urlscan.io logo urlscan.io
SecurityTrails logo

xivmodarchive.com Open in urlscan Pro
2606:4700:10::ac43:b9a  Public Scan

Go To Rescan Add Verdict Report
URL: https://xivmodarchive.com/modid/95513
Submission Tags: 0xscam
Submission: On September 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 2606:4700:10::ac43:b9a, located in United States and belongs to CLOUDFLARENET, US. The main domain is xivmodarchive.com. The Cisco Umbrella rank of the primary domain is 655825.
TLS certificate: Issued by WE1 on August 20th 2024. Valid for: 3 months.
This is the only time xivmodarchive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:244... 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.244.144.25 396982 (GOOGLE-CL...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.185.102 15169 (GOOGLE)
2 130.211.23.194 396982 (GOOGLE-CL...)
41 13
12    2606:4700:10::ac43:b9a (United States)

ASN13335 (CLOUDFLARENET, US)
xivmodarchive.com
static.xivmodarchive.com
4    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    2600:9000:2447:ca00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
3    2600:9000:2491:fe00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
2    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    35.244.144.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.144.244.35.bc.googleusercontent.com
tracker.nitropay.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
consent.nitrocnct.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
12 xivmodarchive.com
xivmodarchive.com — Cisco Umbrella Rank: 655825
static.xivmodarchive.com — Cisco Umbrella Rank: 830628
947 KB
7 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 25426
tracker.nitropay.com — Cisco Umbrella Rank: 24310
217 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1573
api.btloader.com — Cisco Umbrella Rank: 1813
30 KB
4 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 24092
rumcdn.geoedge.be — Cisco Umbrella Rank: 3243
169 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
295 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
43 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
ad.doubleclick.net — Cisco Umbrella Rank: 210
181 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
1 KB
2 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 51505
115 KB
41 9
Domain Requested by
7 xivmodarchive.com xivmodarchive.com
6 s.nitropay.com xivmodarchive.com
s.nitropay.com
5 static.xivmodarchive.com xivmodarchive.com
4 cdnjs.cloudflare.com xivmodarchive.com
cdnjs.cloudflare.com
4 cdn.jsdelivr.net xivmodarchive.com
3 rumcdn.geoedge.be s.nitropay.com
rumcdn.geoedge.be
2 api.btloader.com btloader.com
2 ad-delivery.net xivmodarchive.com
2 consent.nitrocnct.com s.nitropay.com
2 securepubads.g.doubleclick.net s.nitropay.com
2 btloader.com 1 redirects xivmodarchive.com
1 ad.doubleclick.net xivmodarchive.com
1 tracker.nitropay.com s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
41 14
Subject Issuer Validity Valid
xivmodarchive.com
WE1		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
nitropay.com
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M03		 2024-07-12 -
2025-08-09		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.nitropay.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh
nitrocnct.com
WE1		 2024-08-16 -
2024-11-14		 3 months crt.sh
ad-delivery.net
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
api.btloader.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://xivmodarchive.com/modid/95513
Frame ID: 31EF03C30F548CB262743214F2004FE0
Requests: 39 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: BBBC7E6151C89844B9F8AABE7671AE5B
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 502A81E7CA1BF9681BCFB0C3DE3C36BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

