a28-a6e8-b5a239033c0d.jpg
static.xivmodarchive.com/mod-thumbnails/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/16ffa2f3-12db-4a28-a6e8-b5a239033c0d.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76269c8d8dfe544c7ee8b48a484df1ae60b9857666b34a3c362fe89d29539b01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"4d61f56c643edf28a019b30ad8993ead"
age
2290
cf-cache-status
HIT
cf-polished
origSize=20247, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123025_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 20:21:41 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000ca69b62-00674781c5-494bc47d-nyc3a
cf-ray
8e951aad68270fdc-LAX
accept-ranges
bytes
content-length
19337
server
cloudflare
aae2c1ce-5e55-4561-8036-54cf495bee66.jpg
static.xivmodarchive.com/mod-thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/aae2c1ce-5e55-4561-8036-54cf495bee66.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e83fce4cfa76c4d9578f8227d2c628cb050e6f3b7c4d3f9ad2c5c7071bb334a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"072cc7c5d1115ae4bacdf1045b538a7f"
age
2881
cf-cache-status
HIT
cf-polished
origSize=15156, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123022_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 19:43:14 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx000000000000009f44d92-0067477f77-494bc369-nyc3a
cf-ray
8e951aad78310fdc-LAX
accept-ranges
bytes
content-length
14697
server
cloudflare
2ded4ba8-0858-4be4-b97e-30d80c78e1ee.jpg
static.xivmodarchive.com/mod-thumbnails/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/2ded4ba8-0858-4be4-b97e-30d80c78e1ee.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db0321ec4dae5cec82be22bdc575921ae874f4746a265bd48c003facd83ecd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj
imgq:100,h2pri
etag
"b6f3b2abdbb81de42a6891e63bcfbe1e"
age
3969
cf-cache-status
HIT
cf-polished
origSize=33801, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:18 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
content-disposition
inline; filename="mod_123023_thumbnail.jpg"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 27 Nov 2024 19:53:18 GMT
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public,max-age=31536000,immutable
x-amz-request-id
tx00000000000000ca42fee-00674778e0-494bc47d-nyc3a
cf-ray
8e951aad884c0fdc-LAX
accept-ranges
bytes
content-length
31955
server
cloudflare
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xivmodarchive.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"65692999-26350"
age
90988
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqLYZclZ%2BhC8f3O4tW1z1wkYmOHdsZ7MBGXcgmWx5USO%2FqCV1Lc8qtdgTdDLYNObUd%2FK0Nh%2FnNjaEy98unVs3JwG63srJdZOXbTr3tfEkrFs%2BCtBU3n00XKQygSTHqRvbM%2FMDUAk"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 17 Nov 2025 21:10:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e951aad7a60cf26-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
156496
server
cloudflare
tag
btloader.com/ 		107 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed02f01ba8fc152cb2ff7c63faf6c434a1b64fdd12af0769413f9ad581401c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"ac5f3a8f85a2dfe9ca081357e7c0558f"
age
2514
via
1.1 google
cf-ray
8e951ab1bfb92edf-LAX
accept-ranges
bytes
content-length
30967
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
application/javascript
last-modified
Wed, 27 Nov 2024 20:25:10 GMT
vary
Origin, Accept-Encoding
server
cloudflare
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxivmodarchive.com%2F&domain=xivmodarchive.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://xivmodarchive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://xivmodarchive.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 27 Nov 2024 21:10:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
351196
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxivmodarchive.com%2F&domain=xivmodarchive.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=S1PvUnxUVDZFUHJONVVtUndjQnNKQWI2bzE3RG5KZGluZWVOeVdzUjZRN2tLcy9MMk95Y3JvUWtDSGswYXU3Q2ZpZUQyeDFkeHlYbHVvSjM5NzFRK2hOY2I0MGhORHprOGEwb2c2VUd5WFZ2RHhWdTdJdVd3d0pVaWlDeU...
378 B
964 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=S1PvUnxUVDZFUHJONVVtUndjQnNKQWI2bzE3RG5KZGluZWVOeVdzUjZRN2tLcy9MMk95Y3JvUWtDSGswYXU3Q2ZpZUQyeDFkeHlYbHVvSjM5NzFRK2hOY2I0MGhORHprOGEwb2c2VUd5WFZ2RHhWdTdJdVd3d0pVaWlDeU11eFpVQmRDYksyelM2UUI2K1NPS2dIYVRVRXc3Si9hZmVEMVNWVFF6UXM0WWpiZzdTL3JUK0JQb2U5MVRQQVdvdmhSTXUwdEV3L0MreHlRK2RMV2NvOXpPWkhDQzZXUmlpNTVyU2h0bmdZbEVuQjczRXVyNUF6UGQxUmUxSTl2OHIzbUErcDRhfA&cppv=2
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e8f8857bfa143491d371a5ae8c0291b1ab08013ab994a3787cac6d797e8e7f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
530644
expires
0
access-control-allow-origin
null
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=S1PvUnxUVDZFUHJONVVtUndjQnNKQWI2bzE3RG5KZGluZWVOeVdzUjZRN2tLcy9MMk95Y3JvUWtDSGswYXU3Q2ZpZUQyeDFkeHlYbHVvSjM5NzFRK2hOY2I0MGhORHprOGEwb2c2VUd5WFZ2RHhWdTdJdVd3d0pVaWlDeU11eFpVQmRDYksyelM2UUI2K1NPS2dIYVRVRXc3Si9hZmVEMVNWVFF6UXM0WWpiZzdTL3JUK0JQb2U5MVRQQVdvdmhSTXUwdEV3L0MreHlRK2RMV2NvOXpPWkhDQzZXUmlpNTVyU2h0bmdZbEVuQjczRXVyNUF6UGQxUmUxSTl2OHIzbUErcDRhfA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
284420
expires
0
access-control-allow-origin
https://xivmodarchive.com
content-length
0
date
Wed, 27 Nov 2024 21:10:18 GMT
server
Kestrel
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=720&_it=prebid&t=1&src=id&domain=xivmodarchive.com
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ad4c63e69c70fb1903ebff7b49b78ecee259f680d5625c9304ad3cf70a7a80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8e951ab24ebd1007-LAX
access-control-allow-origin
*
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b0ac7f46536b9c97219b1e67bcb29296ca1978b8a36a1043fa60d87821af7940
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://xivmodarchive.com
p3p
CP="CAO PSA OUR"
date
Wed, 27 Nov 2024 21:10:18 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id5PrebidModule.js
cdn.id5-sync.com/api/1.0/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff006ad8741f233bb60f0207c64d6ae6f0ff6363b6cc7a37efab60fb5c44ffd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-amz-id-2
e6wPYJig7DBQeq54yvizPrNI6+j/pXIz7UTQkcvbjIq2gfIcpzIstCfqR6Zwvs3IavPubqRHewq10hLLBOALAg==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"c98676a82a9d04b88697630b83e5acb3"
age
803
x-amz-request-id
D3F7ZDSTRPMRH0Y6
cf-ray
8e951ab23b8e6a2d-LAX
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 13 Nov 2024 11:06:09 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
envelope
api.rlcdn.com/api/identity/ 		0
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=14333
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.165.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 google
access-control-allow-origin
https://xivmodarchive.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:19 GMT
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
rid
match.adsrvr.org/track/ 		109 B
567 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=tpfrvh0&fmt=json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
c6b5d1b73d8183760a3a3a3d6090d1f2b8805ad88a371ec922d4b2b8759f6652

