Submitted URL: https://www.esoui.com/
Effective URL: https://www.esoui.com/addons.php
Submission: On September 13 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 5 countries across 21 domains to perform 86 HTTP transactions. The main IP is 172.67.82.245, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.esoui.com. The Cisco Umbrella rank of the primary domain is 960490.
TLS certificate: Issued by WE1 on July 27th 2024. Valid for: 3 months.
This is the only time www.esoui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 172.67.82.245 13335 (CLOUDFLAR...)
29 104.26.10.137 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.244.18.38 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:276... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 108.138.6.136 16509 (AMAZON-02)
1 35.244.144.25 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 18.245.31.9 16509 (AMAZON-02)
5 13.33.173.196 16509 (AMAZON-02)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 23.205.176.78 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
86 26
Apex Domain
Subdomains
Transfer
29 mmoui.com
cdn-eso.mmoui.com
274 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 356
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 667
aax.amazon-adsystem.com — Cisco Umbrella Rank: 466
87 KB
8 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 19786
tracker.nitropay.com — Cisco Umbrella Rank: 19425
244 KB
6 esoui.com
www.esoui.com — Cisco Umbrella Rank: 960490
16 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
373 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1469
a.ad.gt — Cisco Umbrella Rank: 1575
5 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3310
3 btloader.com
btloader.com — Cisco Umbrella Rank: 869
api.btloader.com — Cisco Umbrella Rank: 1033
30 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 670
cloudflareinsights.com — Cisco Umbrella Rank: 652
7 KB
2 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 24747
115 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 907
1 KB
2 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 15229
rumcdn.geoedge.be — Cisco Umbrella Rank: 2193
165 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
ad.doubleclick.net — Cisco Umbrella Rank: 153
383 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
3 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 407
95 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1134
72 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 984
28 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1628
12 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1108
17 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10137
63 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4054
86 21
Domain Requested by
29 cdn-eso.mmoui.com www.esoui.com
cdn-eso.mmoui.com
7 s.nitropay.com www.esoui.com
s.nitropay.com
6 www.esoui.com 2 redirects www.esoui.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 www.googletagmanager.com www.esoui.com
www.googletagmanager.com
3 region1.google-analytics.com www.googletagmanager.com
3 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 id.hadron.ad.gt cdn.hadronid.net
2 api.btloader.com btloader.com
2 consent.nitrocnct.com s.nitropay.com
2 ad-delivery.net www.esoui.com
2 sb.scorecardresearch.com www.esoui.com
2 ajax.googleapis.com www.esoui.com
2 maxcdn.bootstrapcdn.com www.esoui.com
maxcdn.bootstrapcdn.com
1 a.ad.gt s.nitropay.com
1 cdn.id5-sync.com s.nitropay.com
1 cdn.hadronid.net s.nitropay.com
1 secure.cdn.fastclick.net s.nitropay.com
1 config.aps.amazon-adsystem.com s.nitropay.com
1 ad.doubleclick.net www.esoui.com
1 tracker.nitropay.com s.nitropay.com
1 btloader.com s.nitropay.com
1 rumcdn.geoedge.be s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
1 www.google.de www.esoui.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.cloudflareinsights.com www.esoui.com
86 29
Subject Issuer Validity Valid
esoui.com
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
mmoui.com
WE1
2024-07-26 -
2024-10-24
3 months crt.sh
bootstrapcdn.com
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
nitropay.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google.de
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
btloader.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.nitropay.com
WR3
2024-08-02 -
2024-10-31
3 months crt.sh
ad-delivery.net
WE1
2024-09-12 -
2024-12-11
3 months crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
nitrocnct.com
WE1
2024-08-16 -
2024-11-14
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
api.btloader.com
WR3
2024-08-02 -
2024-10-31
3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
hadronid.net
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
id5-sync.com
WE1
2024-08-02 -
2024-10-31
3 months crt.sh
id.hadron.ad.gt
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
a.ad.gt
WE1
2024-08-07 -
2024-11-05
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.esoui.com/addons.php
Frame ID: 91775FCCB2FDE49FDF722F0E9DD06EE2
Requests: 81 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 040826A78D0026D483127EAAC1774F84
Requests: 1 HTTP requests in this frame

Frame: https://www.esoui.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: 542F26445B44FC40499C410F864AC6E6
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.esoui.com/ HTTP 302
    https://www.esoui.com/addons.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

86
Requests

99 %
HTTPS

62 %
IPv6

21
Domains

29
Subdomains

26
IPs

5
Countries

1543 kB
Transfer

4682 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.esoui.com/ HTTP 302
    https://www.esoui.com/addons.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://www.esoui.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.esoui.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request addons.php
www.esoui.com/
Redirect Chain
  • https://www.esoui.com/
  • https://www.esoui.com/addons.php
44 KB
8 KB
Document
General
Full URL
https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.82.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0408d7cac595c12416a378f20c78a7a0507c1533c29b47d9b0eabdb1a306e78d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8c2977a078a91ec2-AMS
content-encoding
br
content-type
text/html; charset=ISO-8859-1
date
Fri, 13 Sep 2024 16:20:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
private
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fi5hpE01Y9%2FFTWgeLD4MPaSoDozJKUhvy33%2Bafez3ZWYblKMdgd91JHjlZfgLf0xA7YDcOsMFNTAlm%2FKLfAqvHMtrtYSrob9oeOETVFbH7FI%2FAfMdr0RV3XkiKOFKc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8c29779d983c4d93-FRA
content-type
text/html; charset=ISO-8859-1
date
Fri, 13 Sep 2024 16:20:54 GMT
location
addons.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
private
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55SHojkb1b%2BbsKrpme8TVTZPvWoZhIaPtHWdbs5iEeWDfsYMu%2FOgcr%2BQBsRQ1tHaooQkdixW1koyDU%2BWMu30c4TIwFbCcgumBZSiYzVLajgVtDXskEOxZt0kC7Yiczk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style-8bef555b-00023.css
cdn-eso.mmoui.com/clientscript/vbulletin_css/
62 KB
13 KB
Stylesheet
General
Full URL
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f824a9e1da97c320fdf4143f226f162b3ebe613445565b07fdd203d1fabd660

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=71111
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 18 Feb 2024 00:43:42 GMT
server
cloudflare
etag
W/"92ab2-115c7-6119d44cfa45a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDBmWMNv2rDMNJ78BqeJlD2CQ3eCxz1lS7e2QqlXmf%2FsX4GSAPvdHxPou61A73rFo8buYd36%2FQVsT16xeFOe86MjK4bhlFZv0f3JEwnKI4snhy8b10TV0RWAiqB5jReze3nx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
8c2977a44d83d361-FRA
expires
Tue, 17 Sep 2024 00:54:18 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/
27 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1596415
cdn-cachedat
03/18/2024 12:10:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
08e05320f24d8e808a4ef38c6a818369
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8c2977a41b23d2cb-FRA
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
263 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C6K7HY5EBN
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc418ec1b2def190e581120cc40717f765cb54cf13b248156dde74e1a418cda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94462
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Sep 2024 16:20:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/
89 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:54:36 GMT
jquery.cookies.2.2.0.min.js
cdn-eso.mmoui.com/clientscript/
2 KB
1 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/jquery.cookies.2.2.0.min.js
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e720760eea7b71ebdd65540017d2aa2f8b0639c4fc53ece77c93ef119de72cd

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
alt-svc
h3=":443"; ma=86400
content-length
842
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"929e7-7c4-52ca478a3929c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4yjTCnjxu8TgzJ5wCMo%2BvolgaPL0gyZnhPQfB8D3viQE1Tl%2FXoQstz9brmF7c3mysgLifH0RZWrW81fL9spQ5fhKelG1Sk5KjDQYH7yYolq2Kog7ivsBR5TOG8nWNZzUqEQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5dae7d361-FRA
expires
Tue, 17 Sep 2024 00:16:54 GMT
jquery.overlay-1.0.1.js
cdn-eso.mmoui.com/clientscript/
4 KB
2 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/jquery.overlay-1.0.1.js?v2
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c429832bcfb90f83c4372a9723c5e568fc8ba79b8ee88099bdb6934d1806913d