98 %
HTTPS

77 %
IPv6

9
Domains

14
Subdomains

13
IPs

2
Countries

1998 kB
Transfer

4814 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://btloader.com/tag?o=6278260873756672&upapi=true HTTP 302
  • https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 95513
xivmodarchive.com/modid/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b9fc8408ea4bafbc170908892bd2700e5bf4b31dec4a738924725d3ec72446d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8bc3e09398d0d362-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 01 Sep 2024 08:26:46 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725179205&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=IQzfi%2F%2F7i4pejvWGOdz%2BmRDCTN17HSlBRn6PgF3apYw%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725179205&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=IQzfi%2F%2F7i4pejvWGOdz%2BmRDCTN17HSlBRn6PgF3apYw%3D
server
cloudflare
vary
Origin
via
1.1 vegur
x-powered-by
Express
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 		158 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xivmodarchive.com/
Origin
https://xivmodarchive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14835226
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24176
x-served-by
cache-fra-eddf8230063-FRA, cache-lga21931-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHY058VT2NcriljlcWd21pVDTn3yJseQNQsy81hXBQrOF75EF5wSs9CRT3yztxNRH8cyuh65QfLLePpvCNHba%2BAc3y371AHWDgc1Kf8%2BiJhQFjBLdAoPT%2BADhs39cF94bnVXJFsaPSaafF2z9xw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0964bd118e2-FRA
jquery.min.js
xivmodarchive.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/js/jquery.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://xivmodarchive.com/modid/95513
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
435217
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724743989&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8ffnb1Y1p8eIZowfIFWLbyZmkWHHsnZNOyd3Bx15xZA%3D
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
server
cloudflare
etag
W/"15d9d-1912ba613b0"
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724743989&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8ffnb1Y1p8eIZowfIFWLbyZmkWHHsnZNOyd3Bx15xZA%3D"}]}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
cf-ray
8bc3e095ff3dd362-FRA
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xivmodarchive.com/
Origin
https://xivmodarchive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
813034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYtfoo9C2MUj442fi5LRbfanh6DikwO0lmoW%2B7fOkCE06fGUprgiur5EUKhkObeMJbEmKBpRvCgca9rVfhJ9uLOvFGuflRvqO%2B5fqsI1FlLLgEr6lAPXkUcMZVL1AQRwcc0uFKs3IQi%2FU%2FiYtgsL4pdQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0961d8518f5-FRA
expires
Fri, 22 Aug 2025 08:26:46 GMT
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xivmodarchive.com/
Origin
https://xivmodarchive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14826400
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15306
x-served-by
cache-fra-etou8220082-FRA, cache-lga21927-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esgtUAYCeAP7mK0aOm3PeGGI6VlOS4ZDkEDGC7dyVZfR%2Bq7NEJTEIXBB8vpZ%2FtCF1PcrI4ADqGaCMaKw9tCPra58hk22MtgYFUsDMGOIYsa9xdTqhikMNSS5y4WXBOLwSkAofb2mjLh4YhLDuHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0964bd218e2-FRA
common.js
xivmodarchive.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/js/common.js?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
26ad7573f0aecdf0e7f9602f2b5080c1fb933560bebca5a75cd82f2fe931ff85

Request headers

Referer
https://xivmodarchive.com/modid/95513
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
435217
cf-polished
origSize=7830
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724743989&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8ffnb1Y1p8eIZowfIFWLbyZmkWHHsnZNOyd3Bx15xZA%3D
cf-bgj
minify
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
server
cloudflare
etag
W/"1e96-1912ba613b0"
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724743989&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8ffnb1Y1p8eIZowfIFWLbyZmkWHHsnZNOyd3Bx15xZA%3D"}]}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
cf-ray
8bc3e095ff40d362-FRA
ads-876.js
s.nitropay.com/ 		501 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-876.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb08a2c3e7e87d3fc15a2bbd9efff0f7a912ffa3519ca5b101d99693c57261a4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1724163449
age
109215
x-guploader-uploadid
AHxI1nN23VTZZm0k-QKIcG1Sk2f4Wr_zU_0gis8JN3gqMmkxDAnf79afMXUbneJs-sOBYHByj1Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 31 Aug 2024 02:04:05 GMT
server
cloudflare
etag
W/"1498bb46d0834148d1803c7d614323b0:1725069845000"
vary
Accept-Encoding
x-goog-generation
1724164179228813
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=OcwC1g==, md5=FJi7RtCDQUjRgDx9YUMjsA==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
507984
cf-ray
8bc3e096df77d2cb-FRA
expires
Sun, 31 Aug 2025 02:04:21 GMT
main.css
xivmodarchive.com/stylesheets/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/stylesheets/main.css?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5ffef28671c38dbad6c6df45af137fd7743104985b8f2661bb27969ab184403

