www.xivmodarchive.com Open in urlscan Pro
2606:4700:10::ac43:b9a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xivmodarchive.com/
Effective URL:
https://www.xivmodarchive.com/
Submission: On December 06 via api (December 6th 2024, 3:48:07 am UTC) from US — Scanned from US

Summary HTTP 83 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 30 domains to perform 83 HTTP transactions. The main IP is 2606:4700:10::ac43:b9a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xivmodarchive.com.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.

This is the only time www.xivmodarchive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:10:... 2606:4700:10::ac43:b9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.3.78 104.18.3.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.82 162.19.138.82	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.165.188 34.107.165.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
3	35.244.144.25 35.244.144.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.67.134.120 172.67.134.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.165.134 172.217.165.134	15169 (GOOGLE) (GOOGLE)
1	104.21.64.1 104.21.64.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.119 162.19.138.119	16276 (OVH OVH SAS) (OVH OVH SAS)
2	172.67.188.249 172.67.188.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.194.240.11 69.194.240.11	26120 (RHYTHMONE) (RHYTHMONE)
1	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
1	199.250.161.129 199.250.161.129	26459 (TTD-ASN-01) (TTD-ASN-01)
1	2620:100:a00b::9 2620:100:a00b::9	19750 (AS-CRITEO) (AS-CRITEO)
1	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.215.189.254 18.215.189.254	14618 (AMAZON-AES) (AMAZON-AES)
1	3.233.183.24 3.233.183.24	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200a	27630 (AS-XFERNET) (AS-XFERNET)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.251.40.100 142.251.40.100	15169 (GOOGLE) (GOOGLE)
83	40

23 2606:4700:10::ac43:b9a (United States)

ASN13335 (CLOUDFLARENET, US)

www.xivmodarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xivmodarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.3.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a00b::12 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.144.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.144.244.35.bc.googleusercontent.com

tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.120 (United States)

ASN13335 (CLOUDFLARENET, US)

bt.dns-finder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.165.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.64.1 (None, )

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.188.249 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-rtd.audigent.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::9 (United States)

ASN19750 (AS-CRITEO, US)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.75 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.189.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-189-254.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.183.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-183-24.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	xivmodarchive.com www.xivmodarchive.com static.xivmodarchive.com	416 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 ad.doubleclick.net — Cisco Umbrella Rank: 145	216 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 450 mug.criteo.com — Cisco Umbrella Rank: 3746 grid-bidder.criteo.com — Cisco Umbrella Rank: 1731	2 KB
6	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 21536 tracker.nitropay.com — Cisco Umbrella Rank: 20571	232 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 533 cdn.id5-sync.com — Cisco Umbrella Rank: 1004	28 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2931 google-bidout-d.openx.net — Cisco Umbrella Rank: 2790	502 B
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 947 api.btloader.com — Cisco Umbrella Rank: 1068	31 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	179 KB
2	googlesyndication.com fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 853	239 B
2	workers.dev prebid-rtd.audigent.workers.dev	696 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 975	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377 direct.adsrvr.org — Cisco Umbrella Rank: 2340	4 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	43 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 3131	1 KB
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 551	1 KB
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 985	808 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 496	694 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1005	1 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 281	1 KB
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 505	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	293 B
1	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 26127	37 KB
1	dns-finder.com bt.dns-finder.com — Cisco Umbrella Rank: 277135	1 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 995	284 B
1	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1519	319 B
83	30

	Domain	Requested by
15	static.xivmodarchive.com	www.xivmodarchive.com
8	www.xivmodarchive.com	www.xivmodarchive.com
5	securepubads.g.doubleclick.net	s.nitropay.com securepubads.g.doubleclick.net www.xivmodarchive.com
3	tracker.nitropay.com	s.nitropay.com
3	id5-sync.com	s.nitropay.com cdn.id5-sync.com
3	gum.criteo.com	1 redirects static.criteo.net
3	s.nitropay.com	www.xivmodarchive.com s.nitropay.com
3	cdnjs.cloudflare.com	www.xivmodarchive.com cdnjs.cloudflare.com
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	oajs.openx.net	1 redirects
2	fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	targeting.unrulymedia.com	s.nitropay.com
2	prebid-rtd.audigent.workers.dev	s.nitropay.com
2	api.btloader.com	btloader.com
2	ad-delivery.net	www.xivmodarchive.com
2	mug.criteo.com	www.xivmodarchive.com
2	cdn.jsdelivr.net	www.xivmodarchive.com
1	www.google.com	ep2.adtrafficquality.google
1	google-bidout-d.openx.net	oa.openxcdn.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	apex.go.sonobi.com	s.nitropay.com
1	tlx.3lift.com	s.nitropay.com
1	btlr.sharethrough.com	s.nitropay.com
1	htlb.casalemedia.com	s.nitropay.com
1	prebid.media.net	s.nitropay.com
1	ib.adnxs.com	s.nitropay.com
1	grid-bidder.criteo.com	s.nitropay.com
1	direct.adsrvr.org	s.nitropay.com
1	fastlane.rubiconproject.com	s.nitropay.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	consent.nitrocnct.com	s.nitropay.com
1	ad.doubleclick.net	www.xivmodarchive.com
1	bt.dns-finder.com	btloader.com
1	match.adsrvr.org	s.nitropay.com
1	api.rlcdn.com	s.nitropay.com
1	cdn.id5-sync.com	s.nitropay.com
1	id.hadron.ad.gt	s.nitropay.com
1	btloader.com	s.nitropay.com
83	40

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.patreon.com
discordapp.com

Subject Issuer	Validity	Valid
xivmodarchive.com WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
nitropay.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
btloader.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.nitropay.com WR3	`2024-11-29` - `2025-02-27`	3 months	crt.sh
dns-finder.com WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
ad-delivery.net WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
nitrocnct.com WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
api.btloader.com WR3	`2024-11-29` - `2025-02-27`	3 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
audigent.workers.dev WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-30` - `2025-05-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
prebid.media.net WR3	`2024-12-02` - `2025-03-02`	3 months	crt.sh
casalemedia.com E6	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-10`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.xivmodarchive.com/
Frame ID: 8A54405E3475A1E55875A6CBD492FED3
Requests: 72 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 42C5F94926BD8EE1A20361F67C0014E3
Requests: 1 HTTP requests in this frame

Frame: https://fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDC3823A2B6F5FFAC353BC0DEE4D0FE9
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3133EFD9F707C7C075F15DBFA9762CFE
Requests: 1 HTTP requests in this frame

Frame: https://fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3988EA619AB4C061F002402CFAFDAC7F
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 305589A0D352D4C6B95903C5FBBB31BC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF32AC35BD67C90292AD8388636A5D2B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.xivmodarchive.com&gpp=&gpp_sid=
Frame ID: 371F566740E385B9596F403A658B4268
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XIV Mod Archive

Page URL History Show full URLs

http://www.xivmodarchive.com/ HTTP 307
https://www.xivmodarchive.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

83
Requests

96 %
HTTPS

33 %
IPv6

30
Domains

40
Subdomains

40
IPs

3
Countries

1240 kB
Transfer

3026 kB
Size

47
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/vWR7qMbcn6
Title: XIV Mod Archive Discord Server

Search URL Search Domain Scan URL

URL: https://www.patreon.com/xivmodarchive
Title: Become a Patreon Subscriber

Search URL Search Domain Scan URL

URL: https://discordapp.com/oauth2/authorize?client_id=496178690145910785&scope=bot&permissions=68608
Title: this link

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xivmodarchive.com/ HTTP 307
https://www.xivmodarchive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.xivmodarchive.com%2F&domain=www.xivmodarchive.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=jN6RUXwveGpSV3ZPbEhucXVtd290eVdWdDZMRi9kSGxBSlhITWtBcDNERTZ4bXhrVGpndHJEdVY0cmFVdWdYQXNvUHEzdk1tWFlJTk8yRGhBV0xDWjl4R1Myd2xmWnJsNmZoZVB0RHVWbVZaRjZkeHBvVmRhMzFXUEVVWWRzL0pteUFkaWJPNGxjUmtkZ1c1M1lvb2xaNXFHaThqcC96V0hWelFiLzQ5cFVGc29ZOFJCdGFxYk4yTkpSUjdXbEZ1Um5oNkM2aTZrdG14VGZ5NUVpSkR4RVVDUkJkd2dNUHErSUMxbHBqNlo5MWJkOVFybjFybisyNU90cmZYVTlTeVFRWGtSUmJHaVNjNnJ4T3dwY29lSXJDY05mQT09fA&cppv=2

Request Chain 72

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xivmodarchive.com/
Redirect Chain

http://www.xivmodarchive.com/
https://www.xivmodarchive.com/

106 KB
19 KB

325ms
241ms

Document
text/html

2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 83da31c098308a0ecbf581e05bbbacaec20cae997c260cb8f3ee78676e9125b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8ed94c3c5edc25b9-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 03:48:00 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1733456880&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=IC53X4hKc5Iwhb%2F2VZ33aBgGDsn4M2QTizNEgTH3GFI%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1733456880&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=IC53X4hKc5Iwhb%2F2VZ33aBgGDsn4M2QTizNEgTH3GFI%3D
server: cloudflare
vary: Origin
via: 1.1 vegur
x-powered-by: Express

Redirect headers

Location: https://www.xivmodarchive.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 158 KB
26 KB 105ms
32ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.xivmodarchive.com
Referer: https://www.xivmodarchive.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
age: 4407885
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230063-FRA, cache-mia-kmia1760095-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26373
x-jsd-version: 4.6.2