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Fri, 27 Dec 2024 21:10:19 GMT
access-control-allow-origin
https://xivmodarchive.com
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61f90c8616ffa37f51ad1f8344ec4688d67aecca7b42c5a81e6067a6a5846e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
etag
391 / 20054 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 21:10:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33560
x-xss-protection
0
server
cafe
gpp-84c89f1.min.js
s.nitropay.com/ 		269 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/gpp-84c89f1.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9bd2216bea9af3c34417192765b07b6f2b63f53f2d2eeaadbf2e70dc9889977
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=OEv6IQ==, md5=mH4JPYNYQPLozKDO5CUC4Q==
cf-cache-status
HIT
etag
W/"987e093d835840f2e8cca0cee42502e1"
age
87276
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Tue, 03 Dec 2024 20:55:42 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
275554
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
text/javascript
last-modified
Fri, 22 Nov 2024 18:54:30 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7J_eZ2EAT6MI0vqSINQNzWgn7KARBjB-IBuFzDyrtglgTqM1QvqdgLPOACTzgwjkriFXU
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e951ab2dbf31011-LAX
access-control-allow-origin
*
x-goog-generation
1732301670814045
server
cloudflare
876
tracker.nitropay.com/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/a/876?d=eyJocmVmIjoiaHR0cHM6Ly94aXZtb2RhcmNoaXZlLmNvbS8iLCJ2Ijo3MywiYSI6ZmFsc2UsInMiOnRydWUsImMiOiJVUyIsInIiOiJDQSJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:19 GMT
server
nginx/1.27.0
1.gif
s.nitropay.com/ 		42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
cf-cache-status
HIT
etag
"d89746888da2d9510b64a9f031eaecd5"
age
87276
x-goog-stored-content-encoding
identity
expires
Tue, 03 Dec 2024 20:55:42 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
42
date
Wed, 27 Nov 2024 21:10:19 GMT
x-goog-custom-time
1970-01-01T00:00:00Z
content-type
image/gif
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7WJuyu7MViQI_rtCkZBMIEu12xAW-3EFtQk1yscBH3lpqjwK46ahvt_CkGC440ftwtDScWguGS2g
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-meta-
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e951ab3496569c1-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1611305925409947
content-length
42
server
cloudflare
px.gif
bt.dns-finder.com/ 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
2198
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VH4QWvFhGCgBiRkmkQ2hNm6JMBpsefiqXaVNE4VYDXKFsXUrjtMEB0tuSxUjGh0IU0dSmYROpjI8ZQE%2BKajaVnjeh%2FJIw1nmV%2FosgT7AQSoqdTrS9%2Fcj6tzoyJzsjRch0uCvGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 27 Nov 2024 21:33:41 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
server-timing
cfL4;desc="?proto=QUIC&rtt=71978&min_rtt=71867&rtt_var=27029&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4083&recv_bytes=4261&delivery_rate=45582&cwnd=12000&unsent_bytes=0&cid=895fd5a7dc1939ba&ts=90&x=1", cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3RbX4BZlI1iLLAiDHbXig8EA9vF4tkBAa_cZ8Zqr-HNf84CSU7XCiSeDsZ_u-gqi8V9pk
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8e951ab40d322f1d-LAX
accept-ranges
bytes
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
773468
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeOSKZQmNdcB5MLZyJMZaA5tpMKkn7%2BmlQ3oGMxN7FHAOr%2F%2FZ7gcv9ynlZE2t5%2FbpLH5t%2B7roaFV5P2i98aGY2MmTwVoNhC1tWYqBCGeM6CH3fbfCVLX4I6dMRotHToOgeoIPcf7dMWBHTapNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 28 Nov 2024 21:10:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=70198&min_rtt=70128&rtt_var=14841&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2334&delivery_rate=55393&cwnd=252&unsent_bytes=0&cid=7e56732d2f8b4a4d&ts=89&x=0"
x-goog-stored-content-length
43
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPra9d8_1cAUA1puYgPaDlSF3jxVddoyAk-EtkXyHJkJZG-bxPqX7Ma8N1zwawfflvspzxc
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e951ab47d1b0914-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
gzip
age
2108
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 20:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:35:11 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.25559575738152907
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
773468
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r58kO8U%2BWxR8odI47%2B5PrayZIQhXMGA0gaQCHf6wSVArksvYy79MZ0PBuJyNxY%2FEbm80ISsM4YaSmHXVrFnJGnuyAQBb3X%2BVf%2B5tMpXGBelurqVgecmFcKne9RqeN9EjEo52UKXuF2VJ7uXv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 28 Nov 2024 21:10:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=70198&min_rtt=70128&rtt_var=14841&sent=10&recv=11&lost=0&retrans=0&sent_bytes=5166&recv_bytes=2334&delivery_rate=55393&cwnd=252&unsent_bytes=0&cid=7e56732d2f8b4a4d&ts=90&x=0"
x-goog-stored-content-length
43
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPra9d8_1cAUA1puYgPaDlSF3jxVddoyAk-EtkXyHJkJZG-bxPqX7Ma8N1zwawfflvspzxc
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e951ab47d1a0914-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
additional-consent-providers.csv
consent.nitrocnct.com/ 		116 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-84c89f1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
4
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
cf-cache-status
HIT
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
age
162819
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MlBl%2FENykTQmB%2BE4Y%2B8SyvRMc2TiRY6wO1%2BMgmpkaPLtvj2qjHPFaShak4IRBr%2F38kjSvh291MXSrwMzpyB8Mqp5qt2QhQbKxbz%2BTrwsHaJ1oeg1UZNunvarETdineJZv4c%2BAUhS2A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 02 Dec 2024 23:42:48 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