Request headers

Referer
https://xivmodarchive.com/modid/95513
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
435217
cf-polished
origSize=11255
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724743989&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8ffnb1Y1p8eIZowfIFWLbyZmkWHHsnZNOyd3Bx15xZA%3D
cf-bgj
minify
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
server
cloudflare
etag
W/"2bf7-1912ba613b0"
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724743989&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8ffnb1Y1p8eIZowfIFWLbyZmkWHHsnZNOyd3Bx15xZA%3D"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
cf-ray
8bc3e095ff38d362-FRA
bootstrap4-toggle.min.css
cdn.jsdelivr.net/gh/gitbrent/bootstrap4-toggle@3.4.0/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/gitbrent/bootstrap4-toggle@3.4.0/css/bootstrap4-toggle.min.css
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861d5f5dd593e3e6afe675bd653d1b9ccf76ef36e95944498df5ce1ca1eef3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
448376
x-jsd-version
3.4.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
835
x-served-by
cache-fra-eddf8230052-FRA, cache-lga21922-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"acd-dmswDEC+VtC+AzRRjR5lRWuOdg4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vk9g3STfVnUHHqvA9rSZ9Ov6M6eNF6xvSstdj8t1VhIQDtVQvw1is8T3gI15eY1kxtPuAdf%2Fu4Fog0kacNB6wA%2BBIiY26i%2FxsxH7qy1pXE81a4bpCIRJUUDx2vKYXmCWWlkMFMx4Bz1ETTjaERM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e096481cd362-FRA
bootstrap4-toggle.min.js
cdn.jsdelivr.net/gh/gitbrent/bootstrap4-toggle@3.4.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/gitbrent/bootstrap4-toggle@3.4.0/js/bootstrap4-toggle.min.js
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fad055ecb0c091a2bd06956872dca3da764b0a57217de416651f02e105a00a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
448261
x-jsd-version
3.4.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1398
x-served-by
cache-fra-etou8220029-FRA, cache-lga21929-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1069-mvGcnOz97hsI6AmuJkK9+liauOY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5TzqRovy6%2BTAWNJW6mqNBRo4JNiL8FSWE5lodX1kGzziMO12Zi6EFu%2FZJhixVYqmMaQY2u6u0HY%2Bg0r1ltzHRvMJpbz%2BeuFlZMD4859X%2B8tReHgOV%2FQvoL3U9CAJAgvcxIB84wLBuskMQQ9sgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0964822d362-FRA
spinner.gif
xivmodarchive.com/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xivmodarchive.com/spinner.gif
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b

Request headers

Referer
https://xivmodarchive.com/modid/95513
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
430284
cf-polished
origSize=84548, status=vary_header_present
x-powered-by
Express
content-length
63162
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724748922&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=W%2Ff1qruNYdmBessvpy5SrrTAXi21YRB%2BhnoHrR%2FL%2BaE%3D
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
server
cloudflare
etag
W/"14a44-1912ba613b0"
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724748922&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=W%2Ff1qruNYdmBessvpy5SrrTAXi21YRB%2BhnoHrR%2FL%2BaE%3D"}]}
content-type
image/gif
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8bc3e095ff41d362-FRA
73754ee7-538d-4b69-a62d-15136e39db2c.jpg
static.xivmodarchive.com/mod-images/ 		732 KB
733 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-images/73754ee7-538d-4b69-a62d-15136e39db2c.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b5e5949b0bd8f58ee0db5633c36b267fcc6307a7605ac0dd477cfd06ec1250
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000000000002a9d57f7-0065f20ae7-41e2cfd5-nyc3a
age
324100
cf-polished
origSize=806087, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition
inline; filename="mod_95513_73754ee7-538d-4b69-a62d-15136e39db2c.jpg"
content-length
749595
cf-bgj
imgq:100,h2pri
last-modified
Sun, 24 Dec 2023 08:58:20 GMT
server
cloudflare
etag
"5ec4ac8e1475dd4052d518083f853e0d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control
public,max-age=31536000,immutable
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
8bc3e0960f67d362-FRA
blobpeek.png
xivmodarchive.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xivmodarchive.com/blobpeek.png
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc

Request headers

Referer
https://xivmodarchive.com/modid/95513
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
434662
cf-polished
origSize=9135, status=vary_header_present
x-powered-by
Express
content-length
5008
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724744544&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8lND1eSkevBMrmHoXagF2xjPtZft9bEbftaZ3VCI1sU%3D
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
server
cloudflare
etag
W/"23af-1912ba613b0"
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724744544&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8lND1eSkevBMrmHoXagF2xjPtZft9bEbftaZ3VCI1sU%3D"}]}
content-type
image/png
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8bc3e09688f5d362-FRA
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://xivmodarchive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
908960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxUCJinJR%2B0pwRYpCUwXzapaj1tg40XAo%2FY5VPKD4wckFCWsL5cIbctayK5%2FZwobgz5t8TPeo5OeKBUUgcqjNE8kQd7iloOgvGbO5jnKi%2B1B%2BYSOGjIll4%2FdOSJqT%2BVI6SwPjz2N6yexxrpjj52Aiwjm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0969e1418f5-FRA
expires
Fri, 22 Aug 2025 08:26:46 GMT
3547cc38-2520-48a2-b542-31f3ea7bf3ec.jpg
static.xivmodarchive.com/user-avatars/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/user-avatars/3547cc38-2520-48a2-b542-31f3ea7bf3ec.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c572478eb9e0c64da64145e56fa53dce9ea566a75b1479d9ecab624815e83c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000047a98c4-00663d3803-46befb12-nyc3a
age
326705
cf-polished
origSize=25473, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition
inline; filename="mod_undefined_thumbnail.jpg"
content-length
24634
cf-bgj
imgq:100,h2pri
last-modified
Thu, 09 May 2024 20:54:26 GMT
server
cloudflare
etag
"f6c2740204bd3ddbfe5857ba4ba747f0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control
public,max-age=31536000,immutable
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
8bc3e096c997d362-FRA
ef6ee164-7a19-4d5a-8bed-b6b5c437ce59.jpg
static.xivmodarchive.com/mod-thumbnails/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/ef6ee164-7a19-4d5a-8bed-b6b5c437ce59.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4018d1b75bc34619b76717d0db4eaaf94a81ce6517b4383fe5827c622d258b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000000000000002b9f2d8-0066c7a639-4896812e-nyc3a
age
410459
cf-polished
origSize=32531, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition
inline; filename="mod_84707_thumbnail.jpg"
content-length
30705
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Aug 2023 11:53:53 GMT
server
cloudflare
etag
"f861525a2ba29be33cbc6d541ad24374"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control
public,max-age=31536000,immutable
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
8bc3e096e9fed362-FRA
7fa9c8b6-5093-4b76-b936-c89ce6bf3294.jpg
static.xivmodarchive.com/mod-thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/7fa9c8b6-5093-4b76-b936-c89ce6bf3294.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bce7be7135b59c5c1775a45b7f6df616b7ad4a17c37db545208c2bdcf8e055a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000000000000c6c2266-0066bd6426-4795e319-nyc3a
age
410328
cf-polished
origSize=23111, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition
inline; filename="mod_79766_thumbnail.jpg"
content-length
22244
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Jun 2023 08:18:23 GMT
server
cloudflare
etag
"79869167503df3bd0aaf8164ff5e06aa"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control
public,max-age=31536000,immutable
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
8bc3e096ea03d362-FRA
abe29120-e449-4383-9b97-c4b27b7f6c3a.jpg
static.xivmodarchive.com/mod-thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xivmodarchive.com/mod-thumbnails/abe29120-e449-4383-9b97-c4b27b7f6c3a.jpg
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdee7ccafc384961dd177cd1abd78af03edca0e3129ac0ef834bfd18ae30f7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000000000000a56aad7-0066b528be-4795e319-nyc3a
age
404339
cf-polished
origSize=23805, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition
inline; filename="mod_91167_thumbnail.jpg"
content-length
22928
cf-bgj
imgq:100,h2pri
last-modified
Sat, 06 Jan 2024 11:02:01 GMT
server
cloudflare
etag
"2157be7e93656fca2192ec0b1492965f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control
public,max-age=31536000,immutable
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
8bc3e096ea07d362-FRA
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://xivmodarchive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1426308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156496
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-26350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzIN0204DZGcBX%2ByX0mQuBY%2FzVNRf%2BlyxvL7iSpeWHr%2Biaga00ataWR5LF7vpHSuDmz%2BVQW71CzNZ56SHM%2BQL3SRQ2pax4AASLJ4IovIR2aBBsSScKGiDOXFSs%2FMhRPSFFBBAZ98iBuc1PnTGq4aQnLi"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0971e9c18f5-FRA
expires
Fri, 22 Aug 2025 08:26:46 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://xivmodarchive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
813020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
117372
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-1ca7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lv%2F8OixC1Wu0bqNw0c1hIIcAtOQLDzGYHGBgor3%2FX6o7Fbehof8iHAKWx0s7YP%2BMY3s8qi0vlXfzs5cOYB9QGRGeqnxhVN%2Felg9D8K7eiIZpeatJTm5pcAa%2B1nSStlQrFGhc3mhO3ozMInOX1ptWB60y"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc3e0971ea218f5-FRA
expires
Fri, 22 Aug 2025 08:26:46 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:ca00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Sun, 01 Sep 2024 03:40:29 GMT
via
1.1 327603281c948cac70b552029adb2e26.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
71013
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
F1OEbUmSIYka02zryIo6b7xsGT0La0HoE204NrkQCPQt2vRp0wUkug==
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame BBBC 		478 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:fe00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c28da77dfd4ab2cd56d262b6c39b83d49b9283072b39b91291d9dc4dc681ec0a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:31:48 GMT
x-amz-version-id
C6c64ZAXrDO53TXutQZUY5hC.cZvl5VV
content-encoding
br
via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3299
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 01 Sep 2024 07:07:20 GMT
server
AmazonS3
etag
W/"1390023cd2168bfd65d2df9ac27f5ba8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
zOXYvWkWrklPlL4ETcvRZI2OYq9C72sLFI-gmYMX9eV-Szk1CegylA==
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?o=6278260873756672&upapi=true
  • https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true
102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac37eb86328329795af06f8a10fb054c9782ba168ab4302ec402ab9183a7c5f2