GET
H2 200 jquery.min.js Show response
www.xivmodarchive.com/js/ 87 KB
32 KB 54ms
49ms Script
application/javascript 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/js/jquery.min.js
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"15d9d-1927e2a3bb0"
age: 2049691
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731407189&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=iu0OiNIc4dtxzN0roKbT5CbWqKg0b2%2Bu%2BtdvJKgbswA%3D"}]}
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Sat, 12 Oct 2024 00:39:10 GMT
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1731407189&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=iu0OiNIc4dtxzN0roKbT5CbWqKg0b2%2Bu%2BtdvJKgbswA%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c3e297525b9-MIA
x-powered-by: Express
server: cloudflare

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 96ms
45ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.xivmodarchive.com
Referer: https://www.xivmodarchive.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-4f71"
age: 55842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmcTzMKDsHN65kHX830MpK1FvsQdrn%2FCOtKFmc4Bup06rvQLE%2BiCtqXbxtCrquokl4s25XloAT5tHB7XgdQsizjauF2oX81poYwutx%2FaU2qPehWqnQubAnjWOKGkR%2FkK3R5iUiZ4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 03:48:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ed94c3e6d3a21d3-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6451
server: cloudflare

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 61 KB
16 KB 107ms
36ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.xivmodarchive.com
Referer: https://www.xivmodarchive.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
age: 3783678
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220082-FRA, cache-mia-kmia1760095-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16588
x-jsd-version: 4.6.2

GET
H2 200 common.js Show response
www.xivmodarchive.com/js/ 6 KB
3 KB 55ms
51ms Script
application/javascript 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/js/common.js?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 26ad7573f0aecdf0e7f9602f2b5080c1fb933560bebca5a75cd82f2fe931ff85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"1e96-1927e2a3bb0"
age: 3774062
cf-cache-status: HIT
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729682818&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=iYS2nxKghmfvN9Av8vJrW9OY%2B7l7DqonnSmmK6VFEHg%3D"}]}
cf-polished: origSize=7830
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 12 Oct 2024 00:39:10 GMT
vary: Origin, Accept-Encoding
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1729682818&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=iYS2nxKghmfvN9Av8vJrW9OY%2B7l7DqonnSmmK6VFEHg%3D
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c3e297825b9-MIA
x-powered-by: Express
server: cloudflare

GET
H3 200 ads-876.js Show response
s.nitropay.com/ 570 KB
181 KB 121ms
64ms Script
text/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-876.js

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcef9c38a2fa88a145ad3f40fb83d58a792e9f9068dd68d1b28c37ce3f0540e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-meta-goog-reserved-file-mtime: 1732653439
x-goog-hash: crc32c=haj7sQ==, md5=+gZ5AKcR5SpvrioOsZ5WJQ==
cf-cache-status: HIT
etag: W/"fa067900a711e52a6fae2a0eb19e5625:1733437708000:US"
age: 19169
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Fri, 05 Dec 2025 22:28:31 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 578875
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: text/javascript
last-modified: Thu, 05 Dec 2024 22:28:28 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC59tioWbFe-FaRv4u2e7GIq1lCgMOy2WX-Iszdkh08WjPxdD0HY4yeq5Bh-Q3uWfK72an8
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: private, max-age=600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ed94c3f6c5dd9a9-MIA
access-control-allow-origin: *
x-goog-generation: 1732654520986136
server: cloudflare

GET
H2 200 main.css
www.xivmodarchive.com/stylesheets/ 11 KB
3 KB 49ms
48ms Stylesheet
text/css 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/stylesheets/main.css?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f588e48ebef6e19f73b535c4302e2343eba07f9b429816870b210a8456ef694d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2bf7-1927e2a3bb0"
age: 142247
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1733314633&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=nUTyX%2BTDzIErpo9YvOygb1l2H0JMU22C4tNI3%2BpbusQ%3D"}]}
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Sat, 12 Oct 2024 00:39:10 GMT
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1733314633&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=nUTyX%2BTDzIErpo9YvOygb1l2H0JMU22C4tNI3%2BpbusQ%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c3e297225b9-MIA
x-powered-by: Express
server: cloudflare

GET
H2 200 glide.min.js Show response
www.xivmodarchive.com/js/ 27 KB
8 KB 48ms
47ms Script
application/javascript 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/js/glide.min.js?cachbreak=ver2023sept
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 84e61441effe1acd86cc5ccb8666919fe788165442d3f45544a8b29b36b889ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6d0a-1927e2a3bb0"
age: 315407
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1733141473&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Jz5boTdYBRM7UVNdfCf10mJb%2BBX%2BKLLapHKXPGMtTbU%3D"}]}
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Sat, 12 Oct 2024 00:39:10 GMT
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1733141473&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=Jz5boTdYBRM7UVNdfCf10mJb%2BBX%2BKLLapHKXPGMtTbU%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c3e297925b9-MIA
x-powered-by: Express
server: cloudflare

GET
H2 200 spinner.gif
www.xivmodarchive.com/ 62 KB
62 KB 53ms
52ms Image
image/gif 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xivmodarchive.com/spinner.gif
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: W/"14a44-1927e2a3bb0"
age: 418695
cf-cache-status: HIT
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1733038185&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=od20fpQfQ2K0M%2B4SlY9NXNIb5nopnsn5F8LA0tHMyZ4%3D"}]}
cf-polished: origSize=84548, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: image/gif
last-modified: Sat, 12 Oct 2024 00:39:10 GMT
vary: Origin, Accept-Encoding
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1733038185&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=od20fpQfQ2K0M%2B4SlY9NXNIb5nopnsn5F8LA0tHMyZ4%3D
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c3e297b25b9-MIA
accept-ranges: bytes
content-length: 63162
x-powered-by: Express
server: cloudflare

GET
H2 200 update.png
static.xivmodarchive.com/images/overlays/ 4 KB
5 KB 82ms
65ms Image
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/images/overlays/update.png

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1f07664cc5495e6d1b6e96166b091dc31f0533d4895f8e4455f483b496ebe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "f3ddb23de405931587e97c5fbb002468"
age: 249239
cf-cache-status: HIT
cf-polished: origSize=6577, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Sun, 13 Feb 2022 20:37:32 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
x-amz-request-id: tx00000000000000d1b7138-0067496da2-494bc47d-nyc3a
cf-ray: 8ed94c3e39a825b9-MIA
accept-ranges: bytes
content-length: 4262
server: cloudflare

GET
H2 200 new.png
static.xivmodarchive.com/images/overlays/ 3 KB
3 KB 46ms
45ms Image
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/images/overlays/new.png

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ce66c05e7a78e1364ea035e83ef617bc10490f39096ec6ebbb34cef11f8e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "b06c2a9c871eb23b7786f5f5b5c6c398"
age: 344813
cf-cache-status: HIT
cf-polished: origSize=4705, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Sun, 13 Feb 2022 20:37:32 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=604800
x-amz-request-id: tx00000000000002a93e0f9-0065f1d7be-41db5baf-nyc3a
cf-ray: 8ed94c3eaa3825b9-MIA
accept-ranges: bytes
content-length: 2805
server: cloudflare

GET
H2 200 blobpeek.png
www.xivmodarchive.com/ 5 KB
5 KB 43ms
43ms Image
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xivmodarchive.com/blobpeek.png
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: W/"23af-1927e2a3bb0"
age: 4399191
cf-cache-status: HIT
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729057689&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=WdHQCRsgPAguWIvZbUyss%2BBZsUspNXaoPNLY9mJpmK4%3D"}]}
cf-polished: origSize=9135, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 00:39:10 GMT
vary: Origin, Accept-Encoding
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1729057689&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=WdHQCRsgPAguWIvZbUyss%2BBZsUspNXaoPNLY9mJpmK4%3D
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c3f0a9e25b9-MIA
accept-ranges: bytes
content-length: 5008
x-powered-by: Express
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 46ms
45ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.xivmodarchive.com
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65692999-49ad"
age: 593046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMLH3w5IaeTL6YR6%2Fh%2BzTnZCP7z%2FjSpXYhmAaM6TTYsPOsP7SaIm1QtE%2Br1Icj3R%2BzRbiBbjJKjC%2FSriUdR10AFNz%2FSbWVPmnrZgnIFMLIiJgLaGSJVn4F6UXwXMRjvdHOCYN3zK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 03:48:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
vary: Accept-Encoding
priority: u=4,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ed94c3f1de621d3-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18861
server: cloudflare

GET
H2 200 494d2ded-af4d-4b3c-9268-2584fbfa6354.jpg
static.xivmodarchive.com/mod-thumbnails/ 13 KB
13 KB 54ms
53ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/494d2ded-af4d-4b3c-9268-2584fbfa6354.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84cb3c76f4fd4c6a5129aa014e814e0826a86b53e548edb8372249c1f432da48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "935f724e73076bc342cbb31a5f8baae4"
age: 2534
cf-cache-status: HIT
cf-polished: origSize=13846, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_122802_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 06 Dec 2024 02:51:54 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000e97e1d9-0067526824-494abf94-nyc3a
cf-ray: 8ed94c3f7b5a25b9-MIA
accept-ranges: bytes
content-length: 13462
server: cloudflare

GET
H2 200 9b2a624c-82db-4124-a649-728365593be9.jpg
static.xivmodarchive.com/mod-thumbnails/ 34 KB
34 KB 49ms
48ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/9b2a624c-82db-4124-a649-728365593be9.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f098db92e0c7c5dac7e28f2b524acff0b797dbb961e315c3b22925e941e3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "057d836f64e02962e8788960106119b0"
age: 3906
cf-cache-status: HIT
cf-polished: origSize=37009, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123816_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 06 Dec 2024 02:34:02 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000cb46ce8-006752648e-494bc369-nyc3a
cf-ray: 8ed94c3f7b5d25b9-MIA
accept-ranges: bytes
content-length: 34717
server: cloudflare