119221
server-timing
cfL4;desc="?proto=QUIC&rtt=71739&min_rtt=71660&rtt_var=26929&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4174&recv_bytes=4301&delivery_rate=46240&cwnd=12000&unsent_bytes=0&cid=76b636905e9eb9c3&ts=93&x=1", cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
text/plain
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPoz4RgdcEfA65B6lESx13IixyN8JUnoP0McS8XHP-gRk1aAX5BojTigX0WTgVy3nTczt-4
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8e951ab43840f7a7-LAX
access-control-allow-origin
*
x-goog-generation
1689147090287559
server
cloudflare
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=Dh6Sy2Tw-KdUxbFxd-936f75ec0b&w=6219774819303424&o=6278260873756672&cv=2.1.66&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fxivmodarchive.com%2F&sid=tPbNx9Hc-upV5kSPT-936f75ec0b&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:19 GMT
vary
Origin
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=S1PvUnxUVDZFUHJONVVtUndjQnNKQWI2bzE3RG5KZGluZWVOeVdzUjZRN2tLcy9MMk95Y3JvUWtDSGswYXU3Q2ZpZUQyeDFkeHlYbHVvSjM5NzFRK2hOY2I0MGhORHprOGEwb2c2VUd5WFZ2RHhWdTdJdVd3d0pVaWlDeU11eFpVQmRDYksyelM2UUI2K1NPS2dIYVRVRXc3Si9hZmVEMVNWVFF6UXM0WWpiZzdTL3JUK0JQb2U5MVRQQVdvdmhSTXUwdEV3L0MreHlRK2RMV2NvOXpPWkhDQzZXUmlpNTVyU2h0bmdZbEVuQjczRXVyNUF6UGQxUmUxSTl2OHIzbUErcDRhfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 27 Nov 2024 21:10:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245470
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
etag
1421939719645060458
age
389
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 21:03:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 27 Nov 2024 21:03:50 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
bounce
id5-sync.com/ 		30 B
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://xivmodarchive.com
date
Wed, 27 Nov 2024 21:10:20 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
847cd711a7c6c8c96c3e1377c8137219238332a9b815bc032b1418d230c280d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://xivmodarchive.com
date
Wed, 27 Nov 2024 21:10:19 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
favicon.png
xivmodarchive.com/ 		510 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
W/"8df-1912ba613b0"
age
6114812
cf-cache-status
HIT
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726627008&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=VhMeIJUA%2FJ7sGCv%2Fu4j4s9xV%2FM4g6Fpn4ULwe1zSy%2B0%3D"}]}
cf-polished
origSize=2271, status=vary_header_present
date
Wed, 27 Nov 2024 21:10:20 GMT
content-type
image/png
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
vary
Origin, Accept-Encoding
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726627008&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=VhMeIJUA%2FJ7sGCv%2Fu4j4s9xV%2FM4g6Fpn4ULwe1zSy%2B0%3D
cache-control
public, max-age=31536000, immutable
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e951ab9ab490fdc-LAX
accept-ranges
bytes
content-length
510
x-powered-by
Express
server
cloudflare
/
prebid-rtd.audigent.workers.dev/ 		20 B
699 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-rtd.audigent.workers.dev/
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce36453a27ede2e8291c3090c2eae196722e1ad3634bfd57ce60751d1ccd9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xivmodarchive.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJbw5DHLqG5%2FAUi6b9oB346VOkipSHhqPFZQifZR%2BD8iwoNZdW7Q4KYw6LbklssYFqoM%2Brd5Ghquu9sloYRZVlUWnwf%2B%2BsLdOidI55K4%2FtZCJBC7gaYLL2FWDbzzOmIl32x3d%2ByIwm1RdHywnh8X8fgL"}],"group":"cf-nel","max_age":604800}
allow
POST, OPTIONS, GET
cf-ray
8e951abe7b790fec-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
20
server-timing
cfL4;desc="?proto=QUIC&rtt=73261&min_rtt=70536&rtt_var=16205&sent=16&recv=12&lost=0&retrans=0&sent_bytes=4995&recv_bytes=5934&delivery_rate=18602&cwnd=12000&unsent_bytes=0&cid=750e32c2443015cb&ts=308&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 21:10:21 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
1af2e4a3c99e7a737217b375905d6e931ce434c60c5e92057acd835793f57fe4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
164
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Wed, 27 Nov 2024 21:10:21 GMT
access-control-allow-origin
https://xivmodarchive.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
746
date
Wed, 27 Nov 2024 21:10:21 GMT
content-type
application/json;charset=utf-8
server
envoy
fastlane.json
fastlane.rubiconproject.com/a/api/ 		492 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=569908&zone_id=3601482&size_id=2&alt_size_ids=55&us_privacy=1YNN&rp_schain=1.0,1!nitropay.com,753,1,,,&eid_criteo.com=k_exTV9JTWxVRFY2V29KeSUyRmdaUGl4dCUyRkY5WnJLMkcxdVBGdFpRJTJCbHBJZ2lzYmFBQmNrWiUyQnVaV0JyOTV1QSUyRk1wMmVtQjRHUVlwV1Q2Y2Q4ckJob2doZFNSUmclM0QlM0Q%5E1&eid_audigent.com=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%5E1&eid_pubcid.org=c774c3c4-8225-45fb-b8ae-5c51675ed26d%5E1&tpid_tdid=2fd876ca-d6fd-47c0-a495-6d82512c587d&eid_adserver.org=2fd876ca-d6fd-47c0-a495-6d82512c587d&rf=https%3A%2F%2Fxivmodarchive.com%2F&tg_i.domain=xivmodarchive.com&tg_i.page=https%3A%2F%2Fxivmodarchive.com%2F&tg_i.name=XIV%20Mod%20Archive&tg_i.privacypolicy=1&tg_i.cattax=7&tg_i.cat=680&tg_i.pbadslot=%2F308365556%2C22736401783%2Fnitro-banner%2Fnitro-banner-876%23common-banner-ad-1&tk_flint=pbjs_lite_v9.19.0&x_source.tid=152454bf-a480-4f11-a11f-bcd5cac9abc7&l_pb_bid_id=58ebdeef5dfa6d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=51f724f0-f8e8-4057-8edf-59c0725a4a19&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F308365556%2C22736401783%2Fnitro-banner%2Fnitro-banner-876%23common-banner-ad-1&m_ch_mobile=%3F0&slots=1&rand=0.4985357834201156
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
049f1bf56dc1c9f75ae94f1641d42663350f16c7f40b889b169a08fc685af749