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=6854
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
W/"929dc-1ac6-52ca478a38597"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCsVuWzwjFqqcCgYmcPukQu0zp4fyElfiZ0TCSCAXqdB4FPcW1YsNChn%2BZr9nz74MVQMC5i%2FjUfEJZTY%2FHa7%2BSJgoJBWeXpA96%2Bs%2FUyUbIDxdLg%2B3%2FvaIhFsf%2F0kOJ3WDEUY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a5daead361-FRA
expires
Mon, 16 Sep 2024 23:01:55 GMT
jquery.lightbox.js
cdn-eso.mmoui.com/clientscript/
10 KB
4 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/jquery.lightbox.js?v2
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f683e5c3a7b0442e5a0fec42959c680a4cc71d49d61c3bf2ca9db6eb4a96b22

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=15917
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
W/"929fe-3e2d-52ca478a3aca7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2VPz1LRs9e6pLoG9pU7XfVl8DXa24kLZ77Ctyv0E%2BcnvsojA%2FqMfFQMxmwmHcwzQ76kXcDBMePt6QeyaapY%2Fwm6VBJz899QE4ZZyy1Y90LmDe3XCoHr%2FoaxdbPhjYDsi%2Bdp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a44d90d361-FRA
expires
Tue, 17 Sep 2024 00:16:54 GMT
site-start.js
cdn-eso.mmoui.com/clientscript/
8 KB
3 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/site-start.js?v3
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f6aa9fe78b402b74f5c7abc935374377fa5806485cde8683b3fef70229e1cc

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=11073
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
W/"929e5-2b41-52ca478a3929c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7SnYW0aLEw42Y8PVHdTduTRqRxDGee6M%2Bvfo4LVHKFGYnFC%2BMVCIR9h9tSixRnwQjp75hdAFBIiy7sh%2Fbs2UktgTHeDM5ySj9xeuZL8W7S2AFCAtr%2FNp6sTpISGuCZsSOcB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a44d8ed361-FRA
expires
Mon, 16 Sep 2024 22:05:55 GMT
vbulletin_global.js
cdn-eso.mmoui.com/clientscript/
23 KB
8 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/vbulletin_global.js?v=3612
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44d20973f67b76b0cf8b4d7c1e5b5875a0ff659f6c7f043184060018d4c02f8

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41981
cf-polished
origSize=43902
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
W/"929d0-ab7e-52ca478a37892"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BufdmXthPibknoyvUVnsGkPiPWhqZXmME51FaNFxpU782ZNLDWak8Kc%2BWE5MCpUfrVfN8X0tmK%2FPzelB5d%2FZi449vEli6xXumm9hVTSEsbKehukBotxekqasRcBw9UpvwmN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a44d8dd361-FRA
expires
Mon, 16 Sep 2024 20:13:46 GMT
vbulletin_menu.js
cdn-eso.mmoui.com/clientscript/
10 KB
3 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/vbulletin_menu.js?v=36122
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345c23155d22f7a687fa1ee7398990272c17bd240cd8cdd5aa4b1b0ab7f666c3

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=17879
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 11 Nov 2020 23:33:44 GMT
server
cloudflare
etag
W/"929cd-45d7-5b3dd39e997e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzIsQnu%2BW6iO%2FHgdV8J3oBifZ5RarJn3PuSOxWvgE%2BTubp4pm34v9eKMIqVk9aoaSCvedIvgu%2B5dsBjeQqvsoGT%2BLQLEijhLiZM0puLlYVx8Ie2M8bybWy6ApWUS5AJBv%2FKH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a44d8bd361-FRA
expires
Wed, 11 Sep 2024 17:34:38 GMT
ads-1639.js
s.nitropay.com/
590 KB
186 KB
Script
General
Full URL
https://s.nitropay.com/ads-1639.js
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a12d6b00de9aaae737c809a08b2a307788cedda626b546de9da87f8cbe907f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1725467600
age
4833
x-guploader-uploadid
AD-8ljv3yeCyhBigwuw1IlDW8FxUGOdLvPuqsaT-_s-m5u1vvskKCTHt4QhMRsUox_SHEjgBvCc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Sep 2024 14:58:22 GMT
server
cloudflare
etag
W/"c125b2bd6bcf02b628e5aef87f078d18:1726239502000:DE"
vary
Accept-Encoding
x-goog-generation
1725468066160184
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=lEB1LA==, md5=wSWyvWvPArYo5a74fweNGA==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
598961
cf-ray
8c2977a62a5c972e-FRA
expires
Sat, 13 Sep 2025 15:00:22 GMT
ncode_imageresizer.js
cdn-eso.mmoui.com/clientscript/
5 KB
2 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/ncode_imageresizer.js?v=1.0.1
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74488034c8380bdce8d84b5a7b4b5d0851ae7c253dd8eb2ebf210dd7798c8102

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=6542
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
W/"929fc-198e-52ca478a3aca7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zFTQnQxUauO%2By0DVr6fEZWtCr6BKSaA8Rc0koR56KknjBXHEQLZk0rOAqAnU9otFlA%2F4m7pzWi%2BnlwCTAaPx9gfPl%2FZJ3Kh3FZRYM1WN550sme%2FwdB3eEqZinACzb2TdZC0A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a44d89d361-FRA
expires
Tue, 17 Sep 2024 00:16:54 GMT
spyglass.png
cdn-eso.mmoui.com/images/style_esoui/layout/
240 B
762 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/spyglass.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490f7f9df846bfd2ba239253a04a901c22e0092e8892cb8b6629863b36a0dab3

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=418
alt-svc
h3=":443"; ma=86400
content-length
240
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731c3-1a2-52ca4789efebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQNcbzO1Nigm66ixK9830LjRDjnK79lO91B9L26fmJr3fi1SvBVml9MXnI%2BDEqolWp3YyCLjErfa6ny7HCEHVOfOSPeSbm2zQcN%2BEu0RYaA210oGOsJQnjbameUN42z%2FjRoS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a4bec4d361-FRA
expires
Mon, 16 Sep 2024 23:13:10 GMT
rss.png
cdn-eso.mmoui.com/images/style_esoui/layout/
645 B
1 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/rss.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce08dbbe002aacf2f95ffea368606d26bf92774169b38dbcfe680ecd2f29050

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272040
cf-polished
origSize=682
alt-svc
h3=":443"; ma=86400
content-length
645
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731bd-2aa-52ca4789ef1b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8R3%2B2s4r77FRiZSNvY4tSwiDu1oxQv2lVyBezeDXz40Y8qGkUrMXSZwUoVAPzF5Reb3XrZ0opBJVH2fjjjjt99bChS43mTL8AUdAPpGmLG81okAiwZVh2egaIcSCrgE%2FZIM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daedd361-FRA
expires
Tue, 17 Sep 2024 02:51:24 GMT
new_3.gif
cdn-eso.mmoui.com/images/style_esoui/downloads/
105 B
627 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/downloads/new_3.gif
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d33688dd5a283f5ec5bc116bf5e9b2b2c0149ba18434eb43343e5eda728c237

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132589
cf-polished
origSize=152
alt-svc
h3=":443"; ma=86400
content-length
105
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"72fb8-98-52ca4789c0b89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaUZ1utJCyzDeS0NnSsVGDVOqJPtXbbPpYJrcHxI8rmGBq2pNKb9OmkccfDZchvI1ty7jF02MV4hc9eOvFTGk6D3V8kfv5LvwzeLGmArkpluy9hSKka2LnG%2Fq3%2BaJaiTttzs"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daeed361-FRA
expires
Wed, 18 Sep 2024 12:02:34 GMT
pvw11409_thumb.png
cdn-eso.mmoui.com/preview/
65 KB
66 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/preview/pvw11409_thumb.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda76b4d79b5a154b452fa482fea32391e76e2db70b619d5fd5243b380d33669