GET
H2 200 5c5e6f24-8b20-44b0-9b5c-0fd6bd510ec2.jpg
static.xivmodarchive.com/mod-thumbnails/ 22 KB
22 KB 45ms
44ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/5c5e6f24-8b20-44b0-9b5c-0fd6bd510ec2.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2562b85da57c0db1ae8e20f124c5537cb86241ac2c887d8ad7da389a374b066e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "4c8400805bd9960813ef9cd66d15beb9"
age: 8724
cf-cache-status: HIT
cf-polished: origSize=22932, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123647_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Dec 2024 07:23:26 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000ecbc8ec-00675003a7-494bc47d-nyc3a
cf-ray: 8ed94c3f7b5f25b9-MIA
accept-ranges: bytes
content-length: 22112
server: cloudflare

GET
H2 200 801af018-4a39-4ce8-8249-3e4ebf228138.jpg
static.xivmodarchive.com/mod-thumbnails/ 29 KB
29 KB 48ms
48ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/801af018-4a39-4ce8-8249-3e4ebf228138.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e211e1d430b5f48fbf3ab0adcc7e04d04c7956a9be187b29152ce7364d7f6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "4a267b3396d1328a09a497663fff0f34"
age: 13357773
cf-cache-status: HIT
cf-polished: origSize=31390, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_105505_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 24 Apr 2024 03:18:30 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx0000000000000077d3a82-00664f3222-46b60b27-nyc3a
cf-ray: 8ed94c3f7b6025b9-MIA
accept-ranges: bytes
content-length: 29750
server: cloudflare

GET
H2 200 c176aa1c-376d-4ee9-ad67-9c28a4720255.jpg
static.xivmodarchive.com/mod-thumbnails/ 18 KB
19 KB 45ms
45ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/c176aa1c-376d-4ee9-ad67-9c28a4720255.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7f008ce56edc514447e78d41ada4028631de506beea779f2ad593ecaac9fa11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "fcd1de9842c16fee320bca1e76b5cc8b"
age: 19537
cf-cache-status: HIT
cf-polished: origSize=19403, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123806_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 05 Dec 2024 22:14:59 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000e87afbc-0067522738-494abf94-nyc3a
cf-ray: 8ed94c3f7b6125b9-MIA
accept-ranges: bytes
content-length: 18688
server: cloudflare

GET
H2 200 cf121325-4604-4ba3-b508-9ddb9e0c18d3.jpg
static.xivmodarchive.com/mod-thumbnails/ 10 KB
10 KB 49ms
48ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/cf121325-4604-4ba3-b508-9ddb9e0c18d3.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0ffdb171c096b21717beed41835ac34d7b1574028000946b449317bd1b87dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "9d4222d5240190f3df6cc57d154045f2"
age: 58847
cf-cache-status: HIT
cf-polished: origSize=10297, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123764_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 05 Dec 2024 11:11:33 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000e5e0db0-0067518ad4-494abf94-nyc3a
cf-ray: 8ed94c3f9b8c25b9-MIA
accept-ranges: bytes
content-length: 10104
server: cloudflare

GET
H2 200 6818c2cc-73fe-4aa2-8eff-b623db4fe076.jpg
static.xivmodarchive.com/mod-thumbnails/ 21 KB
21 KB 46ms
45ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/6818c2cc-73fe-4aa2-8eff-b623db4fe076.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ea5a22994d65dd83cce484c63bb3551de5d72f4476db997b891ee48cdf0984

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "aa5365c4d304397c8f413b264a66d5e5"
age: 110137
cf-cache-status: HIT
cf-polished: origSize=22319, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123711_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Dec 2024 21:06:05 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000efe548d-006750c5af-494bc47d-nyc3a
cf-ray: 8ed94c3fdbcd25b9-MIA
accept-ranges: bytes
content-length: 21448
server: cloudflare

GET
H2 200 4527bc6f-6b66-4fb6-ad56-7a6bc3e561c9.jpg
static.xivmodarchive.com/mod-thumbnails/ 29 KB
30 KB 49ms
49ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/4527bc6f-6b66-4fb6-ad56-7a6bc3e561c9.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59d2475ff339beda406da1f113eae87b674d5ab10b13e6bab6eef92600067e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "5ca019af8c4c9d19d93841386e13cca9"
age: 33918
cf-cache-status: HIT
cf-polished: origSize=32000, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123787_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 05 Dec 2024 18:10:03 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000e7878a9-006751eefa-494abf94-nyc3a
cf-ray: 8ed94c3fdbd025b9-MIA
accept-ranges: bytes
content-length: 30187
server: cloudflare

GET
H2 200 e0d509e4-7c55-4078-b557-9f89a8f5b666.jpg
static.xivmodarchive.com/mod-thumbnails/ 18 KB
18 KB 50ms
50ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/e0d509e4-7c55-4078-b557-9f89a8f5b666.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7220291de822454cf662acd44c333d9a10c71ed33e40b4d6069a4b9c0038b54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "f56c982756ba60dbab9e23fe542268ca"
age: 107683
cf-cache-status: HIT
cf-polished: origSize=18979, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123715_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Dec 2024 21:49:14 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000e31810b-006750cec1-494abf94-nyc3a
cf-ray: 8ed94c3fdbde25b9-MIA
accept-ranges: bytes
content-length: 18420
server: cloudflare

GET
H2 200 cb0cbffd-7364-4554-9b81-8ac0fc4de74c.jpg
static.xivmodarchive.com/mod-thumbnails/ 19 KB
20 KB 44ms
43ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/cb0cbffd-7364-4554-9b81-8ac0fc4de74c.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e106d291a7b80d1e93e2d72ad2e55238a3d5abe8a9b481c84c5d3afad54c53f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "1afb08690aeb4b1a3271f2bc3c658001"
age: 194687
cf-cache-status: HIT
cf-polished: origSize=20512, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123609_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 03 Dec 2024 21:35:38 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000ea7640f-00674f7a04-494bc47d-nyc3a
cf-ray: 8ed94c3fdbe025b9-MIA
accept-ranges: bytes
content-length: 19836
server: cloudflare

GET
H2 200 7dfb2adb-92a7-49f6-8000-028cea8b004f.jpg
static.xivmodarchive.com/mod-thumbnails/ 18 KB
19 KB 47ms
47ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/7dfb2adb-92a7-49f6-8000-028cea8b004f.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa2aa356dbfc442cbdd771f2f104fec936221a2797ae1cf367d0e0a8c9d0d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "52ed359b046396150f88db65f90c8bd9"
age: 3904
cf-cache-status: HIT
cf-polished: origSize=19141, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123817_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 06 Dec 2024 02:31:13 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000cb46dfa-0067526491-494bc369-nyc3a
cf-ray: 8ed94c3fdbe525b9-MIA
accept-ranges: bytes
content-length: 18603
server: cloudflare

GET
H2 200 c325218f-2623-4788-a7f2-a856b37d0d9d.jpg
static.xivmodarchive.com/mod-thumbnails/ 21 KB
21 KB 47ms
47ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/c325218f-2623-4788-a7f2-a856b37d0d9d.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb83a11e6615348e6e13ae233beb888860e53826fe38d70f782f7136aa3dce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "80e9f4ad4cc29306d362c54b543a9169"
age: 8724
cf-cache-status: HIT
cf-polished: origSize=22475, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123812_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 06 Dec 2024 01:17:05 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000f613912-00675251d2-494bc47d-nyc3a
cf-ray: 8ed94c3ffc0a25b9-MIA
accept-ranges: bytes
content-length: 21534
server: cloudflare

GET
H2 200 d9cd826a-cae2-4985-b5d0-67c06831d1c9.jpg
static.xivmodarchive.com/mod-thumbnails/ 17 KB
18 KB 46ms
46ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/d9cd826a-cae2-4985-b5d0-67c06831d1c9.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ed96ebda939635b7f388a4e5f5b2faea1cd9b24f558a3395329f803edb545a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: imgq:100,h2pri
etag: "202f4451a9db08c3dedc68e351c5c0a3"
age: 11662
cf-cache-status: HIT
cf-polished: origSize=18152, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:00 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
content-disposition: inline; filename="mod_123648_thumbnail.jpg"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Dec 2024 07:38:33 GMT
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-amz-request-id: tx00000000000000c1b0e1b-0067500767-494bc369-nyc3a
cf-ray: 8ed94c401c3525b9-MIA
accept-ranges: bytes
content-length: 17752
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
153 KB 52ms
51ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.xivmodarchive.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "65692999-26350"
age: 19008
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90QkLnmWEZ1gIPc%2FgGYLEf2FIYIzbKsy7xkHNjV8i6PUXZeEeFcyE%2FIePxqRPDEktXk%2BgPDdn19Brp9S5qjgfHJmGOFdgi3wJQdtDf5TYBMy32pqj47sGk%2FpChoX486MfJnMij4X"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 03:48:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ed94c3fbe9c21d3-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 156496
server: cloudflare

GET
H2 200 tag Show response
btloader.com/ 107 KB
31 KB 127ms
43ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c407dbb68ae12f98488a7ba46b97d8ca10587a1ef204c7275b88a2af87836d57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "922f96abd076c8a0f6f40e4f9b4e48bb"
age: 2811
via: 1.1 google
cf-ray: 8ed94c41695ca50f-MIA
accept-ranges: bytes
content-length: 30961
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 02:58:29 GMT
vary: Origin, Accept-Encoding
server: cloudflare

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 197ms
54ms Preflight
application/json 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.xivmodarchive.com%2F&domain=www.xivmodarchive.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.xivmodarchive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 06 Dec 2024 03:48:00 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 192860
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.xivmodarchive.com%2F&domain=www.xivmodarchive.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=jN6RUXwveGpSV3ZPbEhucXVtd290eVdWdDZMRi9kSGxBSlhITWtBcDNERTZ4bXhrVGpndHJEdVY0cmFVdWdYQXNvUHEzdk1tWFlJTk8yRGhBV0xDWjl4R1Myd2xmWnJsNmZoZVB0RHVWbVZaRjZkeHBvVmRhMzFXUEVVWW...