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 01 Sep 2024 07:57:35 GMT
server
cloudflare
age
1600
etag
"0e27a40befff4a7c8de2c8144515b0f6"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8bc3e0999a6cd2b7-FRA
content-length
29630

Redirect headers

date
Sun, 01 Sep 2024 08:26:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8bc3e09949b8d2b7-FRA
content-length
143
expires
Thu, 01 Jan 1970 00:00:01 GMT
grumi-ip.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:fe00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
469b20e8c4563baef08f32e079c54fc4ec031b9340bc6908b07c13ed416990dd

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:31:48 GMT
x-amz-version-id
96eJMrLrZnZ_GcLaXVgVsKnsvXKKMe4C
content-encoding
br
last-modified
Mon, 05 Aug 2024 08:54:35 GMT
server
AmazonS3
via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"c1f96a4d4cd34960b4804f32f6d3f6bc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
3298
x-amz-cf-id
Ln-f58KQhUtu7lcpSW5_8IkvHnLOEhd0DPpdEdFNcJpfir4U8flWFg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54572c89222707b6ecd5c5be33bc32040bd62600063b3b59f80b818243fad483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32481
x-xss-protection
0
server
cafe
etag
13 / 19967 / m202408270101 / config-hash: 12776032365580462639
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 Sep 2024 08:26:46 GMT
gpp-8bc1491.min.js
s.nitropay.com/ 		261 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/gpp-8bc1491.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08717869cc163e331b27ce72479a3fc253deb49f6be1ae39830dc91618785b3c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
531023
x-guploader-uploadid
AHxI1nOq3LeRWsdGiSQOUesqJSpCm3sDGqc7UiBALIdgo68c3WR5T3DXtlWTbyIH9bndQvvXhg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Aug 2024 15:33:15 GMT
server
cloudflare
etag
W/"41e6bd84315f05f9fc6724a1a9870719"
vary
Accept-Encoding
x-goog-generation
1722612795908107
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=89bdww==, md5=Qea9hDFfBfn8ZyShqYcHGQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
267609
cf-ray
8bc3e0990d39d2cb-FRA
expires
Mon, 02 Sep 2024 04:56:23 GMT
876
tracker.nitropay.com/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/a/876?d=eyJocmVmIjoiaHR0cHM6Ly94aXZtb2RhcmNoaXZlLmNvbS9tb2RpZC85NTUxMyIsInYiOjE4LCJhIjpmYWxzZSwicyI6dHJ1ZSwiYyI6IkRFIiwiciI6IiJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 google
server
nginx/1.27.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.gif
s.nitropay.com/ 		42 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
531125
x-guploader-uploadid
AHxI1nOFZX-iE77H5qvAtP8J8ZH0xNbuw406q_48j1O3UhnIPSJqB7dWJbrodc7hdMqH40OZQC4
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
8bc3e0995e42d2cb-FRA
expires
Mon, 02 Sep 2024 04:54:41 GMT
additional-consent-providers.csv
consent.nitrocnct.com/ 		116 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-8bc1491.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
147352
x-guploader-uploadid
AHxI1nMkx8i1fbagBbSaXK91XAzP-nqmEhW95k5WluuSbJY-fD_VxeU_yBLBCR0qct-XzGpqVUw
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
server
cloudflare
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary
Accept-Encoding
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation
1689147090287559
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mFBsCQuwqBPpak%2BnNaHhtDYSPzxTwfRWPIofeugTSRVClRGEvVQ7208tHExqhYUWnpPutmbZcFzlaip5%2FmeLDQxQ6ueEMe4IQQa%2FeEOHypwcnx%2FMoSs7wAWrEEryB9XhHv9JKOfnQGI2rcr5u0gZjle9rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
public, max-age=604800
x-goog-stored-content-length
119221
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray
8bc3e09a3cfa903c-FRA
expires
Fri, 06 Sep 2024 15:28:13 GMT
vendor-list-v3.json