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=68458
alt-svc
h3=":443"; ma=86400
content-length
66655
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Apr 2022 19:33:52 GMT
server
cloudflare
etag
"5669fa-10b6a-5dd93c5d63037"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fmm7zCv3yLWMzl0NWO%2FQ6FtpTpKyBcZcsJio%2F96e3sCnTCuqRIXAwQJ4sE4R8i8bXY26krI0Ov%2FlfwMACSXMhWWfZ22X3t%2BIuS7D5xts9OGVRtzDUIvly4LZCyJ%2BVYrw%2FR9n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a4bec7d361-FRA
expires
Thu, 19 Sep 2024 17:29:00 GMT
twitter-icon.png
cdn-eso.mmoui.com/images/style_esoui/content/
555 B
1 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/content/twitter-icon.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102f99cd38d3bcfc8a8105782d000214b153781dc2f5ab97c46aadb6977a493a

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272040
cf-polished
origSize=1489
alt-svc
h3=":443"; ma=86400
content-length
555
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"72fa6-5d1-52ca4789bf17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaAS%2BDa8n%2FEsyQyRS8T3F4HoC0S9Fsz%2Br5SnLNiaMVM%2Fd7gLS2sWOWx%2FU%2Bbht6jb9dLWEe6wKZzGMy%2BG82fmD%2BxFoWCyqhCxHXdra8YyQpuk3qi2nftWHBqLY82Lz6aDZJ1X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daefd361-FRA
expires
Tue, 17 Sep 2024 02:51:24 GMT
facebook-icon.png
cdn-eso.mmoui.com/images/style_esoui/content/
380 B
912 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/content/facebook-icon.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ed749663f4756c17471e4d29b8632efbb9e8cb7094f6910c7116d1937860810

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
286669
cf-polished
origSize=1289
alt-svc
h3=":443"; ma=86400
content-length
380
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"72fa5-509-52ca4789bf17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlfFmnvqYfZeiJeJx82erpbFfgv27iCTjG%2FsfKTzqX2ZkyTckoNewpzOlF1R3HXCBDmpL6U%2BOPWSP2Gvz%2BEY3VyQ9zRC%2FS6Gry%2FUuNv0ARq0FYzXHlz%2BObageKZAjHscv8Db"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daf1d361-FRA
expires
Mon, 16 Sep 2024 03:52:06 GMT
mmoui-copyright.png
cdn-eso.mmoui.com/images/style_esoui/layout/
864 B
1 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/mmoui-copyright.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6989ae8668b84a33cdaf6c58fbb86ce87f8e284c28ab26dbc646f7a56e5ef87

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=1469
alt-svc
h3=":443"; ma=86400
content-length
864
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731cf-5bd-52ca4789f0bc3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJ%2BNb04V8qlgRl9Bty4x7xYCndz5kdmVc68oRAr6IlxcV0M6uZ8%2F7WbeEsQckeJmOdoVMh28ZYQ4ZSV8ke8DieSkiiwYuS3LABGpkgDkgdZKc4HCZDzj1VDo8CiNGoYZtyal"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daf3d361-FRA
expires
Fri, 13 Sep 2024 14:23:42 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/
235 KB
63 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 19:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Sep 2025 19:21:05 GMT
jquery.dcd.doubletaptogo.js
cdn-eso.mmoui.com/clientscript/
1 KB
1 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/jquery.dcd.doubletaptogo.js?v4
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
879f1461d885e90f7095eff74c1e9fefd2a71c5c8ed550dba6c239c422e3093c

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=2360
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 May 2016 01:00:32 GMT
server
cloudflare
etag
W/"93137-938-5329aaf60d203"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FDlmOrgVgq0A5QJJjU5CUDgg9TbaGUhnoFzDXXggZs9l%2Fzs2bzi8d0TNo%2FXwntPIm0B7wlLuo7ZPUenSxju%2BWV%2B9lfCjVhbV69TREaqyIj3CLUQAyKA1%2BYdYj7LE%2BbdKrrE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a5dae0d361-FRA
expires
Mon, 16 Sep 2024 23:13:11 GMT
common-end.js
cdn-eso.mmoui.com/clientscript/
2 KB
1 KB
Script
General
Full URL
https://cdn-eso.mmoui.com/clientscript/common-end.js?v4
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e330373ed0af038af94e80c9332054eccc4be60e727e1a9fe8918475eb8e47

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=2882
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 May 2016 02:01:44 GMT
server
cloudflare
etag
W/"929c8-b42-5329b8a3d4b25"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1fcSUaKp4c3%2BBaLC0lG9hA4VpotgRDkaEIJ3zuJDrbRQY3uCK%2Bz9QKm0l3Q2vNEjGskB4tiuW8oZlbpvislGLajjF1Iufrr94XP6UPfUicKhxEsK88nNgAV4I1Em0MokoaI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8c2977a5dae5d361-FRA
expires
Mon, 16 Sep 2024 22:05:55 GMT
beacon.min.js
static.cloudflareinsights.com/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8c2977a628872bc5-FRA
eso-bg3.jpg
cdn-eso.mmoui.com/images/style_esoui/layout/
84 KB
85 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/eso-bg3.jpg
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d91690bbadea9cb17d3525962f091d12c2370344eda95da3ca1cca910e235d

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
degrade=85, origSize=118208
alt-svc
h3=":443"; ma=86400
content-length
86284
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 May 2016 01:32:40 GMT
server
cloudflare
etag
"73272-1cdc0-5329b224f9124"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKFKkoo4gtUD4yFNIBon0MPdsIAIM2qOrj%2F4TQLd1wBGhxcj%2FNPfO3kO0aJMXtv20qbRTDtEFaRwI5tP0hSNGxWtJtVNbn2WRcEOVKf8fblDnP0VvY%2BQ34kBrdQNOgl2ddxy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5dadfd361-FRA
expires
Tue, 17 Sep 2024 01:38:16 GMT
spyglass.png
cdn-eso.mmoui.com/images/style_esoui/layout/
240 B
0
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/spyglass.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490f7f9df846bfd2ba239253a04a901c22e0092e8892cb8b6629863b36a0dab3

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=418
alt-svc
h3=":443"; ma=86400
content-length
240
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731c3-1a2-52ca4789efebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQNcbzO1Nigm66ixK9830LjRDjnK79lO91B9L26fmJr3fi1SvBVml9MXnI%2BDEqolWp3YyCLjErfa6ny7HCEHVOfOSPeSbm2zQcN%2BEu0RYaA210oGOsJQnjbameUN42z%2FjRoS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a4bec4d361-FRA
expires
Mon, 16 Sep 2024 23:13:10 GMT
rss.png
cdn-eso.mmoui.com/images/style_esoui/layout/
645 B
0
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/rss.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce08dbbe002aacf2f95ffea368606d26bf92774169b38dbcfe680ecd2f29050

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272040
cf-polished
origSize=682
alt-svc
h3=":443"; ma=86400
content-length
645
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731bd-2aa-52ca4789ef1b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8R3%2B2s4r77FRiZSNvY4tSwiDu1oxQv2lVyBezeDXz40Y8qGkUrMXSZwUoVAPzF5Reb3XrZ0opBJVH2fjjjjt99bChS43mTL8AUdAPpGmLG81okAiwZVh2egaIcSCrgE%2FZIM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daedd361-FRA
expires
Tue, 17 Sep 2024 02:51:24 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 03:11:33 GMT
content-encoding
gzip
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
last-modified
Fri, 03 May 2024 13:20:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
47363
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
dXpuapZsk-ZGsK8zKn6iNvH8--GJzC8dfX73l_MQmCYBoMvhTfC7QA==
esoui-logo-sm.png
cdn-eso.mmoui.com/images/style_esoui/layout/
24 KB
25 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/esoui-logo-sm.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abeab4ce6c4d6a4c5fa06ce9f33a27013b0080623f500c9f0456532326bdf58