365 B
946 B

168ms
58ms

Fetch
application/json

74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jN6RUXwveGpSV3ZPbEhucXVtd290eVdWdDZMRi9kSGxBSlhITWtBcDNERTZ4bXhrVGpndHJEdVY0cmFVdWdYQXNvUHEzdk1tWFlJTk8yRGhBV0xDWjl4R1Myd2xmWnJsNmZoZVB0RHVWbVZaRjZkeHBvVmRhMzFXUEVVWWRzL0pteUFkaWJPNGxjUmtkZ1c1M1lvb2xaNXFHaThqcC96V0hWelFiLzQ5cFVGc29ZOFJCdGFxYk4yTkpSUjdXbEZ1Um5oNkM2aTZrdG14VGZ5NUVpSkR4RVVDUkJkd2dNUHErSUMxbHBqNlo5MWJkOVFybjFybisyNU90cmZYVTlTeVFRWGtSUmJHaVNjNnJ4T3dwY29lSXJDY05mQT09fA&cppv=2

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

767ff84471afb1aca2bc7063a2e83990b5d664e475a1e1ea6d7b38d5e2cf9e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 669850
expires: 0
access-control-allow-origin: null
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=jN6RUXwveGpSV3ZPbEhucXVtd290eVdWdDZMRi9kSGxBSlhITWtBcDNERTZ4bXhrVGpndHJEdVY0cmFVdWdYQXNvUHEzdk1tWFlJTk8yRGhBV0xDWjl4R1Myd2xmWnJsNmZoZVB0RHVWbVZaRjZkeHBvVmRhMzFXUEVVWWRzL0pteUFkaWJPNGxjUmtkZ1c1M1lvb2xaNXFHaThqcC96V0hWelFiLzQ5cFVGc29ZOFJCdGFxYk4yTkpSUjdXbEZ1Um5oNkM2aTZrdG14VGZ5NUVpSkR4RVVDUkJkd2dNUHErSUMxbHBqNlo5MWJkOVFybjFybisyNU90cmZYVTlTeVFRWGtSUmJHaVNjNnJ4T3dwY29lSXJDY05mQT09fA&cppv=2
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 275709
expires: 0
access-control-allow-origin: https://www.xivmodarchive.com
content-length: 0
date: Fri, 06 Dec 2024 03:48:00 GMT
server: Kestrel

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
319 B 141ms
45ms Fetch
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=720&_it=prebid&t=1&src=id&domain=www.xivmodarchive.com
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
allow: POST, OPTIONS, GET
cf-ray: 8ed94c420b2f7476-MIA
access-control-allow-origin: *
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
670 B 483ms
153ms Fetch
application/json 162.19.138.82
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

b0ac7f46536b9c97219b1e67bcb29296ca1978b8a36a1043fa60d87821af7940

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.xivmodarchive.com
p3p: CP="CAO PSA OUR"
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 id5PrebidModule.js Show response
cdn.id5-sync.com/api/1.0/ 88 KB
26 KB 124ms
44ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4401aae4b15569fbacfc877c1004bbd8ac7c168343e1a82c60b58af392d8b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-amz-id-2: R/Su1hbFGGo5hjhQhgZi127C28KkDvzOuUUsEOl4piEncGxeyUMQ2iXiFJhQMc4XNh8E8EfJR0o=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"903277a5e756877c659058d6ce6ce5ab"
age: 37
x-amz-request-id: YRDYK5K6TCV8MQSA
cf-ray: 8ed94c41fc1d8dfa-MIA
date: Fri, 06 Dec 2024 03:48:00 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 204 envelope Show response
api.rlcdn.com/api/identity/ 0
284 B 157ms
67ms Fetch 34.107.165.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=14333
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.165.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: no-cache, no-store
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.xivmodarchive.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 03:48:00 GMT
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
573 B 172ms
57ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=tpfrvh0&fmt=json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: adf5f6cf0785e4dc4e1704b8d21de5289daa89ab75e60fe8c440feeb3bd06a9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Sun, 05 Jan 2025 03:48:01 GMT
access-control-allow-origin: https://www.xivmodarchive.com
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
33 KB 215ms
85ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

be6a8b95ab511d44817843017543b4e5d0dfc6b5c648867b65741cb210afe0dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
etag: 503 / 20063 / 31089193 / config-hash: 3339216100379222986
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 03:48:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33736
x-xss-protection: 0
server: cafe

GET
H3 200 gpp-84c89f1.min.js Show response
s.nitropay.com/ 269 KB
50 KB 57ms
57ms Script
text/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/gpp-84c89f1.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9bd2216bea9af3c34417192765b07b6f2b63f53f2d2eeaadbf2e70dc9889977

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=OEv6IQ==, md5=mH4JPYNYQPLozKDO5CUC4Q==
cf-cache-status: HIT
etag: W/"987e093d835840f2e8cca0cee42502e1"
age: 418751
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 06:59:27 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 275554
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: text/javascript
last-modified: Fri, 22 Nov 2024 18:54:30 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC75NOBClj8EmiubhA5dpIi9jTrzgExv4T7pChIQX8ohQxrlzjaxcSDQzfLSIUOdEvByvDfBoC48Ag
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: public, max-age=604800
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ed94c432891d9a9-MIA
access-control-allow-origin: *
x-goog-generation: 1732301670814045
server: cloudflare

GET
H2 204 876
tracker.nitropay.com/a/ 0
0 183ms
70ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/a/876?d=eyJocmVmIjoiaHR0cHM6Ly93d3cueGl2bW9kYXJjaGl2ZS5jb20vIiwidiI6ODQsImEiOmZhbHNlLCJzIjp0cnVlLCJjIjoiVVMiLCJyIjoiRkwifQ%3D%3D
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 03:48:01 GMT
server: nginx/1.27.0

GET
H3 200 1.gif
s.nitropay.com/ 42 B
614 B 46ms
45ms Image
image/gif 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 3
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
cf-cache-status: HIT
etag: "d89746888da2d9510b64a9f031eaecd5"
age: 74870
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 08:36:39 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 42
date: Fri, 06 Dec 2024 03:48:01 GMT
x-goog-custom-time: 1970-01-01T00:00:00Z
content-type: image/gif
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6sSK26rIe-Gq5sctgo2TqA0WIJVFV4KPz7cdalDJbneqBD2VNNSUYf2gUnbSyP70urwg
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: public, max-age=604800
x-goog-meta-
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ed94c4378d9d9a9-MIA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1611305925409947
content-length: 42
server: cloudflare

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 182ms
54ms Preflight
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 06 Dec 2024 03:48:01 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 170512
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 px.gif Show response
bt.dns-finder.com/ 43 B
1 KB 101ms
48ms Fetch
image/gif 172.67.134.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bt.dns-finder.com/px.gif
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1650
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUDQDLyNw%2BdkUA0WDv7ROnmpni%2FOEsk0szp3fQvgb3UfUj3W8IbLnp5xZ2nFH6LlgcQIJXYWWp%2FzKgSpoqcshxxTWohFT1rclth3s022mOk26Oz5TWu26GUgkPDQtlSfHvDiNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Fri, 06 Dec 2024 03:56:20 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 43
server-timing: cfL4;desc="?proto=QUIC&rtt=29974&min_rtt=29969&rtt_var=11247&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4102&recv_bytes=4265&delivery_rate=107373&cwnd=12000&unsent_bytes=0&cid=df83c2fb6c83f895&ts=54&x=1", cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: image/gif
last-modified: Fri, 19 Jul 2024 16:36:17 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC491z3CFH9lEAwnQxc68TKanaEIzoEG3i9k3XKuLRwfowNCW9hKHgp3moKb33ECzYt20Q
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8ed94c4439cb31f5-MIA
accept-ranges: bytes
x-goog-generation: 1721406977485562
content-length: 43
server: cloudflare

GET
H2 200 px.gif
ad-delivery.net/ 43 B
1 KB 125ms
45ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 361755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FtjuXsWY7T7QlbCEJ7va%2BVJ4OAmWB9ypdPknL6evZYRWidk7geVZPB5w6LM810LIEwWvwaQAXO%2BfC9mOUey9iFspmIjQoCttjR6lcitvkFMLBvmoxKkiRKLzB1yv6Y5AFWbRNowfytG9bVkQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sat, 07 Dec 2024 03:48:01 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=29850&min_rtt=29817&rtt_var=6308&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4021&recv_bytes=2337&delivery_rate=130286&cwnd=252&unsent_bytes=0&cid=8121932233222061&ts=49&x=0"
x-goog-stored-content-length: 43
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ed94c4468b03353-MIA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 144ms
61ms Image
image/x-icon 172.217.165.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: gzip
age: 27114
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 20:16:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:16:07 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
489 B 130ms
51ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.13149881558545173
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 361755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyoGjAT2YgchblnRZqumAB0PDVvyh4Rzb1y2hMYaR2BWblMx2xA%2FBEruLS6%2BpGTKmDvfN4ewLqhhpebUHcPeAPqX9wzGWU%2FHcN%2FWC0ukmQYsQxneroR4H1QB6C9tE0w9YMoRig0m0ipt4Ulyrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sat, 07 Dec 2024 03:48:01 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=29850&min_rtt=29817&rtt_var=6308&sent=11&recv=11&lost=0&retrans=0&sent_bytes=5161&recv_bytes=2337&delivery_rate=130286&cwnd=252&unsent_bytes=0&cid=8121932233222061&ts=53&x=0"
x-goog-stored-content-length: 43
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ed94c4468ac3353-MIA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 additional-consent-providers.csv Show response
consent.nitrocnct.com/ 116 KB
37 KB 97ms
47ms XHR
text/plain 104.21.64.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-84c89f1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 4
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
cf-cache-status: HIT
etag: W/"81f96867523b7ea4a2f05a62b9fdf1c7"
age: 315714
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1py3t2kozZV4fKedAvFtF1Ah6sSakVjRcrbMKC3WxcGTTq2IT97yXW0OSodBI2ezaT%2Fgl2OKNBhkYsftCLKI8Zv9%2FvUqQ%2BnJ7RvFV4Sflk3dui7fQymx82pjoiwWnxBlSTeVsWTg%2BaU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Mon, 09 Dec 2024 11:39:45 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 119221
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: text/plain
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6PtMk-K7rTxC2eIYFDipXQZJn_DJNcXf-x9nMELOH8J6zv5LiePLilE51Ty6eF1Ml9z2A
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-goog-storage-class: STANDARD
cf-ray: 8ed94c445e4ada2b-MIA
access-control-allow-origin: *
x-goog-generation: 1689147090287559
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/ 497 KB
153 KB 64ms
62ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