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://xivmodarchive.com
content-length
492
date
Wed, 27 Nov 2024 21:10:21 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
unruly_prebid
targeting.unrulymedia.com/ 		11 B
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xivmodarchive.com/

Response headers

cache-control
private, max-age=0, no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://xivmodarchive.com
content-length
11
date
Wed, 27 Nov 2024 21:10:21 GMT
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		138 B
832 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a9cc9968f4e499e1669221c1a16aa095435ab1939b38d5ef70a96b8b4c56c224
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.245; 162.245.206.245; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://xivmodarchive.com
an-x-request-uuid
dc756b84-f242-4d64-9f05-6cb0b137ce0d
content-length
138
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 27 Nov 2024 21:10:21 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.19.0&cb=49246688594&lsavail=1&bundle=5HsXEV9QTnNoRkthNUpBdE8wRFBpJTJCWklOcEpBZkMwR0k0aURMY0hSQUYlMkZlY0ozSVljSERqJTJCa09WWHVMVjZSSVUlMkZnM0VrdkRzQ0djNUtJNHc2Rmw1d2luaHQ0SiUyQktnbG8zWmk3OWNOayUyQmNnYWZZZnFpT2llNGQyVTI4OSUyQlZXYVdZJTJGWVY
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://xivmodarchive.com
date
Wed, 27 Nov 2024 21:10:20 GMT
vary
Origin
server
Kestrel
trinity.json
apex.go.sonobi.com/ 		426 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2213bfdb5566f0167%22%3A%2273417d48500921b44e50%7C728x90%2C970x90%7Cf%3D0.01%2Cgpid%3D%2F308365556%2C22736401783%2Fnitro-banner%2Fnitro-banner-876%23common-banner-ad-1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fxivmodarchive.com%2F&s=4c728e66-8435-45d3-9c60-9ea10295c083&pv=eceddfa0-2551-4e84-bdc9-6d51ccf9e69a&vp=desktop&lib_name=prebid&lib_v=9.19.0&us=3&iqid=%7B%22pcid%22%3A%22c9884d68-1c59-47cf-9363-97e3fbed2068%22%2C%22pcidDate%22%3A1732741820874%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22152454bf-a480-4f11-a11f-bcd5cac9abc7%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22xivmodarchive.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22xivmodarchive.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fxivmodarchive.com%2F%22%2C%22name%22%3A%22XIV%20Mod%20Archive%22%2C%22privacypolicy%22%3A1%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22CA%22%2C%22country%22%3A%22US%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22k_exTV9JTWxVRFY2V29KeSUyRmdaUGl4dCUyRkY5WnJLMkcxdVBGdFpRJTJCbHBJZ2lzYmFBQmNrWiUyQnVaV0JyOTV1QSUyRk1wMmVtQjRHUVlwV1Q2Y2Q4ckJob2doZFNSUmclM0QlM0Q%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c774c3c4-8225-45fb-b8ae-5c51675ed26d%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222fd876ca-d6fd-47c0-a495-6d82512c587d%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22ext%22%3A%7B%22vpw%22%3A1600%2C%22vph%22%3A1200%7D%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22753%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22k_exTV9JTWxVRFY2V29KeSUyRmdaUGl4dCUyRkY5WnJLMkcxdVBGdFpRJTJCbHBJZ2lzYmFBQmNrWiUyQnVaV0JyOTV1QSUyRk1wMmVtQjRHUVlwV1Q2Y2Q4ckJob2doZFNSUmclM0QlM0Q%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c774c3c4-8225-45fb-b8ae-5c51675ed26d%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222fd876ca-d6fd-47c0-a495-6d82512c587d%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&us_privacy=1YNN&coppa=0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
04dd24288f50664ae4fd5eeeb12787810b2b29bafd91dfc9ce0bd983f3bc40c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://xivmodarchive.com
content-length
275
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Wed, 27 Nov 2024 21:10:21 GMT
tcn
Choice
content-type
application/json
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-6-172
x-xss-protection
0
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.19.0&referrer=https%3A%2F%2Fxivmodarchive.com%2F&tmax=1200&us_privacy=1YNN
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.91.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-91-202.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://xivmodarchive.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
v1
btlr.sharethrough.com/universal/ 		443 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.85.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-85-132.compute-1.amazonaws.com
Software
/
Resource Hash
e7b0dc15734a1f14794bc105fd7a23569ca10223a0785cf2d3f40e0036fd2df6
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://xivmodarchive.com
content-encoding
gzip
content-length
305
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=853776
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa174466d2cfd93ec84e8a1b41b5830ce2c27bb2661ec49a72468687fa08584

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtEDv872W9qeML3p70SjGC%2B5MwIokW3IZI%2FuLhgHnSKq9ZrF%2BSTpzQWlBSf7mWl6LswdDsF%2BsIPXdrTlvUgfSQA4%2BUh%2F8zfuXXC8MoNkZjN7utDI130IG%2BBCOnGKB1Vb1NuMSOYB"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 21:10:21 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e951abecb1c7ce0-LAX
access-control-allow-origin
https://xivmodarchive.com
content-length
37
server
cloudflare
Nitro
direct.adsrvr.org/bid/bidder/ 		0
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/Nitro
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://xivmodarchive.com/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://xivmodarchive.com
content-length
0
date
Wed, 27 Nov 2024 21:10:20 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
v3
id5-sync.com/gm/ 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
df9059cd1ff1f934fa428dd39a13ad8e3aea63b406608789957f1eb9b39ebfd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://xivmodarchive.com
p3p
CP="CAO PSA OUR"
date
Wed, 27 Nov 2024 21:10:20 GMT
content-type
application/json
vary
Origin
/
prebid-rtd.audigent.workers.dev/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-rtd.audigent.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xivmodarchive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
alt-svc
h3=":443"; ma=86400
cf-ray
8e951abdeac10fec-LAX
content-length
0
content-type
application/json
date
Wed, 27 Nov 2024 21:10:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFeaVHVJvUgoFNiFaVEITDMvqiDDqRevwYNRVTEwdqvHJ%2B6AZ4wvZQf1maH16aK9A0wtWk%2FOWXg8eUNbKMB%2F6w%2Fq99l7ct%2FifgLNZ3AncrN3ZeV%2FV7W%2FeWrHg3sgrJNuGI6yQpQbElgpBElTQT23YZ%2FR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=70823&min_rtt=70536&rtt_var=26656&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4341&delivery_rate=46369&cwnd=12000&unsent_bytes=0&cid=750e32c2443015cb&ts=226&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xivmodarchive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://xivmodarchive.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 27 Nov 2024 21:10:21 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame D154 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28994
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 20:23:08 GMT
expires
Wed, 27 Nov 2024 21:13:08 GMT
last-modified
Mon, 18 Nov 2024 20:43:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
75f8aaaabdb244ef18d21e362dd7ac1e876d60deb3fc0e2098673bd4ab362e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13377
date
Wed, 27 Nov 2024 21:10:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
203476
x-goog-stored-content-encoding
gzip
expires
Tue, 25 Nov 2025 12:39:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Mon, 25 Nov 2024 12:39:06 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AFiumC7VZp9IJ7Vq7DdMMjpHBgkJaemSG2uQ7lqLPRk-olfF2Zht3T4dzGz_014a4cvtvpvly3w
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Thu, 28 Nov 2024 21:10:22 GMT
access-control-allow-origin
*
date
Wed, 27 Nov 2024 21:10:22 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		118 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4345188833139749&correlator=3069425361695555&eid=31089118%2C31089150%2C31086810%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1YNN&gpp=DBABT~1YNN&gpp_sid=6&iu_parts=308365556%3A22736401783%2Cnitro-banner%2Cnitro-banner-876&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732741822066&lmt=1732741822&adxs=436&adys=72&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fxivmodarchive.com%2F&vis=1&psz=1600x90&msz=1600x90&fws=0&ohw=0&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KmwtWE0xQU1IaEdDRGcwMU9ocF9VUW1Uci1VWmE3UzdmdGdMYjNBdXAxZlBjOTAtTUhsX1pTNVMxVUFHMF80c25YARI0CgpwdWJjaWQub3JnEiRjNzc0YzNjNC04MjI1LTQ1ZmItYjhhZS01YzUxNjc1ZWQyNmRYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFia2JhOThiY2lhZTZnaWJkZGo5NmxkY2xmNzg2a2hkYWFiYWNra2MyamxYARI2CgxhZHNlcnZlci5vcmcSJDJmZDg3NmNhLWQ2ZmQtNDdjMC1hNDk1LTZkODI1MTJjNTg3ZFgBEh0KDmVzcC5jcml0ZW8uY29tGO3s1_u2MkgAUgIIZBIUCgVvcGVueBjs7Nf7tjJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732741817839&idt=2515&prev_scp=refresh%3D30%26domain%3Dxivmodarchive.com%26hostname%3Dxivmodarchive.com%26contax%3D680&adks=3077904116&frm=20&eoidce=1&td=1&egid=18041&tan=23995b9c-fc37-4c78-80dc-446bb119218f&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
9b8bef5cbc2587505b401f6c858b0e2c9f84c50874ee9a350ec0ea448217e26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 27 Nov 2024 21:10:22 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://xivmodarchive.com
content-length
48259
x-xss-protection
0
server
cafe
container.html
3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 21:10:22 GMT
expires
Wed, 27 Nov 2024 21:10:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fxivmodarchive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fxivmodarchive.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fxivmodarchive.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
47d17f5b0f4618a96e78502ddcb45a3128f284725b79c858e273faa9463f8cba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