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=25491
alt-svc
h3=":443"; ma=86400
content-length
24640
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 May 2016 00:48:07 GMT
server
cloudflare
etag
"73271-6393-5329a8303e649"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwfhCkKt%2FF3zx3uoMiJdn5ejKqTpV9bxUYKOk0xOxkVczgd7RQb8JLrGx7OkZ0Kbfg0zaUUPKZlxzkz%2Fn%2Fy3M0nvdU3NqHIbHk8m5QfLEuu8hF%2Bo%2FzadXQLaiYwqrTzwbC2E"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daf5d361-FRA
expires
Mon, 16 Sep 2024 23:13:11 GMT
searchbar.png
cdn-eso.mmoui.com/images/style_esoui/layout/
185 B
710 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/searchbar.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c228a0013412cfe59ac6aaf2362872edd23de18cdc73b3e0628c03d1c8be4c

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289757
cf-polished
origSize=278
alt-svc
h3=":443"; ma=86400
content-length
185
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"73194-116-52ca4789ecaa8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YK0hQAH89gmkQltgu6lU%2BO0Tc26jVjy9gI3ipGbzjzwLxdZqSf1kgcxNzXAv05mP2FEm0hLTbOvDCjFZRmg1dTKHFgedLEWiQzTyJN%2F57wb8%2BAqwJ8qsU8thlqTvSohMca3J"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daf7d361-FRA
expires
Mon, 16 Sep 2024 23:01:55 GMT
searchbar-bg.png
cdn-eso.mmoui.com/images/style_esoui/layout/
125 B
646 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/searchbar-bg.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8272eb5300c6eb6ca60091bdc9dc0da3d6a95474393f4678b1d6efdea467aeb

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264629
cf-polished
origSize=402
alt-svc
h3=":443"; ma=86400
content-length
125
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731a1-192-52ca4789ed7ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZJrl0Jcs33VjmYe0MTnlCAd7qXDdLHxRU0DRfkqHgmNjdrMNb%2ForZUiN3Cw6opldCxop5Av9eSCdHCg8ThZGBkv7ZGQ43ORrwiCpnE1z2r5b8FT8A7EBimmBRnCX51RWOmh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daf9d361-FRA
expires
Mon, 16 Sep 2024 23:13:11 GMT
addoncat-arrow.png
cdn-eso.mmoui.com/images/style_esoui/layout/
134 B
659 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/addoncat-arrow.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd726120130fcc993d60bf58c790f77dddfa84de8a8962f8cf3263e8ed549284

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264629
cf-polished
origSize=251
alt-svc
h3=":443"; ma=86400
content-length
134
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731c4-fb-52ca4789efebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGgEBbONUD9eht46nF9RoojmyxWOXKSvOaLvDb0mWIU3rohfzwiJiwntPSu6Bm0gNzSsZKK8RE37X%2B5vs45LFcU2PZ%2B8cG4xirzA%2Fayt0QDYOGJWYFMD8TB2BkfAsxGE6DEY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5dafdd361-FRA
expires
Tue, 17 Sep 2024 06:30:32 GMT
icons-45px.jpg
cdn-eso.mmoui.com/images/icons/
44 KB
44 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/icons/icons-45px.jpg?v7
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc8fc9ec29e3de2dcfff41a1908752eb48e32e08f2b2f1c4df9d691ce5c84c6

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264629
cf-polished
degrade=85, origSize=91694
alt-svc
h3=":443"; ma=86400
content-length
44574
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Apr 2023 18:37:31 GMT
server
cloudflare
etag
"92913-1662e-5fa052edded03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhrHIqbugNS5nHPkxsV1JBJegvtl70VxrQYBFLLzWtuvZSIENhGFsCTrqx7WnWWtt%2BNNBWfvUwPBqNn%2BairohvFw8L%2BFIUmiCeE9ZVed7AlpQdLPXkwuhUH3jJYqrupOSkkj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5dafed361-FRA
expires
Tue, 17 Sep 2024 01:42:07 GMT
subcat_iconborder.png
cdn-eso.mmoui.com/images/style_esoui/downloads/
560 B
1 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/downloads/subcat_iconborder.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53536ba1c3d7db8ffaede2eb19b7ca894de66a5e3033a0e85db0491662838f6b

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264629
cf-polished
origSize=811
alt-svc
h3=":443"; ma=86400
content-length
560
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"72fc9-32b-52ca4789c2593"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXY74uJqbkywWQEJl3y6Kwg2QWPQb6ffsegt3z2EWlqOqg%2F5XpWbjYHd70hStl7jpRF8Iaj9%2F%2FwxvL%2FYjBqAxWpPsnqYGDL5%2Fin%2Bai5KHCPQuIKdFIdmkkRPM2zPNcr1nSv9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5daffd361-FRA
expires
Tue, 17 Sep 2024 06:30:32 GMT
upload-addon.png
cdn-eso.mmoui.com/images/style_esoui/layout/
6 KB
6 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/upload-addon.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10bc3cddac31523a9c1b4d85037e4b43f47fe3d7839db1a7940f6c8442330c4

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
273589
cf-polished
origSize=9189
alt-svc
h3=":443"; ma=86400
content-length
5708
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"7318a-23e5-52ca4789ebda3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxgoVy1%2BYHLKwWi4zLjaNm5ZL%2BkgIu%2FhQqwSv%2BmS9DrCmOVCiHDeTTPulvNXMjroyqnjCSbZGSzN7ai4N%2FUvBoxz9t%2FTf87%2BjZ6BSMx%2BTp1fIut74LFWdWGBgdW44yRDrfYd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5db05d361-FRA
expires
Wed, 11 Sep 2024 15:39:18 GMT
social-bg.png
cdn-eso.mmoui.com/images/style_esoui/content/
336 B
860 B
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/content/social-bg.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7452aa56abd85c3000ba19211b079d8cb784dfd37819ec3ff1ea891ef81f42b8

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272040
cf-polished
origSize=1453
alt-svc
h3=":443"; ma=86400
content-length
336
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"72fb1-5ad-52ca4789bfe83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3F0SWrvtNW0tdWPr%2BTWvyOcO9V04fLYybc5ApsIpzVekvC9mLA5IIrgcFZz2uE%2FnvoWccOyNChtx7bDR1myTPFMVcDjPu%2Fep1pkYipnTcqPe6%2F8spAezBJhGIsp6rePRnc1G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5db09d361-FRA
expires
Tue, 17 Sep 2024 06:30:32 GMT
footer-bg.png
cdn-eso.mmoui.com/images/style_esoui/layout/
858 B
1 KB
Image
General
Full URL
https://cdn-eso.mmoui.com/images/style_esoui/layout/footer-bg.png
Requested by
Host: cdn-eso.mmoui.com
URL: https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb74b220747f0bd0edfa1c49201a450f10f723745d36dd9dacfc2594936eec42