708145609f66add7242410f9a591beaa5a2f258f7aba910dff1545c56eac039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: br
etag: 6587945458042342373
age: 6902
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 01:52:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 01:52:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 67ms
66ms Other
text/plain 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 95
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 03:46:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 03:46:26 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 150ms
68ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=6278260873756672
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: application/json
vary: Origin

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 150ms
70ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=Az7fLDA3-4ZprOEUsf-939a14e663&w=6219774819303424&o=6278260873756672&cv=2.1.66&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.xivmodarchive.com%2F&sid=9YbRVuIoE-KVZGX56buc-939a14e664&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 03:48:01 GMT
vary: Origin

GET
H2 200 favicon.png
www.xivmodarchive.com/ 510 B
1 KB 60ms
60ms Other
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: W/"8df-1912ba613b0"
age: 5497460
cf-cache-status: HIT
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727959421&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=WqBZ1D8ruTajt8Iw%2BeIj59mQO3C7tBwSKWqQow2IeSw%3D"}]}
cf-polished: origSize=2271, status=vary_header_present
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: image/png
last-modified: Wed, 07 Aug 2024 07:03:10 GMT
vary: Origin, Accept-Encoding
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1727959421&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=WqBZ1D8ruTajt8Iw%2BeIj59mQO3C7tBwSKWqQow2IeSw%3D
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8ed94c465cbe25b9-MIA
accept-ranges: bytes
content-length: 510
x-powered-by: Express
server: cloudflare

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
239 B 152ms
151ms Fetch
text/plain 162.19.138.82
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.xivmodarchive.com
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: text/plain;charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
293 B 444ms
145ms Fetch
application/json 162.19.138.119
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

866cfebfabe1cf6c3c7567c6b3de65e33c397a5a03489c9e54f87ba84efee1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.xivmodarchive.com
date: Fri, 06 Dec 2024 03:48:01 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 153ms
151ms XHR
application/json 162.19.138.82
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

0e2d4015a90989a601de051e55d191e887c78060f82dd442e5a369ff078cb03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.xivmodarchive.com
p3p: CP="CAO PSA OUR"
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json
vary: Origin

OPTIONS
H3 200 /
prebid-rtd.audigent.workers.dev/ Frame 0
0 103ms
49ms Preflight
application/json 172.67.188.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-rtd.audigent.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.xivmodarchive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
alt-svc: h3=":443"; ma=86400
cf-ray: 8ed94c4bd97167ce-MIA
content-length: 0
content-type: application/json
date: Fri, 06 Dec 2024 03:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dadcqylXY1iSk1NH2wHAABQH%2BAfCb66JHvCGJ6ODsgXv%2Fo0qOTvXdeoivfzCVgZET9B3g%2BSk6f7Oq%2B45iwNU4kBkAaYE5TryvdX45zLXQ%2BgN%2Fwui6ZjiVZYRgyQHWiIoG1DwhzNRF6BiZ14T5rnrhL%2B8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=30823&min_rtt=30805&rtt_var=11589&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4111&recv_bytes=4296&delivery_rate=102864&cwnd=12000&unsent_bytes=0&cid=95c089d5733836a8&ts=54&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

POST
H3 200 / Show response
prebid-rtd.audigent.workers.dev/ 20 B
696 B 44ms
42ms Fetch
application/json 172.67.188.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-rtd.audigent.workers.dev/
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce36453a27ede2e8291c3090c2eae196722e1ad3634bfd57ce60751d1ccd9bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.xivmodarchive.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLHdA6hyCe%2FRIGdASNBqsWgUgS1Y1EMw%2FOBVgkJpVq0byFXqNGnx2IfjSUYnguRnSGl5aqvmtyqgF40GkwXkFwligtpbEusMN43%2Fc4LIk9wJbj%2F7xtBYnzL5CkIq%2F15lQbfOaXququWIxoPkfP6aovk3"}],"group":"cf-nel","max_age":604800}
allow: POST, OPTIONS, GET
cf-ray: 8ed94c4c29f367ce-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20
server-timing: cfL4;desc="?proto=QUIC&rtt=32882&min_rtt=30661&rtt_var=9113&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4918&recv_bytes=6140&delivery_rate=42887&cwnd=12000&unsent_bytes=0&cid=95c089d5733836a8&ts=96&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
priority: u=1,i
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 190ms
55ms Preflight
text/plain 69.194.240.11
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.xivmodarchive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.xivmodarchive.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 06 Dec 2024 03:48:02 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 496 B
1 KB 326ms
182ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=569908&zone_id=3601482&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,753,1,,,&eid_criteo.com=wSD1x19TbUJmMEo2eXFYQUZURDd6bzFWdzA1Q3R3VnFlOUMwNUVNWFVQTnNVNyUyRkR5RlBrUTdTN01INzZNdVY5TE1ob1dob0wwJTJCdk95VHJEU1pWOHFDOVdBVkElM0QlM0Q%5E1&eid_audigent.com=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%5E1&eid_id5-sync.com=ID5*Vi_EO6gbloSpWU-nTVoMej-klsn1GVVZJsVCYKsLpu7f_9OHFxoxPvbbiYpG0WL5%5E1%5E2&eid_pubcid.org=bfb0e551-81de-4474-952d-4c16bcfa606d%5E1&tpid_tdid=52f0e42b-871d-4417-a75e-f42eae6329c3&eid_adserver.org=52f0e42b-871d-4417-a75e-f42eae6329c3&rf=https%3A%2F%2Fwww.xivmodarchive.com%2F&tg_i.domain=xivmodarchive.com&tg_i.page=https%3A%2F%2Fwww.xivmodarchive.com%2F&tg_i.name=XIV%20Mod%20Archive&tg_i.privacypolicy=1&tg_i.cattax=7&tg_i.cat=680&tg_i.pbadslot=%2F308365556%2C22736401783%2Fnitro-banner%2Fnitro-banner-876%23common-banner-ad-1&tk_flint=pbjs_lite_v9.19.0&x_source.tid=aa7b920b-60bc-46ca-a569-a713d71db332&l_pb_bid_id=3af722f2612cd5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d3988a30-6bab-4048-aa21-d4f04ec3ea6b&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F308365556%2C22736401783%2Fnitro-banner%2Fnitro-banner-876%23common-banner-ad-1&m_ch_mobile=%3F0&slots=1&rand=0.5751033289010277
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 3aa69afef86f53f2bb8858ca31b2c6a634eb7bf0c12a17d84cb37be1ecc9db0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.xivmodarchive.com
content-length: 496
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H/1.1 200
OK Nitro Show response
direct.adsrvr.org/bid/bidder/ 6 KB
3 KB 230ms
79ms Fetch
application/json 199.250.161.129
TTD-ASN-01

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/Nitro
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software: Kestrel /
Resource Hash: cef9877f9e7495ff0fb43e162cfdf9932fe44ab5f0262f806e58ce2a37324a45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

transfer-encoding: chunked
x-openrtb-version: 2.3
cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.xivmodarchive.com
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json
vary: Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
531 B 361ms
221ms Fetch 2620:100:a00b::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.19.0&cb=51538414533&lsavail=1&bundle=X0Z0e181aWJlSTRZMWRTV3pDcWVpbHR4JTJCd0IlMkIlMkZxU1QweEhZVGFZaVRseFVMa3lUUFJBd082OFR0ZDhRQzJBRFZqanJGTW1UUkxQTjZDTHRtQnp0TFBUUUlwSDElMkZaTEkyTHNJVW1wRmVJbHI3NE5FUnVwJTJGSGFmajN3RTlFUmxXNFRBTiUyRg

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://www.xivmodarchive.com
date: Fri, 06 Dec 2024 03:48:02 GMT
vary: Origin
server: Kestrel

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 258ms
87ms Fetch
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0e174cb91f2e0626652398daf0b356f41ad160451fac599ffad7a332c0c0fb8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.71; 38.132.118.71; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://www.xivmodarchive.com
an-x-request-uuid: 7f469e19-0b86-4b0b-9bb9-beba348b8c92
content-length: 144
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 06 Dec 2024 03:48:02 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 334ms
256ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 9ee478d56f99ed50199f86ce0322c6bcc3c7ded94d08deb07c769059012e2097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 211
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
expires: Fri, 06 Dec 2024 03:48:02 GMT
access-control-allow-origin: https://www.xivmodarchive.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 744
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
694 B 259ms
184ms Fetch
application/json 104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=853776
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3078d9b88bc38c21c1b55758adfd511380294e99706dc75f845d1ebb38f6d7a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPh2fVlRGrT2rPoCvLALkmC9wEOd9nLbXPeiQPUaywfENuxVRy9ZxNbnG6yX1GkNVIUiVtigolw2O7DgV7D%2Bju42yx3Mf8L9NElwaGqRbdSKfT%2Bme3F9G6FdqWH%2FAFUhLDSMzCzt"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics: ?1
expires: 0
alt-svc: h3=":443"; ma=86400
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8ed94c4c2e7a09ea-MIA
access-control-allow-origin: https://www.xivmodarchive.com
content-length: 37
server: cloudflare