consent.nitrocnct.com/ 		629 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-8bc1491.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b8dcd9bdf23616663feff2b308f4dc8a744a794a3eb13be878c5e1d81f0ea7a

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
147352
x-guploader-uploadid
AHxI1nN48AWQwFvtv6M6vhaM2YLMsdEaY_yZccZKejxtkrAoW8HA7hCrqOa_wXs3bimuX7-61vWLB81xrw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 30 Aug 2024 13:57:44 GMT
server
cloudflare
etag
W/"1bb5f7ddf863a843f11cdc1b11967f20"
vary
Accept-Encoding
x-goog-hash
crc32c=NxAv5Q==, md5=G7X33fhjqEPxHNwbEZZ/IA==
x-goog-generation
1725026264061391
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1o1KkbUbOWekqhfsJauftRrIZhO1phhOlIkW%2B8YKYhL8tAu%2BPmqrM4rsBzLTbk5wHwQl3G4Dh16PRs6Oigj2ixGhuTuO4RHYRGjPouwIs%2FAgYZBLD8LFQBObKX7lc98MALzho2Ow4TtX%2BKLueTuYCxg%2FQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=604800
x-goog-stored-content-length
643742
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray
8bc3e09a3cf6903c-FRA
expires
Fri, 06 Sep 2024 15:30:13 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/ 		479 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eea1688602474180b02e1a6c1e9b2058c98622f78d3d9b9e55211258723e9c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 10:27:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
79175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152754
x-xss-protection
0
server
cafe
etag
3412434405602474095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 31 Aug 2025 10:27:11 GMT
px.gif
ad-delivery.net/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378165
x-guploader-uploadid
ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2voEEsAnKSXEJspdhOkO3%2FeYOfFyYQehhF1IFELlTaAWTrqy%2BK9LswIatTlanpw%2BA1%2BPcbK%2FMSeHcO%2Ftls3dzRZwd0B9H8ph4YHKCZnbo%2BVa61%2Bt9qQmyVXfSukHjH%2FRnvJji29zWjoXJPqD2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8bc3e09a4f02363b-FRA
expires
Wed, 28 Aug 2024 00:20:20 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 21:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Sep 2024 21:30:39 GMT
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.12108190259893359
Requested by
Host: xivmodarchive.com
URL: https://xivmodarchive.com/modid/95513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378165
x-guploader-uploadid
ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awNidT%2FqsbtJrUXNDdm%2BM7VJeTiD5rSzC2uo%2FbtzVZxqKx1eF%2FPZ5G0I1lCWUi8A3nyvK5uEjRf0fjmOkH2uEH90EWgMmgPDh7TQ9UGj225iutQLL0ii9h8GyzFJP19JT13UGWipEjsmPWkPFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8bc3e09a4f01363b-FRA
expires
Wed, 28 Aug 2024 00:20:20 GMT
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 502A 		478 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:fe00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c28da77dfd4ab2cd56d262b6c39b83d49b9283072b39b91291d9dc4dc681ec0a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:31:48 GMT
x-amz-version-id
C6c64ZAXrDO53TXutQZUY5hC.cZvl5VV
content-encoding
br
via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3299
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 01 Sep 2024 07:07:20 GMT
server
AmazonS3
etag
W/"1390023cd2168bfd65d2df9ac27f5ba8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
zOXYvWkWrklPlL4ETcvRZI2OYq9C72sLFI-gmYMX9eV-Szk1CegylA==
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=NPP9HcpRmz&w=6219774819303424&o=6278260873756672&cv=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fxivmodarchive.com%2Fmodid%2F95513&sid=ZjAAr9yaM&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 01 Sep 2024 08:26:46 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
favicon.png
xivmodarchive.com/ 		510 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xivmodarchive.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7