Request headers

Referer
https://cdn-eso.mmoui.com/clientscript/vbulletin_css/style-8bef555b-00023.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
288320
cf-polished
origSize=1036
alt-svc
h3=":443"; ma=86400
content-length
858
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Feb 2016 04:09:53 GMT
server
cloudflare
etag
"731c2-40c-52ca4789efebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=baINNNDEd0VDOh9PTfzQKXVThvYXxiLyBWxYem5mM2M%2BjAnIAZq%2BoWid%2Bhy0aXUVdHYhwL9p9TdqlxETObSwgPvvczAzdtBqCxYtGxMxtgF9dlqnb1CFtSeClhpcahiB5dQI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8c2977a5db0dd361-FRA
expires
Mon, 16 Sep 2024 23:13:11 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/
65 KB
66 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://www.esoui.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
15891460
cdn-cachedat
10/31/2023 18:48:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
521ac654ac7ceec740b4f5c109931a4d
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8c2977a63dada06a-FRA
cdn-requestpullsuccess
True
b
sb.scorecardresearch.com/
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036197&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1726244455511&ns_c=windows-1252&c7=https%3A%2F%2Fwww.esoui.com%2Faddons.php&c8=Elder%20Scrolls%20Online%20AddOns&c9=
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
tcr_73JHOo3NMy35ZvGAjIMK3T9ju-TIfBEesxDpf3416rtKI8E5SA==
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/
265 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9WNGJ71NK2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6K7HY5EBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98830c7c8a067cb378806b449492ff83a7a449e5dc3f066465d63c26588d7373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95454
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Sep 2024 16:20:55 GMT
js
www.googletagmanager.com/gtag/
260 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJK4K40XTC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6K7HY5EBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ed08616f3209f477930c5948c3afef1318de65b0d85174b8735119c837bf3e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93399
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Sep 2024 16:20:55 GMT
js
www.googletagmanager.com/gtag/
271 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M9NZHTVMKP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6K7HY5EBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7db02c48606c45311a021c088e71138c72c8cd98a03a4af83771dcf2b58df9a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97776
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Sep 2024 16:20:55 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-C6K7HY5EBN&gtm=45je49b0v9114813419za200&_p=1726244455210&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=932335971.1726244456&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1726244455&sct=1&seg=0&dl=https%3A%2F%2Fwww.esoui.com%2Faddons.php&dt=Elder%20Scrolls%20Online%20AddOns&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1889
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6K7HY5EBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 16:20:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.esoui.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C6K7HY5EBN&cid=932335971.1726244456&gtm=45je49b0v9114813419za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6K7HY5EBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 16:20:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.esoui.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C6K7HY5EBN&cid=932335971.1726244456&gtm=45je49b0v9114813419za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1948307140
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 16:20:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/
3 KB
4 KB
Fetch
General
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:1800:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Fri, 13 Sep 2024 08:19:54 GMT
via
1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
28863
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
NudrnGNR2RC7NOeONLqYCw0FAlfo5kPVfZDyooeoRkaV1V5slyRRqg==
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 0408
510 KB
161 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d146ed151e9d7e2d209e7b966533560d1e19fa49e47c3ae40578828ead0072c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 15:44:46 GMT
x-amz-version-id
3uVY__nrI4LZPcX2HfUgMKXgWQ2O93DN
content-encoding
br
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2171
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 13 Sep 2024 15:10:44 GMT
server
AmazonS3
etag
W/"87b3d0c6a45c00ed87754e85615db4d7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
Fk-kP-wqpsvIJ4BLNOea_D6ij6KLBiqRK44DodeWhYoPV4E6_BWXPQ==
tag
btloader.com/
103 KB
30 KB
Script
General
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddafd1d60fb0f91e3431e2d9761e11d9e7a82fbb8eea507dcd21673f9fca01b

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 13 Sep 2024 15:20:23 GMT
server
cloudflare
age
3500
etag
"a76700c4e5bba3aa0cff13eebf19623a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
8c2977ac4d79371d-FRA
content-length
30108
gpp-df59d81.min.js
s.nitropay.com/
266 KB
50 KB
Script
General
Full URL
https://s.nitropay.com/gpp-df59d81.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1975c2e717f873e8bdd55a7bef51dffe2a076d70395e46d1af49f9363e31ce
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
68930
x-guploader-uploadid
AHxI1nMIyxC6Rx0XFQkZdaAwbeB47TuEWJdm946VyKrG1kEMtjd2E5hilpOq1YHNh7iU-rN6uiy_UKBDEQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Aug 2024 21:07:44 GMT
server
cloudflare
etag
W/"0c519a6e7da30099e17347b428d00134"
vary
Accept-Encoding
x-goog-generation
1724965664063706
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=mjEkgA==, md5=DFGabn2jAJnhc0e0KNABNA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
272066
cf-ray
8c2977ac29d9972e-FRA
expires
Thu, 19 Sep 2024 21:12:06 GMT
apstag.js
c.amazon-adsystem.com/aax2/
324 KB
80 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bc5c3097151db383d9ce8b7c23c8077a099b7459701fbd2ee696364f88acc7c

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 15:26:08 GMT
content-encoding
gzip
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 22:46:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3288
x-amz-server-side-encryption
AES256
etag
W/"f2dd6786b4537f2bb6a3e22886b855f2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
SFbeMPhyCfGqpKF2I-Q4a7VLSpSgxFoxO98yM_z3NLyveqNqzqnLgg==
1639
tracker.nitropay.com/a/
0
0
Fetch
General
Full URL
https://tracker.nitropay.com/a/1639?d=eyJocmVmIjoiaHR0cHM6Ly93d3cuZXNvdWkuY29tL2FkZG9ucy5waHAiLCJ2Ijo4MSwiYSI6ZmFsc2UsInMiOnRydWUsImMiOiJERSIsInIiOiJIRSJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
via
1.1 google
server
nginx/1.27.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.gif
s.nitropay.com/
42 B
616 B
Image
General
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
265856
x-guploader-uploadid
AHxI1nOro0bAzLMkwVt8Rhn3_q4xGrzb1c6O4CbER55Hv6co_Kqu9FAhV42iu69LYzJUdSexooQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
8c2977aceadb972e-FRA
expires
Tue, 17 Sep 2024 14:30:00 GMT
close2.svg
s.nitropay.com/assets/
305 B
802 B
Image
General
Full URL
https://s.nitropay.com/assets/close2.svg
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
1514537
x-guploader-uploadid
AHxI1nMBeI3vEsl7q_fpoBIikNr_1h9VDT_PHHEapFPbJSYHNmTflLiqd5ENsDXV9PgX84gwvju0gMO_gA
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-goog-meta-
last-modified
Wed, 08 Dec 2021 23:38:47 GMT
server
cloudflare
etag
W/"ca26e4a931ab434f475491bcab06132b"
vary
Accept-Encoding
x-goog-generation
1639006727668923
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=tLOOxQ==, md5=yibkqTGrQ09HVJG8qwYTKw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
305
cf-ray
8c2977aceade972e-FRA
expires
Sat, 13 Sep 2025 16:20:56 GMT
main.js
www.esoui.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame 542F
Redirect Chain
  • https://www.esoui.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.esoui.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB
Script
General
Full URL
https://www.esoui.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Server
172.67.82.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e53fd4ce7ff16df80cbe84115239da2dc1a06cab55a60591a1f7df0caff4b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ayaw5t6xeDDiI4Z0Rref0%2FJ49HIuKtIY53qIK1KUHsb0SufDgxGHmQBgkctBoOuZ7P7nqaYgdSTwpoXp%2FVPMYILO0jDvC6Axt5D%2Flr3LWCPNkJtrMemkPbMgK6Oeqgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c2977ad6f961ec2-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 13 Sep 2024 16:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WWj%2FTUhWcxygQELFCRAIJk%2F102EPbPNq2OUrMK%2F31bxki5xjBGx1%2FNEA2mhzti%2Fue3gODEl8gsWurvBMKgrRgsALMVPqGc%2BgWJVvmU3mRHDzoSYMTdlptVNdaEiwt0%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c2977acff0c1ec2-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9WNGJ71NK2&gtm=45je49b0v9125849664z89114813419za200zb9114813419&_p=1726244455210&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=932335971.1726244456&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1726244456&sct=1&seg=0&dl=https%3A%2F%2Fwww.esoui.com%2Faddons.php&dt=Elder%20Scrolls%20Online%20AddOns&en=page_view&_fv=1&_ss=1&tfd=2668
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9WNGJ71NK2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 16:20:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.esoui.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VJK4K40XTC&gtm=45je49b0v9123043253z89114813419za200zb9114813419&_p=1726244455210&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=932335971.1726244456&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1726244456&sct=1&seg=0&dl=https%3A%2F%2Fwww.esoui.com%2Faddons.php&dt=Elder%20Scrolls%20Online%20AddOns&en=page_view&_fv=1&_ss=1&tfd=2703
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJK4K40XTC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 16:20:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.esoui.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M9NZHTVMKP&gtm=45je49b0v9126295180z89114813419za200zb9114813419&_p=1726244455210&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=932335971.1726244456&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1726244456&sct=1&seg=0&dl=https%3A%2F%2Fwww.esoui.com%2Faddons.php&dt=Elder%20Scrolls%20Online%20AddOns&en=page_view&_fv=1&_ss=1&tfd=2730
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M9NZHTVMKP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 16:20:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.esoui.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/
43 B
334 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1443415
x-guploader-uploadid
ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=caghHrc10R6mnacGa6l5By223Wkvp%2FuYw4swqS2QCb5Cr8zMuZVesG2BiJwiXv3BqFJaauIGOwytvJLoTlXRsXKfr8Mn0RgTPN3rHw3078LtvQ6c6vDM%2BBtBsdwgqh8xrwPDocawJMS6Qb7b3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8c2977ae0ce23721-FRA
expires
Wed, 28 Aug 2024 00:20:20 GMT
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 06:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Sep 2024 06:49:44 GMT
px.gif
ad-delivery.net/
43 B
921 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.30162465929012483
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1443415
x-guploader-uploadid
ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FN%2BRtnYMKJTvA5NamqIXZBN7e1j%2BHaFXuwjQW8pEDabrcsEfcVMD3anWQUIDgY8XSSeQBwsbOt5q2S8Y4kv%2F0YqIAbAFPBKjXlWVsYRqdgWu7MYV3N6iaeFxy4oZy69xfujRDDKR9frQxMHipg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8c2977ae0ce43721-FRA
expires
Wed, 28 Aug 2024 00:20:20 GMT
additional-consent-providers.csv
consent.nitrocnct.com/
116 KB
36 KB
XHR
General
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-df59d81.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
525054
x-guploader-uploadid
ABPtcPrWtxKGOJgTvAOWB8Epf6ZT1PkMQIE94xvtm5hry1mcwAzUz7muaZWiMjG0KGWt32aHcnedn2S99g
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
server
cloudflare
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary
Accept-Encoding
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation
1689147090287559
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lu%2BKrGN7tF%2BjywPqV794LtoRgcFde5h%2Biasmk9rh8z29iVxDixYKp6Uo5nnh2lY4fX6MkzYVyRzqjDgf7yRmtcEzVRgGQIg4ZOBOLPyc5cAbDn8XRD54GYAqRJwvTQdzNeb%2FU3t8V3eg25AuGKcTRG9Ki9w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
119221
cf-ray
8c2977ae299d3a8c-FRA
expires
Sat, 14 Sep 2024 13:54:01 GMT
vendor-list-v3.json
consent.nitrocnct.com/
629 KB
79 KB
XHR
General
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-df59d81.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b8dcd9bdf23616663feff2b308f4dc8a744a794a3eb13be878c5e1d81f0ea7a