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 752 B
808 B 274ms
141ms Fetch
application/json 18.215.189.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.189.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-189-254.compute-1.amazonaws.com

Software

Resource Hash

bd1d3ba47a4cce9560d06f1b3afff241d334211f7383d20e5a9b44252d3e5673

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.xivmodarchive.com
content-encoding: gzip
content-length: 440
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
1 KB 306ms
183ms Fetch
application/json 3.233.183.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.19.0&referrer=https%3A%2F%2Fwww.xivmodarchive.com%2F&tmax=1200&gdpr=false&us_privacy=1---

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.183.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-183-24.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://www.xivmodarchive.com
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 426 B
1 KB 264ms
70ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2220f8d46c7e4d5be%22%3A%2273417d48500921b44e50%7C728x90%2C970x90%7Cf%3D0.01%2Cgpid%3D%2F308365556%2C22736401783%2Fnitro-banner%2Fnitro-banner-876%23common-banner-ad-1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.xivmodarchive.com%2F&s=cda68a6b-ea68-45ff-91c2-30261f6f45a7&pv=057864b6-412d-4945-b12b-ced8229a1e80&vp=desktop&lib_name=prebid&lib_v=9.19.0&us=3&iqid=%7B%22pcid%22%3A%222e05051d-8dc8-41a2-9092-43c9b4b230e0%22%2C%22pcidDate%22%3A1733456882500%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22aa7b920b-60bc-46ca-a569-a713d71db332%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22xivmodarchive.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22xivmodarchive.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.xivmodarchive.com%2F%22%2C%22name%22%3A%22XIV%20Mod%20Archive%22%2C%22privacypolicy%22%3A1%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22FL%22%2C%22country%22%3A%22US%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22wSD1x19TbUJmMEo2eXFYQUZURDd6bzFWdzA1Q3R3VnFlOUMwNUVNWFVQTnNVNyUyRkR5RlBrUTdTN01INzZNdVY5TE1ob1dob0wwJTJCdk95VHJEU1pWOHFDOVdBVkElM0QlM0Q%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Vi_EO6gbloSpWU-nTVoMej-klsn1GVVZJsVCYKsLpu7f_9OHFxoxPvbbiYpG0WL5%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%2C%22pba%22%3A%22E1WVWj353yVMfCu9O5U7GYJAilKoU3obzEJtOt4bUZQ%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bfb0e551-81de-4474-952d-4c16bcfa606d%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2252f0e42b-871d-4417-a75e-f42eae6329c3%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22ext%22%3A%7B%22vpw%22%3A1600%2C%22vph%22%3A1200%7D%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22753%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22wSD1x19TbUJmMEo2eXFYQUZURDd6bzFWdzA1Q3R3VnFlOUMwNUVNWFVQTnNVNyUyRkR5RlBrUTdTN01INzZNdVY5TE1ob1dob0wwJTJCdk95VHJEU1pWOHFDOVdBVkElM0QlM0Q%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Vi_EO6gbloSpWU-nTVoMej-klsn1GVVZJsVCYKsLpu7f_9OHFxoxPvbbiYpG0WL5%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%2C%22pba%22%3A%22E1WVWj353yVMfCu9O5U7GYJAilKoU3obzEJtOt4bUZQ%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bfb0e551-81de-4474-952d-4c16bcfa606d%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2252f0e42b-871d-4417-a75e-f42eae6329c3%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&us_privacy=1---&coppa=0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

6057716aa3c3b2075c3104e785da83e5e2b4e791fed94afe724d425b575c6757

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: no-cache, no-store, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.xivmodarchive.com
content-length: 276
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 06 Dec 2024 03:48:02 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-116
x-xss-protection: 0

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
239 B 197ms
72ms Fetch
application/json 69.194.240.11
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.xivmodarchive.com/

Response headers

cache-control: private, max-age=0, no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://www.xivmodarchive.com
content-length: 11
date: Fri, 06 Dec 2024 03:48:02 GMT
content-type: application/json

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 42C5 0
0 178ms
59ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 03:41:29 GMT
expires: Fri, 06 Dec 2024 04:31:29 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 169ms
86ms XHR
application/json 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

8bc79f5fe13e411ba69fc768905833b81c727055f48a367754e7f8d2a75e7c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13261
date: Fri, 06 Dec 2024 03:48:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 107ms
32ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 1142534
x-goog-stored-content-encoding: gzip
expires: Sat, 22 Nov 2025 22:25:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Fri, 22 Nov 2024 22:25:49 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC6gFhzOKJ9XBQrDvIJ5kysGknAocr5WLPFvidpPpytXLgN2E3krDpLjK92pjcwWEle1bESl2tSfvg
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 238ms
112ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Sat, 07 Dec 2024 03:48:03 GMT
access-control-allow-origin: *
date: Fri, 06 Dec 2024 03:48:03 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
7 KB 362ms
361ms Fetch
text/plain 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3039388375611400&correlator=3738687994882549&eid=31089193%2C95332150%2C83321072&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fif&us_privacy=1---&iu_parts=308365556%3A22736401783%2Cnitro-banner%2Cnitro-banner-876&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1733456882925&lmt=1733456882&adxs=436&adys=72&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.xivmodarchive.com%2F&vis=1&psz=1600x90&msz=1600x90&fws=0&ohw=0&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlZpX0VPNmdibG9TcFdVLW5UVm9NZWota2xzbjFHVlZaSnNWQ1lLc0xwdTdmXzlPSEZ4b3hQdmJiaVlwRzBXTDVYARI0CgpwdWJjaWQub3JnEiRiZmIwZTU1MS04MWRlLTQ0NzQtOTUyZC00YzE2YmNmYTYwNmRYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFia2JhOThiY2lhZTZnaWJkZGo5NmxkY2xmNzg2a2hkYWFiYWNra2MyamxYARI2CgxhZHNlcnZlci5vcmcSJDUyZjBlNDJiLTg3MWQtNDQxNy1hNzVlLWY0MmVhZTYzMjljM1gBEh0KDmVzcC5jcml0ZW8uY29tGObZ09C5MkgAUgIIZBIUCgVvcGVueBjl2dPQuTJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733456880319&idt=1282&prev_scp=refresh%3D30%26domain%3Dxivmodarchive.com%26hostname%3Dwww.xivmodarchive.com%26contax%3D680%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D23659a8d0f97909%26hb_bidder%3Dttd&adks=3077904116&frm=20&eoidce=1&td=1&egid=6533&tan=b338c26f-ca8a-4dcf-b792-c01798f56500&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

11a9f4812c17dd5e35255ac1a7fac5d34e124f3dd5dba532601818bf9460f008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 03:48:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.xivmodarchive.com
content-length: 7007
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDC3 0
0 247ms
77ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 03:48:03 GMT
expires: Fri, 06 Dec 2024 03:48:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1

85 B
194 B

68ms
67ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c14ded4503efd4bcb0d9de6c6b186891e65bf40f7cf1061fda19400b4153a738

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

etag: W/"55-CRwCPnrGpRHEEJ98lpk8UIOoUms"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.xivmodarchive.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Fri, 06 Dec 2024 03:48:03 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.xivmodarchive.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Dec 2024 03:48:03 GMT
x-powered-by: Express
vary: Origin

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 233ms
90ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 03:48:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 03:48:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 3133 0
0 121ms
47ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 453
content-type: text/html
date: Fri, 06 Dec 2024 03:48:02 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html
fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3988 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 03:48:03 GMT
expires: Fri, 06 Dec 2024 03:48:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 876
tracker.nitropay.com/i/ 0
0 73ms
71ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/876?d=eyJjcmVhdGl2ZUlkIjoiQ0xMWS00MmVrb29ERlJ5b1dnVWRWTHdSY2ciLCJiaWRkZXIiOiJhZHgiLCJkdXJhdGlvbiI6MCwiaGVpZ2h0Ijo5MCwid2lkdGgiOjk3MCwiY3BtIjowLjAxLCJ0eXBlIjowLCJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImNvbW1vbi1iYW5uZXItYWQtMSIsImhyZWYiOiJodHRwczovL3d3dy54aXZtb2RhcmNoaXZlLmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMDE5MzlhMTQtZTYwYi03ODY5LWEwNmQtOTI3MzRlNzRlMzFjIiwiYyI6IlVTIiwiciI6IkZMIiwicmVmcmVzaCI6ZmFsc2UsInRhcmdldGluZyI6eyJfZXhwLmNvbnNlbnQtY29uZmlnIjoiMSJ9LCJ0aW1lVG9SZXNwb25kIjo0MzIsInRpbWVzdGFtcCI6MTczMzQ1Njg4MzMzNSwiZiI6IjE2anF2amkiLCJ2IjoiNWY1ZjNiYSJ9
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 03:48:03 GMT
server: nginx/1.27.0