etag
W/"55-aYA/NVHqIsWrp/45EU8xWMNIPOY"
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://xivmodarchive.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
date
Wed, 27 Nov 2024 21:10:22 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
vary
Origin

Redirect headers

location
/esp?url=https%3A%2F%2Fxivmodarchive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://xivmodarchive.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 27 Nov 2024 21:10:22 GMT
x-powered-by
Express
vary
Origin
container.html
3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 21:10:22 GMT
expires
Wed, 27 Nov 2024 21:10:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
876
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/876?d=eyJjcmVhdGl2ZUlkIjoiQ1BQOXNhYTJfWWtERlYzQ1pRTWRwY28wcFEiLCJiaWRkZXIiOiJhZHgiLCJkdXJhdGlvbiI6MCwiaGVpZ2h0Ijo5MCwid2lkdGgiOjcyOCwiY3BtIjowLjAxLCJ0eXBlIjowLCJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImNvbW1vbi1iYW5uZXItYWQtMSIsImhyZWYiOiJodHRwczovL3hpdm1vZGFyY2hpdmUuY29tLyIsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMTkzNmY3NS1lYmQwLTc4NWMtYTQ4Yi0wNmExNDhjZTllMDEiLCJjIjoiVVMiLCJyIjoiQ0EiLCJyZWZyZXNoIjpmYWxzZSwidGFyZ2V0aW5nIjp7Il9leHAuY29uc2VudC1jb25maWciOiIwIn0sInRpbWVUb1Jlc3BvbmQiOjY4OSwidGltZXN0YW1wIjoxNzMyNzQxODIyNzI4LCJmIjoiMTZqcXZqaSIsInYiOiI1ZjVmM2JhIn0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:22 GMT
server
nginx/1.27.0
pd
google-bidout-d.openx.net/w/1.0/ Frame D638 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
455
content-type
text/html
date
Wed, 27 Nov 2024 21:10:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 21:10:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:23 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame AF59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 21:04:36 GMT
expires
Wed, 27 Nov 2024 21:54:36 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 44F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bbnr4UVSY3R1-Askcm0jgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bbnr4UVSY3R1-Askcm0jgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 21:10:24 GMT
expires
Wed, 27 Nov 2024 21:10:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
876
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/876?d=eyJjcmVhdGl2ZUlkIjoiQ1BQOXNhYTJfWWtERlYzQ1pRTWRwY28wcFEiLCJiaWRkZXIiOiJhZHgiLCJkdXJhdGlvbiI6MCwiaGVpZ2h0Ijo5MCwid2lkdGgiOjcyOCwiY3BtIjowLjAxLCJ0eXBlIjowLCJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImNvbW1vbi1iYW5uZXItYWQtMSIsImhyZWYiOiJodHRwczovL3hpdm1vZGFyY2hpdmUuY29tLyIsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMTkzNmY3NS1lYmQwLTc4NWMtYTQ4Yi0wNmExNDhjZTllMDEiLCJjIjoiVVMiLCJyIjoiQ0EiLCJyZWZyZXNoIjpmYWxzZSwidGFyZ2V0aW5nIjp7Il9leHAuY29uc2VudC1jb25maWciOiIwIn0sInRpbWVUb1Jlc3BvbmQiOjY4OSwidGltZXN0YW1wIjoxNzMyNzQxODIyNzI4LCJmIjoiMTZqcXZqaSIsInYiOiI1ZjVmM2JhIn0%3D&v=true&t=1002
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:23 GMT
server
nginx/1.27.0
syncframe
gum.criteo.com/ Frame FC31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=xivmodarchive.com&gpp=DBABT~1YNN&gpp_sid=6
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 21:10:23 GMT
server
Kestrel
server-processing-duration-in-ticks
4815104
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
usync.html
eus.rubiconproject.com/ Frame 0638 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.78.189.111 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 21:10:27 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CA94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
39294
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 27 Nov 2024 21:10:27 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
176481, 46102
X-Served-By
cache-lga21993-LGA, cache-bur-kbur8200123-BUR
X-Timer
S1732741828.977269,VS0,VE0
syncframe
gum.criteo.com/ Frame DF4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=xivmodarchive.com&us_privacy=1YNN&gpp=
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 21:10:26 GMT
server
Kestrel
server-processing-duration-in-ticks
908346
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ixmatch.html
js-sec.indexww.com/um/ Frame 657B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1106
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8e951ae778f3f7bb-LAX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 21:10:27 GMT
expires
Thu, 28 Nov 2024 01:10:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0052 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Wed, 27 Nov 2024 21:10:27 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 83B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C3038%2C2025%2C2069%2C237%2C556%2C117%2C2024%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C2113%2C446%2C523%2C326%2C404%2C9%2C407%2C408%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C450%2C2009%2C255%2C3018%2C2126%2C3017%2C2125%2C214%2C2124%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C141%2C262%2C3073%2C461%2C222%2C301%2C345%2C225%2C10000%2C624%2C80%2C108%2C229%2C109&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=1&usp_consent=1&uspstring=1YNN
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.78.188.30 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://xivmodarchive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
13508
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 21:10:28 GMT
expires
Fri, 29 Nov 2024 21:10:28 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-mnet-hl2
E
ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d
dpm.demdex.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1YNN&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d
Protocol
H2
Server
3.226.213.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-2-v068-0b1ebe68a.edge-va6.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
5c11xA2XQpw=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Wed, 27 Nov 2024 21:10:28 GMT
content-type
image/gif