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
453679
x-guploader-uploadid
AD-8ljtOGmj2F5EBkoy0TuzdofU0TaxTV1STscHN25xXg9fecqh3wlKJjQrZI_p-fDI0mmRCJew
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 30 Aug 2024 13:57:44 GMT
server
cloudflare
etag
W/"1bb5f7ddf863a843f11cdc1b11967f20"
vary
Accept-Encoding
x-goog-hash
crc32c=NxAv5Q==, md5=G7X33fhjqEPxHNwbEZZ/IA==
x-goog-generation
1725026264061391
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmzP7cgKc63R849Nv9RZ7qyYoTGdM7zQe28PY8N%2BMQ6s4ujMthifvOYU0wtDLNFHAY4fOiEV8VweT9L2Q73xZ%2FUkDDA%2F3nfLA49atMarAvXzfoYRXdgcP2CHe5T6cE3Bkws2BBFLWcgURECJugl0b1cCrJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=604800
x-goog-stored-content-length
643742
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray
8c2977ae29993a8c-FRA
expires
Sun, 15 Sep 2024 10:09:27 GMT
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 15:54:03 GMT
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
1613
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
Rdc3wtLJXEbFdMNTqlrLtq2U9CmFNIJ1-U2wqGOnpuW8QdiEuB1pQg==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.esoui.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f4d2dfedba36ea1a797a8881a4dd30448dad8459e21cecea2089ab3bc166aa12

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 11:16:40 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
18255
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.esoui.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1591
x-amz-cf-id
8bn8czYL2ARwo4pCOGHj0fb2ZoqhbLe6tezZuABlR8rka1EKuZRZdw==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
375 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.esoui.com%2Faddons.php&pid=36zdvgDGbDrYh&cb=0&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22sd%22%3A%22Horizontal_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C1307%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-173-196.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
gzip
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.esoui.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
P9Vg6plLNlPF8XLJjPDJAfSmuzLBp_6BH-3XJaXswOjrE2H_BjpJHw==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
374 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.esoui.com%2Faddons.php&pid=36zdvgDGbDrYh&cb=1&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Outstream_Floating%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C1307%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-173-196.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:55 GMT
content-encoding
gzip
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.esoui.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
_vsSHNkpT7bcqtik2qROXRmhDndhCPmTN3-V8vbYZZcS8iGrWK-eCQ==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
374 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.esoui.com%2Faddons.php&pid=36zdvgDGbDrYh&cb=2&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22sd%22%3A%22Vertical_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C1307%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-173-196.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
gzip
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.esoui.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
cLfZskwDgM45wipY_d_HvnqWraFtFL5qYrXNJOMxnfD6FmDctNtr2g==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
374 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.esoui.com%2Faddons.php&pid=36zdvgDGbDrYh&cb=3&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22sd%22%3A%22Vertical_BTF%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C1307%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-173-196.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
gzip
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.esoui.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
fpiF2OrOqe3XLXSzPsmNY_eJSf1AIs-A7veKt79dYDOlvgcAhzgUuA==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
374 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.esoui.com%2Faddons.php&pid=36zdvgDGbDrYh&cb=4&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22sd%22%3A%22Horizontal_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C1307%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-173-196.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
gzip
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.esoui.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
AksavglRbWqUUh-FZLC6Tx2Hu7pk0wWMyKz1mEHrrC6nfBiOhJrYAA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date
Fri, 13 Sep 2024 01:48:28 GMT
x-amz-cf-pop
FRA56-P6
age
52349
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
VubH9DNd8M7N4af6HGdkH9NF3oqyketnQbgKQXbEVVxRK6a785sFTQ==
country
api.btloader.com/
37 B
215 B
Fetch
General
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ba6a49b4567c1d0abb7d066626b3290cc404a5214712d90685743ee20b3ecb94