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 3055 0
0 193ms
59ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 03:43:33 GMT
expires: Fri, 06 Dec 2024 04:33:33 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame AF32 0
0 206ms
84ms Document
text/html 142.251.40.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DNE2YPHgaLBcuCfmXkGY8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DNE2YPHgaLBcuCfmXkGY8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 03:48:03 GMT
expires: Fri, 06 Dec 2024 03:48:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame 371F 0
0 176ms
69ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.xivmodarchive.com&gpp=&gpp_sid=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 03:48:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 2583000
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H3 204 876
tracker.nitropay.com/i/ 0
10 B 115ms
69ms Ping
text/plain 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/876?d=eyJjcmVhdGl2ZUlkIjoiQ0xMWS00MmVrb29ERlJ5b1dnVWRWTHdSY2ciLCJiaWRkZXIiOiJhZHgiLCJkdXJhdGlvbiI6MCwiaGVpZ2h0Ijo5MCwid2lkdGgiOjk3MCwiY3BtIjowLjAxLCJ0eXBlIjowLCJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImNvbW1vbi1iYW5uZXItYWQtMSIsImhyZWYiOiJodHRwczovL3d3dy54aXZtb2RhcmNoaXZlLmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMDE5MzlhMTQtZTYwYi03ODY5LWEwNmQtOTI3MzRlNzRlMzFjIiwiYyI6IlVTIiwiciI6IkZMIiwicmVmcmVzaCI6ZmFsc2UsInRhcmdldGluZyI6eyJfZXhwLmNvbnNlbnQtY29uZmlnIjoiMSJ9LCJ0aW1lVG9SZXNwb25kIjo0MzIsInRpbWVzdGFtcCI6MTczMzQ1Njg4MzMzNSwiZiI6IjE2anF2amkiLCJ2IjoiNWY1ZjNiYSJ9&v=true&t=1001
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.xivmodarchive.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 03:48:04 GMT
server: nginx/1.27.0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030201&jk=3039388375611400&bg=!vL-lv_DNAAaIaF9IqGg7ADQBe5WfOEIKLcbSyDbMWb9WZtNUOuIo2I2v6IDYYxxgd92-ugcZ5X5w_i-ODQt-DEULvtHyAgAAAFpSAAAAA2gBB34ANkBZM7i0IIbHDc344ByFb6-mnje1v86UOytif8eoInLI5fO8VQfI1L1zgbo8jtlm1q4bmId8jpkCon0p-yRQVs-eqcaZ3aJfWe-2YxrkW6PcLOc3lem3XIp7AFYqL1HUaGRiBDbQhwQDTD3Osx6AbeM53JBbSPcl-DBtPjHKjYQ791zvURU_0Kad45LdMabFUr6sOEV0LNFKCC5aFSbqUxO8qWWdfujVEK8WkvZJttm27EDLJNGeh1pMohLy53XuIjOO_vDsj5fOqOzGURlkTioDrLkA0uD6FFoRNM5G5g5JvTM2zhG40OI4hT3ul3TMxsrs26Q1QxszmcFj381CCRqNCW-de2RYDJTAKnOuWICQlnU5pYfCV7YSr6Cd2maaXCQFtekarINFXwr2vtZDGxTJfn_IgmjURz9RUVTShxT3Dxed1QhIiHtrH3tnr0OC6znF267wl6iOxHxfTW7hCGLT9saZsqLDiQfN-MrazTWgyT2QeaxaDG9d7RKEq9WuQWy6WJoYOFoZkJNOEuUVyYrAh0PoPJswEVXE8iKfFLVRlO_iKy6NEfkNdgcdF7Va5TSgmxwNl1M_WV7Mc8nnRvuuNWE0qUQlnYgIj3OgohZBySu27WRgid-QhdAsZtBgduEJZs8AEsTm2bS7X5qcu92BmUG0QvxXLuI8XVf7zzaTkQUrK_VhIFpieBDTEWvrtoElOlH1DTapbT-wxjUwrTeFc3yi9MrdlG8c1kQqW6W36zd8AxS0pCfGMSZgqC22cOmwHLoFLmMoJMNoN812x7Vm18ivDDPh6KF_oN5YmFmUHHNP5bzGYthFkIDitB-dsDgg5WxkEVEEe9WqBFUU852NY-RmSIJHAQWSUV3uI3XSDOsBrwsZ2fTWNo-Cq2dopz4o4e7Gex6ti-ql8_cI5Ak2snfM2KOGhSOfSEVDYo5AQ3u5rLXKbPh5QpReXKUxQuczK9cMuZk_O2yB

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/openrtb_2_5/pbjs/auction	1970-01-21 10:52:32	Name: cto_bundle Value: gladsl9sJTJGOVJNU0NHJTJCUnYySjl1YnVPNGFRRml3QTY2ckZoc2x2T2xheUVtUDc5UDg1JTJGSk9mOVY1RWhINVFwdDBma2RpYW9hSExFZVhLeGNkanJSWVlCSU5nT3hmTU1SR1VlJTJCVUJaYlFtUW9TemwzcVZlVTFvMHNKWUowJTJGZSUyQjM2Z05hbA
.xivmodarchive.com/	1970-01-21 10:16:32	Name: connect.sid Value: s%3AjhBt236dtk2hc7rWBq1a-tJXgqmWCQfu.locW56bOr7pZPwhoR8UKRN%2BCVW%2BqcXV4VEprsbJnyjM
.nitropay.com/	1970-01-21 01:30:58	Name: __cf_bm Value: 4.QbWEdKK2HQvXxQvjDmP1TzLlitb1.3rlR7YDzGEas-1733456880-1.0.1.1-KE5KBMthUCk.ra1kY0LZcENeLWoiaS73RzZLWornOeenCLSvL0DZ10NCkqDD_VTefDJXV1F0PhoV.GMqpUwLWQ
www.xivmodarchive.com/	1970-01-21 01:31:00	Name: _lr_retry_request Value: true
www.xivmodarchive.com/	1970-01-21 02:14:08	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-21 10:16:32	Name: TDID Value: 52f0e42b-871d-4417-a75e-f42eae6329c3
.xivmodarchive.com/	1970-01-21 10:16:32	Name: ncmp.domain Value: xivmodarchive.com
www.xivmodarchive.com/	1970-01-21 02:57:20	Name: nitro-uid Value: %7B%22TDID%22%3A%2252f0e42b-871d-4417-a75e-f42eae6329c3%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-12-06T03%3A48%3A01%22%7D
www.xivmodarchive.com/	1970-01-21 02:57:20	Name: nitro-uid_cst Value: TyylLI8srA%3D%3D
.criteo.com/	1970-01-21 10:52:32	Name: cto_bundle Value: 3d7e_V90ZndWZkZsY1ZVdkNHTGUxbUNjTEFLdWJSWDBSVGVYeWZ4MmVvbkkwVVpWZDcyWWlBWURwbFBKbkV6ZEhyZ1RxV2UxRUhiTENxTHpqcXNqa0ElMkY2U3NTM3UwQnlnS2NzSVEycVVza1hVMlp4VTAlMkJFZ2g2UiUyRkd4SnN4VXFURXhkdA
.xivmodarchive.com/	1970-01-21 10:51:56	Name: cto_bidid Value: wSD1x19TbUJmMEo2eXFYQUZURDd6bzFWdzA1Q3R3VnFlOUMwNUVNWFVQTnNVNyUyRkR5RlBrUTdTN01INzZNdVY5TE1ob1dob0wwJTJCdk95VHJEU1pWOHFDOVdBVkElM0QlM0Q
.id5-sync.com/	1970-01-21 03:40:32	Name: id5 Value: 58e1047a-9db2-72f7-a4a1-8166f1cd0109#1733456881259#2
.adnxs.com/	1970-01-21 03:40:32	Name: XANDR_PANID Value: bLlTzpJE02E5r7nnlQ_5mfLCKHh9Po58l4pEbjsVEPQOShs0iOB0zkXZepfHjLcA3ovJf_4cqp4DGoXzNVKEOtLZ0ukSGpKJ9PRVGPuBXJc.
.adnxs.com/	1970-01-21 03:40:32	Name: icu Value: ChgI5YA9EAoYASABKAEw8ufJugY4AUABSAEQ8ufJugYYAA..
.adnxs.com/	1970-01-21 11:06:56	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:40:32	Name: uuid2 Value: 6704867620229281126
.casalemedia.com/	1970-01-21 10:16:32	Name: receive-cookie-deprecation Value: 1
.go.sonobi.com/	1970-01-21 10:16:32	Name: __uis Value: 43fea08a-a54b-415a-8e3e-e561ce695739
.go.sonobi.com/	1970-01-21 01:32:23	Name: _usd_xivmodarchive.com Value: 057864b6-412d-4945-b12b-ced8229a1e80
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-21 01:30:57	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85116\|Z1Jz9
.sharethrough.com/	1970-01-21 02:14:08	Name: stx_user_id Value: e3118c40-951b-4517-870e-206ab11390fd
.3lift.com/	1970-01-21 03:40:32	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-21 03:40:32	Name: tluid Value: 3685353840619037731379
.rubiconproject.com/	1970-01-21 10:16:32	Name: khaos Value: M4C7GYY0-1C-DDM6
.rubiconproject.com/	1970-01-21 10:16:32	Name: audit Value: 1\|bRmm4TjRDjLNxaTgkJ4QdqS5Bv7H1ouoxdnNVF8ci17vDmtBOwNM+XEuq0u2K3ZFGsEkFDuvFJzO9iGLqItobTOAeVvN3U5AMfhabQi3+koQ8E9QtAPl2iKPLRELhl3xIo8tEQuGXfEbsm1clVNMrQ==
prebid.media.net/	1970-01-21 05:50:08	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 10:16:32	Name: i Value: a73032c3-4a40-4f0d-8765-cd628bcfffce\|1733456883
.xivmodarchive.com/	1970-01-21 10:52:32	Name: __gads Value: ID=f890fc3e2edc0588:T=1733456882:RT=1733456882:S=ALNI_MbENQ1X2rqrzsOeITZXYi3P9fujEQ
.xivmodarchive.com/	1970-01-21 10:52:32	Name: __gpi Value: UID=00000f7cf8a7bcb8:T=1733456882:RT=1733456882:S=ALNI_MawNGUPauD4Nhnm7R60XiUxTLK52w
.xivmodarchive.com/	1970-01-21 05:50:08	Name: __eoi Value: ID=a6a076ab5da215e6:T=1733456882:RT=1733456882:S=AA-AfjYGYF6jISO9PnWf2yPzdtvW
.openx.net/	1970-01-21 01:52:32	Name: pd Value: v2\|1733456883\|vMgavPkWgy
.adsrvr.org/	1970-01-21 10:16:32	Name: TDCPM Value: IAEoAg..
.yahoo.com/	1970-01-21 10:16:54	Name: A3 Value: d=AQABBPNzUmcCEMVrS0WwOytBbzqNE2abTyoFEgEBAQHFU2dcZwAAAAAA_eMAAA&S=AQAAApjwHDDPAPAXrfR6mkHrc1c
.doubleclick.net/	1970-01-21 11:06:56	Name: IDE Value: AHWqTUkeD_xnowUnb-R2TcybqcMje4Z47Vu0evWmn0F2psO4yF_-Xjb_-TjrbQOee6E
.amazon-adsystem.com/	1970-01-21 06:29:01	Name: ad-id Value: A2sgWldSp0j4sFIzVEItopw
.amazon-adsystem.com/	1970-01-21 11:06:56	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-21 05:50:08	Name: APC Value: AfxxVi5neHH-82I_b45g1Iy2-5q_LfNzTBzTfVI-_JtzHRO8D3meog
.doubleclick.net/	1970-01-21 05:50:08	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 10:16:32	Name: CMID Value: Z1Jz89HM5WkAAGzdCRrXsAAA
.casalemedia.com/	1970-01-21 03:40:32	Name: CMPS Value: 5795
.casalemedia.com/	1970-01-21 03:40:32	Name: CMPRO Value: 5795
.doubleclick.net/	1970-01-21 02:14:08	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 10:52:32	Name: uid Value: 1c015c62-3bc7-432d-8a8d-5cebe6e1fd3e
.criteo.com/	1970-01-21 10:52:32	Name: receive-cookie-deprecation Value: 1
.xivmodarchive.com/	1970-01-21 10:52:32	Name: cto_bundle Value: 6X8GmV81aWJlSTRZMWRTV3pDcWVpbHR4JTJCd1BDYmp2a0olMkJLZm05VVZNeHZzRlBGdU5rZHlnRHUlMkZvTXpkTTJ0dnZYVmp6T3ElMkI2RDlvZ3BLdyUyRjZxdiUyRndYSzVCdVByQ3VpUkVXenUxeUduNnlIU1BBRCUyQkNsbDZ3UHFuayUyQmdNQU93RUJNT1RSYnBWRVFFTFZ4dWI1dlJTQm1zbERnSmR3RzdDZjZIaWhOdWMlMkZtJTJGZiUyRndrJTNE