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2fd876ca-d6fd-47c0-a495-6d82512c587d
content-length
189
date
Wed, 27 Nov 2024 21:10:28 GMT
server
Kestrel
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5e31174a-6e25-4f79-ad92-1a77867e6e4a&google_hm=NWUzMTE3NGEtNmUyNS00Zjc5LWFkOTItMWE3Nzg2N2U2ZTRh&...
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5e31174a-6e25-4f79-ad92-1a77867e6e4a&google_hm=NWUzMTE3NGEtNmUyNS00Zjc5LWFkOTItMWE3Nzg2N2U2ZTRh&gdpr_consent=&gdpr=0
Protocol
H2
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Wed, 27 Nov 2024 21:10:28 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5e31174a-6e25-4f79-ad92-1a77867e6e4a&google_hm=NWUzMTE3NGEtNmUyNS00Zjc5LWFkOTItMWE3Nzg2N2U2ZTRh&gdpr_consent=&gdpr=0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:10:27 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758904556496384
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758904556496384
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

cache-control
no-cache, no-store, private
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Wed, 27 Nov 2024 21:10:27 GMT
tcn
Choice
content-type
image/gif
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-6-172
x-xss-protection
0

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758904556496384
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date
Wed, 27 Nov 2024 21:10:27 GMT
Server
Jetty(9.4.51.v20230217)
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dm3k4T1aBLLPMpeMdFP9tJTiB%26source_user_id%3D66489056-e9e3-488c-a3d3-af678e722d3f
  • https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=66489056-e9e3-488c-a3d3-af678e722d3f
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=66489056-e9e3-488c-a3d3-af678e722d3f
Protocol
H2
Server
3.87.46.209 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Wed, 27 Nov 2024 21:10:27 GMT
location
https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=66489056-e9e3-488c-a3d3-af678e722d3f
content-length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=
68 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.87.46.209 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&gdpr=0&gdpr_consent=
content-length
323
date
Wed, 27 Nov 2024 21:10:27 GMT
server
Kestrel
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=f33a8654-0c4c-4537-9fc9-fd7674a58f1b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
XWQ5APSMBNY7NJGA4SCM
Content-Length
43
Date
Wed, 27 Nov 2024 21:10:27 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=97d6fcd501&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2fd876ca-d6fd-47c0-a495-6d82512c587d&pubid=97d6fcd501
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=6d57fa24-48bc-460b-b106-34409025d1a4
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=6d57fa24-48bc-460b-b106-34409025d1a4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c4df0360-39de-4076-a3a1-fe106ebb0226%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&ttd_puid=c4df0360-39de-4076-a3a1-fe106ebb0226%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&ttd_puid=c4df0360-39de-4076-a3a1-fe106ebb0226%2C%2C
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xivmodarchive.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Wed, 27 Nov 2024 21:10:28 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2fd876ca-d6fd-47c0-a495-6d82512c587d&ttd_puid=c4df0360-39de-4076-a3a1-fe106ebb0226%2C%2C
content-length
359
date
Wed, 27 Nov 2024 21:10:28 GMT
server
Kestrel
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=P4jzWV9oSm8lMkZaRyUyQlVFQ0lqYVg1YTBJV3A4TlVVWm9zckU2Y2lnNzNTZW5LWGNidyUzRA&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-iZeOHuNBRd...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-iZeOHuNBRdzbTW31VGQK3x9a7ih8oeqML1bJNw&gdpr=0&gdpr_consent=
0
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q%26u%3d%24UID&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fssp-sync.criteo.com%252fuser-sync%252fmatch%253fp%253d6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q%2526u%2...
  • https://ssp-sync.criteo.com/user-sync/match?p=6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q&u=5313464103115149008&gdpr=0&gdpr_consent=
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411180101&jk=4345188833139749&bg=!zM-lz4DNAAaIaF9IqGg7ADQBe5WfOAuKSjf1lg42ez74grwszGdDtXIiYXRHFcEWkA7ZXuVhqvTmVoerLRgZdMeVZqkKAgAAAJhSAAAABGgBB34ANkXOV1SVWmmh5afgDOq_uM0ZUO_o1wMi2k2eaJV54xHJiDJFOe_xeRiD3vG5NB07sEcscvmgvgoASKT1g61EhAhYMSFVrXbYD5EPNm8ZTlO9wVn-tLRnuHhrWfDCsKNueByWPmGkIbE3Rt7ZQICR8VNI_jUwt38mgv47NiYRjLtmMpkCqPzH5d0jhamqmnttfy9jrMnc-k2uh2bWen4Bf1YiM2WFNeLo0Rjcg7Q8h128jIL6uxSTiOHqXqVigOYcXGcdA90LiyBRJlzMj7ECnkvYGF712Slpsm2_vPMaa4cLEOiGTzdHIEWtTGYyfHKCsnC-rZBBLw7qP5Vp3ZSEA2xFxeVadStmH2FNGkLu0tnIhkn1d5gWSrCsCOUsy8mX9SHrguOBXWS8iIpR9MaR-DpDs2gzeyKgBNfSkAKkcJVmU1RgTtehSSMQxk5leMqO788dUdNe0WXtYx0gqRFPzffSa8o_I1_cwFLC1qIsDL9q5D7il2VFPSkkF73I5Ddshs0xr9HULeqffA8ZxvLXYAcsjweh-imt2LVwUCJvAYGCsYnnOzhx8TcyzRqssMDoeofH_YgXt0QGQ3hTFEEJZdMdvw7_iBqvIXNpxYTzqoTIMgps9odmIDZ5S9JS3nqL2ntCnjySBUGiHlEf21mQv9NF64DCauzP9EDrHRtAmBlu-ReX23Vwa-tcT2W_BPq_u-hG6-S-FKQnzR4XChh6eodCMA2zvjlb_l26Ua6uwXZHEeqYMGrGKgE_L6VRN3dP7jKCYX2zypJEO-_6H573eRLLwoE7s9KmtDQd8kXegqZa1zgHvTl35BYOZkLc3Y9JxbhJVHw7JLZrvOZzyXY7QgLbPPdA7V3cZ5LXNpmdQWnZ_spkqEizEWa_5vHqMc-6mBjumsMkL8I58vmk5woVGJiZQ7tDlQku4ZMETRiE0GEE9aUqy-HDYpkg32naE6wkWRBfpm_D2oPmzCEW6GKGjJQWk-tcRG0mbBAhG7Ct9fJVvaKQ9kzw94qdCgeCvZOPmiPsspphEpDgU1nnkF3IXGwU0W407bKFcIvb2UL5pqZzta_sboSiBeL6Y7nP
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-iZeOHuNBRdzbTW31VGQK3x9a7ih8oeqML1bJNw&gdpr=0&gdpr_consent=
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/match?p=6v3MvV9SWU9BcnU4MFdpQ0p3M3NHR3BTJTJGQTVjMHdzalNoSlYwTjZobDNETmxrdnclM0Q&u=5313464103115149008&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery function| Popper object| bootstrap function| showError function| showSpinner function| hideSpinner function| removeNotifyQueryParameter function| removeURLParameter function| handleQueryNotification object| commonNotifications object| notificationQueue function| showNotification function| showNextNotification function| getNextUniqueId function| createProgressbar function| updateProgressBar function| errorProgressBar function| clearProgressBar function| debounce function| trunc object| nitroAds function| Glide object| results boolean| _ShowFooter object| ads object| nads object| napbjs object| _pbjsGlobals object| prebidEvents object| regeneratorRuntime object| mnet object| googletag function| __uspapi object| __npusp_queue function| __npusp object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __gpp_queue object| __gpp_events function| __gpp object| __bt object| __bt_intrnl object| __bt_tag_d object| id5Prebid object| nitroAdsCMP object| dataLayer function| gtag object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init boolean| __bt_already_invoked object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| ox_esp object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| GoogleGcLKhOms object| criteo_syncframe_state object| google_image_requests