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 13 Sep 2024 16:35:56 GMT
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.esoui.com%2Faddons.php&ref=&_it=amazon&partner_id=720
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNMNHQXA94JVW78
age
6302
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8c2977aeee78368c-FRA
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/
95 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1274185bc7a88a74588ef82af3d472ccdc2574282522325f687f37f58dd788
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 13:30:01 GMT
server
cloudflare
x-amz-request-id
MAM3M62WYFDXB6HN
age
680
etag
W/"ac65bcbdbadc9ff581ea087feb796f28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8c2977aeecb965be-FRA
x-amz-id-2
1MfFo6oy6IIqCc343H+cYEd0B5qJmYiywCjQi1YO7n+OT4AEaKNM8fA3t42NRJDZxA9Pl1o2/y6cUADuMUFjm2jNYma1ZvWX
lang.png
s.nitropay.com/cmp/
2 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
1859
x-guploader-uploadid
AHxI1nM_0r2QNmlMrcBNNJdspku2Elsj3ISj5afDLdVODmlukyzIab95JgU_f1SXBQgl1q1pQW8D28FG0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1887
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"ca072a3965f49a2c242c45d535163a53"
vary
Accept-Encoding
x-goog-generation
1666344058779792
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1887
accept-ranges
bytes
cf-ray
8c2977aefd6d972e-FRA
expires
Fri, 13 Sep 2024 16:13:03 GMT
cancel.png
s.nitropay.com/cmp/
1 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2584
x-guploader-uploadid
AHxI1nNb27-cu8xGG4RyKnSzGH5VQVovceKBhT6kL8WpgOyj5pSBm0D1tsSdHwurdNpDE3F-Kb13GVC5lw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1302
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
vary
Accept-Encoding
x-goog-generation
1666344058825998
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1302
accept-ranges
bytes
cf-ray
8c2977aefd6f972e-FRA
expires
Fri, 13 Sep 2024 16:26:14 GMT
logo.png
s.nitropay.com/cmp/
3 KB
3 KB
Image
General
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/addons.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
873
x-guploader-uploadid
AHxI1nMMh3oKpeYKkJQGcjvHh5cuxScIqChalxw7XDx8aawBNT-znus_cYF25XDW0w5fpwNtYzI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2592
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"940aa5b81e99bbb7414acc474a89bad9"
vary
Accept-Encoding
x-goog-generation
1666344058842900
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2592
accept-ranges
bytes
cf-ray
8c2977aefd71972e-FRA
expires
Fri, 13 Sep 2024 16:10:07 GMT
8c2977a078a91ec2
www.esoui.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 542F
0
911 B
XHR
General
Full URL
https://www.esoui.com/cdn-cgi/challenge-platform/h/b/jsd/r/8c2977a078a91ec2
Requested by
Host: www.esoui.com
URL: https://www.esoui.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.82.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FQ57TASZ0%2Fc533sGkLbdHqlxxB%2F342djPybuasBqAdOKm8xlrTpRnA2mpuBntwcgqMWoDzq%2BBoOUMaqN3z9fWrbGZLiZiSnLdV5MkjqcF5He5tzBBopGyYUNY%2Fabxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8c2977af79901ec2-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=nTzRPd2KP&w=5093490163187712&o=6278260873756672&cv=2.1.53-2-g9f547cd&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.esoui.com%2Faddons.php&sid=x7yLv7thMD&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 13 Sep 2024 16:20:56 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
hadron.json
id.hadron.ad.gt/v1/
119 B
275 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=www.esoui.com&url=https://www.esoui.com/addons.php
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.esoui.com%2Faddons.php&ref=&_it=amazon&partner_id=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8a504b028f29d0f3f34b817813b2982ecd8af173c23670424c48b354fed584

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Sep 2024 16:20:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
cf-ray
8c2977b0bd359bec-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=www.esoui.com&url=https://www.esoui.com/addons.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.esoui.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8c2977b00c8c9bec-FRA
content-length
0
content-type
application/json
date
Fri, 13 Sep 2024 16:20:57 GMT
debug
OPTIONS block
expires
Sat, 13 Sep 2025 16:20:57 GMT
server
cloudflare
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.esoui.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.esoui.com
access-control-max-age
86400
cf-ray
8c2977b05c7835fa-FRA
content-encoding
gzip
content-type
text/plain
date
Fri, 13 Sep 2024 16:20:57 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 13 Sep 2024 16:20:57 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.esoui.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8c2977b07c9535fa-FRA
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=2077856391&rv=49b0&u=AAAAAAAAAAAAACAAAAAAEAE&ut=Ag&h=Ag&gtm=45je49b0v9126295180za200zb9114813419&ccid=126295180&cid=G-M9NZHTVMKP&l=L1321.S23.B15.E373.I2573.EC5.TC12.HTC0~gtm.init.S0.V0.E136.TS5ogtgasend.TI15.TE0.TS5ogtsessiontimeout.TI17.TE0.TS5ogt1pdatav2.TI18.TE0.TS5ccdgalast.TI19.TE0.TS5ccdautoredact.TI20.TE0.TS5ccdconversionmarking.TI21.TE0.TS5ccdgaregscope.TI22.TE0.TS5ogtgooglesignals.TI23.TE0.TS5ccdgaadslink.TI24.TE0.TS5setproductsettings.TI25.TE0.TS5ccdgafirst.TI26.TE0~gtm.js.S0.V0.E132.TS5gct.TI12.TE0~gtm.dom.S0.V0.E116~gtm.load.S0.V0.E2~gtm.init_consent.S1.V0.E130~GA1409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:56 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
favicon.ico
www.esoui.com/
1 KB
1 KB
Other
General
Full URL
https://www.esoui.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.82.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c69a26d0632e275828dfd4918313102e13e6bedfe1efb33513d6814ab7496ed

Request headers

Referer
https://www.esoui.com/addons.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Feb 2016 04:09:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5740
etag
W/"7325f-47e-52ca478ac934b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ywbq2vONe5c2HK6NCur6TwZ8kWI48PB%2BGVj04ib5%2BJo%2BGBK8uMf66fGPnqaGv2j2EmJCZvizTg7hV7OjZo6U%2BZIFYnT6nN%2FJeph4vYeEzUWNyWn30sLfD4nHvA9G10Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=2678400
cf-ray
8c2977b02a3f1ec2-AMS
alt-svc
h3=":443"; ma=86400
720
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/720?_it=amazon
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fde4880f0ae41a7e4b8bc49e24748113c86f97f2d780538a89a732ec9c9b4cc

Request headers

Referer
https://www.esoui.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:20:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 13 Sep 2024 16:15:53 GMT
server
cloudflare
age
62
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8c2977b1bcf89b7c-FRA

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| SECURITYTOKEN string| IMGDIR_MISC function| gtag object| dataLayer function| $ function| jQuery function| openDonate function| setDonate function| SecureLinkError function| SecureLinkLoad function| addEvent function| removeEvent function| handleEvent function| fixEvent function| tablistview function| clearTmp function| showTab function| ge function| getElementsByClassName function| restoreAds function| hideAds function| standardNavMouseover function| standardNavMouseout function| standard2Nav function| showTmp object| MMOIjax object| names object| vbphrase object| vB_Editor boolean| is_regexp boolean| AJAX_Compatible string| pointer_cursor string| userAgent boolean| is_saf function| fetch_object function| fetch_tags function| fetch_tag_count function| do_an_e function| e_by_gum function| validatemessage function| stripcode function| vB_PHP_Emulator function| vB_AJAX_Handler function| vB_Hidden_Form function| openWindow function| js_open_help function| attachments function| who function| imwindow function| SendMSNMessage function| AddMSNContact function| detect_caps_lock function| log_out function| set_cookie function| delete_cookie function| fetch_cookie function| js_toggle_all function| js_select_all function| js_check_all function| js_check_all_option function| checkall function| checkall_option function| resize_textarea function| toggle_collapse function| save_collapsed function| vBpagenav function| vbmenu_register function| set_unselectable function| fetch_sessionhash function| construct_phrase function| switch_id function| img_alt_2_title function| PostBit_Init function| vBulletin_init function| vBulletin_Framework object| PHP object| vBulletin function| null_event function| vB_Popup_Handler object| vBmenu function| vbmenu_hide function| vB_Popup_Menu function| vB_Popup_Events object| nitroAds function| NcodeImageResizer object| _comscore object| COMSCORE object| ns_p function| hashtab number| tooltipDelay function| clearTooltip function| showTooltip function| getaddoninfo function| getportalnews function| getportalbug function| getportalfeature function| gethelpinfo object| inArray object| ia object| google_tag_manager object| google_tag_data object| gaGlobal object| ads object| nads object| napbjs object| _pbjsGlobals object| mnet function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __tcfapi_queue function| __tcfapi object| apstag object| __cfBeacon object| __bt object| __bt_intrnl object| __bt_tag_d object| nitroAdsCMP object| regeneratorRuntime object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init function| __cmp boolean| __npcmp_gdpr object| _aps boolean| apstagLOADED object| apscustom boolean| __bt_already_invoked function| ha object| hadron boolean| __halo_loaded__ object| __id5_finalization_registry object| ID5 object| PublisherCommonId object| au