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.xivmodarchive.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00CC100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.xivmodarchive.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F06603CC100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.xivmodarchive.com/ Message: [.WebGL-0x3cd40101dc00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
apex.go.sonobi.com
api.btloader.com
api.rlcdn.com
bt.dns-finder.com
btloader.com
btlr.sharethrough.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent.nitrocnct.com
direct.adsrvr.org
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fastlane.rubiconproject.com
fd1858dad2f03296e200004cd51db94f.safeframe.googlesyndication.com
google-bidout-d.openx.net
grid-bidder.criteo.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
prebid-rtd.audigent.workers.dev
prebid.media.net
s.nitropay.com
securepubads.g.doubleclick.net
static.criteo.net
static.xivmodarchive.com
targeting.unrulymedia.com
tlx.3lift.com
tracker.nitropay.com
www.google.com
www.xivmodarchive.com
ep1.adtrafficquality.google
104.17.24.14
104.18.26.193
104.18.3.78
104.21.64.1
130.211.23.194
142.250.176.194
142.250.80.98
142.251.40.100
15.197.193.217
162.19.138.119
162.19.138.82
172.217.165.134
172.67.134.120
172.67.188.249
18.215.189.254
199.250.161.129
2602:803:c002:200::32
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::ac43:266a
2606:4700:10::ac43:b9a
2606:4700:20::ac43:4513
2607:f350:3:2569:0:10:0:200a
2607:f8b0:4006:81c::2001
2607:f8b0:4006:823::2001
2620:100:a00b::12
2620:100:a00b::4
2620:100:a00b::9
2a04:4e42:400::485
3.233.183.24
34.102.146.192
34.107.165.188
34.120.135.53
34.120.63.153
34.98.64.218
35.244.144.25
68.67.160.75
69.194.240.11
74.119.117.17
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0e0ffdb171c096b21717beed41835ac34d7b1574028000946b449317bd1b87dd
0e174cb91f2e0626652398daf0b356f41ad160451fac599ffad7a332c0c0fb8e
0e2d4015a90989a601de051e55d191e887c78060f82dd442e5a369ff078cb03d
11a9f4812c17dd5e35255ac1a7fac5d34e124f3dd5dba532601818bf9460f008
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
18f098db92e0c7c5dac7e28f2b524acff0b797dbb961e315c3b22925e941e3de
1e211e1d430b5f48fbf3ab0adcc7e04d04c7956a9be187b29152ce7364d7f6ca
20ea5a22994d65dd83cce484c63bb3551de5d72f4476db997b891ee48cdf0984
24ce66c05e7a78e1364ea035e83ef617bc10490f39096ec6ebbb34cef11f8e36
2562b85da57c0db1ae8e20f124c5537cb86241ac2c887d8ad7da389a374b066e
26ad7573f0aecdf0e7f9602f2b5080c1fb933560bebca5a75cd82f2fe931ff85
3078d9b88bc38c21c1b55758adfd511380294e99706dc75f845d1ebb38f6d7a0
3aa2aa356dbfc442cbdd771f2f104fec936221a2797ae1cf367d0e0a8c9d0d51
3aa69afef86f53f2bb8858ca31b2c6a634eb7bf0c12a17d84cb37be1ecc9db0a
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
4ed96ebda939635b7f388a4e5f5b2faea1cd9b24f558a3395329f803edb545a4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
59d2475ff339beda406da1f113eae87b674d5ab10b13e6bab6eef92600067e8a
5eb83a11e6615348e6e13ae233beb888860e53826fe38d70f782f7136aa3dce1
6057716aa3c3b2075c3104e785da83e5e2b4e791fed94afe724d425b575c6757
708145609f66add7242410f9a591beaa5a2f258f7aba910dff1545c56eac039a
7220291de822454cf662acd44c333d9a10c71ed33e40b4d6069a4b9c0038b54b
767ff84471afb1aca2bc7063a2e83990b5d664e475a1e1ea6d7b38d5e2cf9e78
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54
83da31c098308a0ecbf581e05bbbacaec20cae997c260cb8f3ee78676e9125b9
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84cb3c76f4fd4c6a5129aa014e814e0826a86b53e548edb8372249c1f432da48
84e61441effe1acd86cc5ccb8666919fe788165442d3f45544a8b29b36b889ec
866cfebfabe1cf6c3c7567c6b3de65e33c397a5a03489c9e54f87ba84efee1a3
8bc79f5fe13e411ba69fc768905833b81c727055f48a367754e7f8d2a75e7c4d
8e1f07664cc5495e6d1b6e96166b091dc31f0533d4895f8e4455f483b496ebe9
9ee478d56f99ed50199f86ce0322c6bcc3c7ded94d08deb07c769059012e2097
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a4401aae4b15569fbacfc877c1004bbd8ac7c168343e1a82c60b58af392d8b37
a7f008ce56edc514447e78d41ada4028631de506beea779f2ad593ecaac9fa11
a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b
adf5f6cf0785e4dc4e1704b8d21de5289daa89ab75e60fe8c440feeb3bd06a9f
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b0ac7f46536b9c97219b1e67bcb29296ca1978b8a36a1043fa60d87821af7940
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
bd1d3ba47a4cce9560d06f1b3afff241d334211f7383d20e5a9b44252d3e5673
be6a8b95ab511d44817843017543b4e5d0dfc6b5c648867b65741cb210afe0dd
c14ded4503efd4bcb0d9de6c6b186891e65bf40f7cf1061fda19400b4153a738
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c407dbb68ae12f98488a7ba46b97d8ca10587a1ef204c7275b88a2af87836d57
c9bd2216bea9af3c34417192765b07b6f2b63f53f2d2eeaadbf2e70dc9889977
cef9877f9e7495ff0fb43e162cfdf9932fe44ab5f0262f806e58ce2a37324a45
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7
dce36453a27ede2e8291c3090c2eae196722e1ad3634bfd57ce60751d1ccd9bf
e106d291a7b80d1e93e2d72ad2e55238a3d5abe8a9b481c84c5d3afad54c53f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc
f588e48ebef6e19f73b535c4302e2343eba07f9b429816870b210a8456ef694d
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fcef9c38a2fa88a145ad3f40fb83d58a792e9f9068dd68d1b28c37ce3f0540e4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.xivmodarchive.com Open in urlscan Pro 2606:4700:10::ac43:b9a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

96 %HTTPS

33 %IPv6

30 Domains

40 Subdomains

40 IPs

3 Countries

1240 kBTransfer

3026 kBSize

47 Cookies

3 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xivmodarchive.com Open in urlscan Pro
2606:4700:10::ac43:b9a Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

96 %
HTTPS

33 %
IPv6

30
Domains

40
Subdomains

40
IPs

3
Countries

1240 kB
Transfer

3026 kB
Size

47
Cookies

83 HTTP transactions
0 data transactions