42 Cookies

Domain/Path Name / Value
.xivmodarchive.com/ Name: connect.sid
Value: s%3APgnqok4GFUavqt_Wpzp7sxwT7Mv57xHH.Pz4JHcvipBJBpbh5Ms8rQOtSgw3CSMYVWUKWs4Leyf0
xivmodarchive.com/ Name: _lr_retry_request
Value: true
xivmodarchive.com/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: 2fd876ca-d6fd-47c0-a495-6d82512c587d
xivmodarchive.com/ Name: nitro-uid
Value: %7B%22TDID%22%3A%222fd876ca-d6fd-47c0-a495-6d82512c587d%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-11-27T21%3A10%3A19%22%7D
xivmodarchive.com/ Name: nitro-uid_cst
Value: 3yxgLFoszg%3D%3D
.xivmodarchive.com/ Name: ncmp.domain
Value: xivmodarchive.com
.nitropay.com/ Name: __cf_bm
Value: pj1zItzDI_nwA31XlH.SIponLlZ2DoiPbvtVNjiRaBQ-1732741819-1.0.1.1-m3Evgh.M3fNDg6FakhCQeZkJDnFkDOSKPtJiDbbkBtanGRqZC6fQuNEShR1HEkOJaQRGAkSaG9LlM2Zva.zAIw
.criteo.com/ Name: cto_bundle
Value: MAvYWV96TEJuOWJuSyUyQm5NSWJlSUslMkZpbGlHVGNsTHNKOEZsb0k1QkZXMGJ3NGxzc3VQNXRFRXJBJTJCOURrWTZ1JTJGc3c5RjVsaUZuenlPbjFURXl0ZWVhaEFpQkJCbWM3cGVKaERmbURQRTMwJTJCdmFCcENTVGRxbzBKdW5OampQd1hqSXJoNUI
.xivmodarchive.com/ Name: cto_bidid
Value: k_exTV9JTWxVRFY2V29KeSUyRmdaUGl4dCUyRkY5WnJLMkcxdVBGdFpRJTJCbHBJZ2lzYmFBQmNrWiUyQnVaV0JyOTV1QSUyRk1wMmVtQjRHUVlwV1Q2Y2Q4ckJob2doZFNSUmclM0QlM0Q
.id5-sync.com/ Name: id5
Value: 373d1b7d-73a8-7dfd-aba4-54bd6e426365#1732741819587#2
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: M40DQQ46-I-G1Z3
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGTqALEzMDRSLzog4PqosM003vrOGo/zJuNxU+FvywYbCPjZ0e5jcceS6D/BZcwRcydr4eC1H4hJkgcdj94p/MzXqyhQ6r4UPGIz8YKHaPrACvSWK5d8U5WvsVAPbIH/+HjRCnHycYBAQ==
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 3447377497306073714692
.sharethrough.com/ Name: stx_user_id
Value: f33a8654-0c4c-4537-9fc9-fd7674a58f1b
.go.sonobi.com/ Name: __uis
Value: 6d57fa24-48bc-460b-b106-34409025d1a4
.go.sonobi.com/ Name: _usd_xivmodarchive.com
Value: eceddfa0-2551-4e84-bdc9-6d51ccf9e69a
apex.go.sonobi.com/ Name:
Value: receive-cookie-deprecation: 1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s86172|Z0eKw
.openx.net/ Name: i
Value: 1196700c-20e5-485f-93b2-5e0d11b43141|1732741822
.xivmodarchive.com/ Name: __gads
Value: ID=fcb3bb3a2fe07b5d:T=1732741822:RT=1732741822:S=ALNI_MbFMPfbQxm8smzBgbB0Mzm1ng-hWg
.xivmodarchive.com/ Name: __gpi
Value: UID=00000fa122580d4f:T=1732741822:RT=1732741822:S=ALNI_MbRtXYMv7RaaXbN8rlnTx8EK9RVsQ
.xivmodarchive.com/ Name: __eoi
Value: ID=7edfe450cf585744:T=1732741822:RT=1732741822:S=AA-AfjYmI5ak4RNxmmE-wT5wrpoD
.openx.net/ Name: pd
Value: v2|1732741823|vMgavPkWgy
.doubleclick.net/ Name: IDE
Value: AHWqTUkVQ8stZw-N685r1LZcl1a_f-09r9rvsE98AHscJZqyHGTj7M1igkFR6Ber
.casalemedia.com/ Name: CMID
Value: Z0eKv9HM4HEAABd0Axu4hQAA
.casalemedia.com/ Name: CMPS
Value: 2241
.casalemedia.com/ Name: CMPRO
Value: 2241
.adsrvr.org/ Name: TDCPM
Value: IAEoAg..
.yahoo.com/ Name: A3
Value: d=AQABBL-KR2cCEKtYVDTOirNufaZl9moBbw4FEgEBAQHcSGdRZwAAAAAA_eMAAA&S=AQAAAriJNbZcvoaPccZmE8ISGWY
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 89b9b20f-fd11-4ca8-ac3d-2fe0cae4d3d9
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A2P2iqkFaUI3pzhXOanEzkY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.xivmodarchive.com/ Name: cto_bundle
Value: -6Tr8V9QTnNoRkthNUpBdE8wRFBpJTJCWklOcEwwZFJLMkl2dXpHMCUyRmI1WTZpODluTkY0NkRPZHFlY2U1WGFWc2slMkZNZ3NsOE5pcHRKSGprdCUyQjExazJBc1BzQXo3cjJpMExnaVVrayUyQmJhekZLN0tPSndOU0RDem9JWHcyZCUyRkVZWEZjeWZFN0R2bjM0Y090ODVEc1RibEgxcXhvT2lVcnlWZUdFayUyQm9YWWs1SCUyRmNYSXNZJTNE