Request headers

Referer
https://xivmodarchive.com/modid/95513
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
434661
cf-polished
origSize=2271, status=vary_header_present
x-powered-by
Express
content-length
510
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724744545&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=XFH7sX2dlNoWYrjFrsDgmZKGcKDCpaBg%2FsvlI4VweCs%3D
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Aug 2024 07:03:10 GMT
server
cloudflare
etag
W/"8df-1912ba613b0"
vary
Origin, Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724744545&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=XFH7sX2dlNoWYrjFrsDgmZKGcKDCpaBg%2FsvlI4VweCs%3D"}]}
content-type
image/png
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8bc3e09a8c11d362-FRA
lang.png
s.nitropay.com/cmp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/lang.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
608
x-guploader-uploadid
AHxI1nM_0r2QNmlMrcBNNJdspku2Elsj3ISj5afDLdVODmlukyzIab95JgU_f1SXBQgl1q1pQW8D28FG0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1887
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"ca072a3965f49a2c242c45d535163a53"
vary
Accept-Encoding
x-goog-generation
1666344058779792
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1887
accept-ranges
bytes
cf-ray
8bc3e09b0b27d2cb-FRA
expires
Sun, 01 Sep 2024 08:45:21 GMT
cancel.png
s.nitropay.com/cmp/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/cancel.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2087
x-guploader-uploadid
AHxI1nPZY4jcF7HA3F652QZRykQ-MqZzYq3vid1Z0dOpyXHNhfL46VUeXWid-caBMnU3AMur7DhkxpiPIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1302
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
vary
Accept-Encoding
x-goog-generation
1666344058825998
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1302
accept-ranges
bytes
cf-ray
8bc3e09b0b2cd2cb-FRA
expires
Sun, 01 Sep 2024 08:07:13 GMT
logo.png
s.nitropay.com/cmp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://xivmodarchive.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 08:26:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
608
x-guploader-uploadid
AHxI1nMMh3oKpeYKkJQGcjvHh5cuxScIqChalxw7XDx8aawBNT-znus_cYF25XDW0w5fpwNtYzI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2592
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"940aa5b81e99bbb7414acc474a89bad9"
vary
Accept-Encoding
x-goog-generation
1666344058842900
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2592
accept-ranges
bytes
cf-ray
8bc3e09b0b2ed2cb-FRA
expires
Sun, 01 Sep 2024 08:40:52 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| Popper object| bootstrap function| showError function| showSpinner function| hideSpinner function| removeNotifyQueryParameter function| removeURLParameter function| handleQueryNotification object| commonNotifications object| notificationQueue function| showNotification function| showNextNotification function| getNextUniqueId function| createProgressbar function| updateProgressBar function| errorProgressBar function| clearProgressBar function| debounce function| trunc object| nitroAds function| getHistoryData function| makeVersionHtml function| openImage function| navigateDownload boolean| _ShowFooter object| ads object| nads object| napbjs object| _pbjsGlobals object| mnet object| grumi object| googletag function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __tcfapi_queue function| __tcfapi object| nitroAdsCMP object| regeneratorRuntime object| dataLayer function| gtag object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init function| __cmp boolean| __npcmp_gdpr object| ggeac object| google_tag_data object| google_js_reporting_queue object| __bt object| __bt_intrnl object| __bt_tag_d object| win object| doc object| google_reactive_ads_global_state boolean| __bt_already_invoked