2 Console Messages

Source Level URL
Text
rendering warning URL: https://xivmodarchive.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0DD013C040000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://xivmodarchive.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E0DD013C040000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3cb0fc860eeab2d64a0015c303af4c4e.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
apex.go.sonobi.com
api.btloader.com
api.rlcdn.com
bt.dns-finder.com
btloader.com
btlr.sharethrough.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
consent.nitrocnct.com
contextual.media.net
direct.adsrvr.org
dpm.demdex.net
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
fastlane.rubiconproject.com
google-bidout-d.openx.net
grid-bidder.criteo.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pixel.tapad.com
prebid-rtd.audigent.workers.dev
prebid.media.net
s.amazon-adsystem.com
s.nitropay.com
securepubads.g.doubleclick.net
sid.storygize.net
ssp-sync.criteo.com
static.criteo.net
static.xivmodarchive.com
sync.go.sonobi.com
targeting.unrulymedia.com
tlx.3lift.com
tracker.nitropay.com
www.google.com
x.bidswitch.net
xivmodarchive.com
ep1.adtrafficquality.google
ssp-sync.criteo.com
x.bidswitch.net
104.17.24.14
104.18.24.18
104.18.26.193
104.18.3.78
104.78.188.30
104.78.189.111
130.211.23.194
142.250.65.226
142.250.81.228
142.251.40.198
142.251.40.226
142.251.40.98
143.244.208.184
151.101.1.108
162.19.138.118
162.19.138.119
172.67.134.120
172.67.188.249
172.67.193.156
199.250.161.129
199.38.167.130
2602:803:c002:200::32
2606:4700:10::6816:28ef
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700::6812:34e
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:821::2002
2620:100:a00b::12
2620:100:a00b::4
2620:100:a00b::9
2a04:4e42:400::485
3.226.213.10
3.85.85.132
3.87.46.209
34.102.146.192
34.107.165.188
34.111.113.62
34.120.135.53
34.120.63.153
34.206.91.202
34.98.64.218
35.211.202.130
35.244.144.25
35.71.131.137
35.71.139.29
68.67.179.166
69.194.240.11
74.119.117.17
98.82.158.241
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
049f1bf56dc1c9f75ae94f1641d42663350f16c7f40b889b169a08fc685af749
04dd24288f50664ae4fd5eeeb12787810b2b29bafd91dfc9ce0bd983f3bc40c1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0733f5c1da56efbc1bb2c10576466e7b05276b74d4a546480f48fdd4e7b007e1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1af2e4a3c99e7a737217b375905d6e931ce434c60c5e92057acd835793f57fe4
24ce66c05e7a78e1364ea035e83ef617bc10490f39096ec6ebbb34cef11f8e36
27e4a542b9804e3bb59f1105c0be1a2e11aaf793a1cabecc323d2a23e81964cb
2db0321ec4dae5cec82be22bdc575921ae874f4746a265bd48c003facd83ecd0
352cc5f2d647a12891fca4629c44fd4581eb3b54d76b3b1528f30528b2468180
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
45cfbec3b27a85da58af3baf0fcd043cfa362396f1d6bff64f1999a0fb398ab1
47396ced1f5d2637e921333b440530110ecb0710ea04e8d785a82aedc06b3b50
47d17f5b0f4618a96e78502ddcb45a3128f284725b79c858e273faa9463f8cba
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5aa174466d2cfd93ec84e8a1b41b5830ce2c27bb2661ec49a72468687fa08584
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61f90c8616ffa37f51ad1f8344ec4688d67aecca7b42c5a81e6067a6a5846e2d
62706e55a4ba01a7f2ba8d7dc177c7e9f4d58ddf13d03b570427c8be61d4dbe5
6c32f6b0699c328731a7d4780f77195c89bd563bfa5a937d73077cbb915f40cd
7539e577e19fa74ea22d44ff87f4e799f22e8a0847b52dafd5f3a287ec493000
75f8aaaabdb244ef18d21e362dd7ac1e876d60deb3fc0e2098673bd4ab362e50
76269c8d8dfe544c7ee8b48a484df1ae60b9857666b34a3c362fe89d29539b01
7ea1d409b1b6bc805ca67c2c3a096950d73d04fe64e46508f62c7faccda0f60a
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
847cd711a7c6c8c96c3e1377c8137219238332a9b815bc032b1418d230c280d8
84e61441effe1acd86cc5ccb8666919fe788165442d3f45544a8b29b36b889ec
8e1f07664cc5495e6d1b6e96166b091dc31f0533d4895f8e4455f483b496ebe9
8e83fce4cfa76c4d9578f8227d2c628cb050e6f3b7c4d3f9ad2c5c7071bb334a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9a3d120ca88255637d2e38412f9820afe44f41245f894f0c8a6ea236ab9c78ae
9b8bef5cbc2587505b401f6c858b0e2c9f84c50874ee9a350ec0ea448217e26c
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b
a9cc9968f4e499e1669221c1a16aa095435ab1939b38d5ef70a96b8b4c56c224
a9f2b21423a9c9e0faaf1c9d012cfdec6221e12f2e3bcdffe5acb8133a8c56e6
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b0ac7f46536b9c97219b1e67bcb29296ca1978b8a36a1043fa60d87821af7940
b5ffef28671c38dbad6c6df45af137fd7743104985b8f2661bb27969ab184403
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c6b5d1b73d8183760a3a3a3d6090d1f2b8805ad88a371ec922d4b2b8759f6652
c9bd2216bea9af3c34417192765b07b6f2b63f53f2d2eeaadbf2e70dc9889977
cb40f9e5b925560c80aaf9196f82a8c98ae5bb1b9f3d79be34c7e1ef00c4de76
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7
dce36453a27ede2e8291c3090c2eae196722e1ad3634bfd57ce60751d1ccd9bf
df9059cd1ff1f934fa428dd39a13ad8e3aea63b406608789957f1eb9b39ebfd4
dff006ad8741f233bb60f0207c64d6ae6f0ff6363b6cc7a37efab60fb5c44ffd
e1ad4c63e69c70fb1903ebff7b49b78ecee259f680d5625c9304ad3cf70a7a80
e30a67595fda8225da292937dedf55f3d6f2cacf9e905f8b0965f7ac02b23bf7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b0dc15734a1f14794bc105fd7a23569ca10223a0785cf2d3f40e0036fd2df6
e8b6eab2704e7295885e7a9dda96b41a7e7e957c4784e80113569eeece330216
e8f8857bfa143491d371a5ae8c0291b1ab08013ab994a3787cac6d797e8e7f50
ed02f01ba8fc152cb2ff7c63faf6c434a1b64fdd12af0769413f9ad581401c8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fbdffe12453a07d56542866473e3b2ad3c0cd866b9d5e8028f3371c2ed4368b4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99