3 Cookies

Domain/Path Name / Value
.xivmodarchive.com/ Name: connect.sid
Value: s%3AiKkLz6guXEwu7__twUxmitEP7nqfG9-Z.oJ7rLctvEwhGDEhkOivmO2eXIGAaaJ6f6C4gJixA218
.nitropay.com/ Name: __cf_bm
Value: rpomC4EqQD053QRdamHySD5TX6pYXSIzPjnBhZbu27w-1725179206-1.0.1.1-WBUS2bM5L4TVzs0qgl7ztnFF6a2FaFECxFTKyB6OQv__FRkE0MhywPiA1V5guy0DVkVyXbGiQDLq1sVPg5rU6Q
.xivmodarchive.com/ Name: ncmp.domain
Value: xivmodarchive.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent.nitrocnct.com
rumcdn.geoedge.be
s.nitropay.com
securepubads.g.doubleclick.net
static.xivmodarchive.com
tracker.nitropay.com
wrappers.geoedge.be
xivmodarchive.com
130.211.23.194
142.250.185.102
2600:9000:2447:ca00:2:d490:4d80:93a1
2600:9000:2491:fe00:4:b37b:9440:93a1
2606:4700:10::ac43:293c
2606:4700:10::ac43:b9a
2606:4700:20::681a:346
2606:4700::6811:190e
2606:4700::6812:34e
2606:4700::6812:ba1f
2a00:1450:4001:80e::2002
2a06:98c1:3120::3
35.244.144.25
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
08717869cc163e331b27ce72479a3fc253deb49f6be1ae39830dc91618785b3c
26ad7573f0aecdf0e7f9602f2b5080c1fb933560bebca5a75cd82f2fe931ff85
2bce7be7135b59c5c1775a45b7f6df616b7ad4a17c37db545208c2bdcf8e055a
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
469b20e8c4563baef08f32e079c54fc4ec031b9340bc6908b07c13ed416990dd
54572c89222707b6ecd5c5be33bc32040bd62600063b3b59f80b818243fad483
5b8dcd9bdf23616663feff2b308f4dc8a744a794a3eb13be878c5e1d81f0ea7a
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
861d5f5dd593e3e6afe675bd653d1b9ccf76ef36e95944498df5ce1ca1eef3da
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a4018d1b75bc34619b76717d0db4eaaf94a81ce6517b4383fe5827c622d258b4
a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b
ac37eb86328329795af06f8a10fb054c9782ba168ab4302ec402ab9183a7c5f2
b5ffef28671c38dbad6c6df45af137fd7743104985b8f2661bb27969ab184403
b9fc8408ea4bafbc170908892bd2700e5bf4b31dec4a738924725d3ec72446d5
bb08a2c3e7e87d3fc15a2bbd9efff0f7a912ffa3519ca5b101d99693c57261a4
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c28da77dfd4ab2cd56d262b6c39b83d49b9283072b39b91291d9dc4dc681ec0a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7fad055ecb0c091a2bd06956872dca3da764b0a57217de416651f02e105a00a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbdee7ccafc384961dd177cd1abd78af03edca0e3129ac0ef834bfd18ae30f7b
dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b5e5949b0bd8f58ee0db5633c36b267fcc6307a7605ac0dd477cfd06ec1250
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
eea1688602474180b02e1a6c1e9b2058c98622f78d3d9b9e55211258723e9c30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c572478eb9e0c64da64145e56fa53dce9ea566a75b1479d9ecab624815e83c
f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e