12 Cookies

Domain/Path Name / Value
.esoui.com/ Name: bblastvisit
Value: 1726244454
.esoui.com/ Name: bblastactivity
Value: 0
.esoui.com/ Name: bbsessionhash
Value: 62afea82c3692ed0a5f73cd2a3f91a01
.nitropay.com/ Name: __cf_bm
Value: _mr9ct13Mgm1kltkkghgVyjvUX_4iUVk7KaB07gjeT4-1726244455-1.0.1.1-yTzDqA_jZRBsVYcmGQeyDt6IJqyqIRCsqUBb.Dpp3C5B47mq3CFfJYSSbecS_3hy5ROfD.VkgLNRB2TvojUavQ
.esoui.com/ Name: _ga_C6K7HY5EBN
Value: GS1.1.1726244455.1.0.1726244455.60.0.0
.esoui.com/ Name: _ga
Value: GA1.1.932335971.1726244456
.esoui.com/ Name: _ga_9WNGJ71NK2
Value: GS1.1.1726244456.1.0.1726244456.0.0.0
.esoui.com/ Name: _ga_VJK4K40XTC
Value: GS1.1.1726244456.1.0.1726244456.0.0.0
.esoui.com/ Name: _ga_M9NZHTVMKP
Value: GS1.1.1726244456.1.0.1726244456.0.0.0
.esoui.com/ Name: ncmp.domain
Value: esoui.com
.esoui.com/ Name: cf_clearance
Value: Fb.wazDFPKRK9SZVvY51SfeWAqs3CZltorQgMlaVjCU-1726244456-1.2.1.1-jMhy3BJ7bOeRKUrWMZYM05PJzI2wbG_DqrJvLZVuhU9EN6lmHRhRYU3BrS.u9lkTcTpiEb_IH7VGTJ.YJMda.hjTs00T7IuE9_V2zG.9ZsHagj.p51PXr1LdYu9Wj9QA0GnX.fGhtLiS8RX6jmlpr7TXf9hL9F5rDF7Hw1tNTdBIsvjdX9zNbjgz94BUXa8hvXTBJI5fO0bqti1UbmOxQQwt6JnLkkhxd4hj_A6YPzgifNeNdjmbYsmlzvpmxhcqbennknjXXulud4995qyhNJYeiHqncKffnAd5ZMlZoWRS6RsfDZYq_zUAo_RvaB.aMjx4n4sfNvSVHQzHdI8P15rIyqBd2zf.WxSqJ0S1iK.vE6E0MUl8hMHrYLiVQmBe
.ad.gt/ Name: au_3p_check
Value: 1

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.esoui.com/addons.php
Message:
[.WebGL-0x335800d67f00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ajax.googleapis.com
api.btloader.com
btloader.com
c.amazon-adsystem.com
cdn-eso.mmoui.com
cdn.hadronid.net
cdn.id5-sync.com
cloudflareinsights.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
id.hadron.ad.gt
maxcdn.bootstrapcdn.com
region1.analytics.google.com
region1.google-analytics.com
rumcdn.geoedge.be
s.nitropay.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tracker.nitropay.com
wrappers.geoedge.be
www.esoui.com
www.google.de
www.googletagmanager.com
104.26.10.137
108.138.6.136
13.33.173.196
130.211.23.194
172.217.18.6
172.67.82.245
18.244.18.38
18.245.31.9
2001:4860:4802:34::36
23.205.176.78
2600:9000:2491:8a00:4:b37b:9440:93a1
2600:9000:2761:1800:2:d490:4d80:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:20::ac43:4513
2606:4700::6810:5049
2606:4700::6812:24e
2606:4700::6812:bcf
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2008
2a00:1450:400c:c0b::9c
2a06:98c1:3120::3
35.244.144.25
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
01a12d6b00de9aaae737c809a08b2a307788cedda626b546de9da87f8cbe907f
01d91690bbadea9cb17d3525962f091d12c2370344eda95da3ca1cca910e235d
0408d7cac595c12416a378f20c78a7a0507c1533c29b47d9b0eabdb1a306e78d
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e330373ed0af038af94e80c9332054eccc4be60e727e1a9fe8918475eb8e47
0d146ed151e9d7e2d209e7b966533560d1e19fa49e47c3ae40578828ead0072c
0d33688dd5a283f5ec5bc116bf5e9b2b2c0149ba18434eb43343e5eda728c237
0ed08616f3209f477930c5948c3afef1318de65b0d85174b8735119c837bf3e6
102f99cd38d3bcfc8a8105782d000214b153781dc2f5ab97c46aadb6977a493a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d1975c2e717f873e8bdd55a7bef51dffe2a076d70395e46d1af49f9363e31ce
1ddafd1d60fb0f91e3431e2d9761e11d9e7a82fbb8eea507dcd21673f9fca01b
2f824a9e1da97c320fdf4143f226f162b3ebe613445565b07fdd203d1fabd660
345c23155d22f7a687fa1ee7398990272c17bd240cd8cdd5aa4b1b0ab7f666c3
3e720760eea7b71ebdd65540017d2aa2f8b0639c4fc53ece77c93ef119de72cd
490f7f9df846bfd2ba239253a04a901c22e0092e8892cb8b6629863b36a0dab3
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4abeab4ce6c4d6a4c5fa06ce9f33a27013b0080623f500c9f0456532326bdf58
53536ba1c3d7db8ffaede2eb19b7ca894de66a5e3033a0e85db0491662838f6b
5b8dcd9bdf23616663feff2b308f4dc8a744a794a3eb13be878c5e1d81f0ea7a
5bc5c3097151db383d9ce8b7c23c8077a099b7459701fbd2ee696364f88acc7c
5ce08dbbe002aacf2f95ffea368606d26bf92774169b38dbcfe680ecd2f29050
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5ed749663f4756c17471e4d29b8632efbb9e8cb7094f6910c7116d1937860810
5f683e5c3a7b0442e5a0fec42959c680a4cc71d49d61c3bf2ca9db6eb4a96b22
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
6fde4880f0ae41a7e4b8bc49e24748113c86f97f2d780538a89a732ec9c9b4cc
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
70e53fd4ce7ff16df80cbe84115239da2dc1a06cab55a60591a1f7df0caff4b8
74488034c8380bdce8d84b5a7b4b5d0851ae7c253dd8eb2ebf210dd7798c8102
7452aa56abd85c3000ba19211b079d8cb784dfd37819ec3ff1ea891ef81f42b8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7db02c48606c45311a021c088e71138c72c8cd98a03a4af83771dcf2b58df9a2
879f1461d885e90f7095eff74c1e9fefd2a71c5c8ed550dba6c239c422e3093c
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c69a26d0632e275828dfd4918313102e13e6bedfe1efb33513d6814ab7496ed
8e8a504b028f29d0f3f34b817813b2982ecd8af173c23670424c48b354fed584
98830c7c8a067cb378806b449492ff83a7a449e5dc3f066465d63c26588d7373
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c
9fc8fc9ec29e3de2dcfff41a1908752eb48e32e08f2b2f1c4df9d691ce5c84c6
a44d20973f67b76b0cf8b4d7c1e5b5875a0ff659f6c7f043184060018d4c02f8
a8272eb5300c6eb6ca60091bdc9dc0da3d6a95474393f4678b1d6efdea467aeb
b2c228a0013412cfe59ac6aaf2362872edd23de18cdc73b3e0628c03d1c8be4c
ba6a49b4567c1d0abb7d066626b3290cc404a5214712d90685743ee20b3ecb94
be1274185bc7a88a74588ef82af3d472ccdc2574282522325f687f37f58dd788
c429832bcfb90f83c4372a9723c5e568fc8ba79b8ee88099bdb6934d1806913d
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
cd726120130fcc993d60bf58c790f77dddfa84de8a8962f8cf3263e8ed549284
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10bc3cddac31523a9c1b4d85037e4b43f47fe3d7839db1a7940f6c8442330c4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dda76b4d79b5a154b452fa482fea32391e76e2db70b619d5fd5243b380d33669
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6989ae8668b84a33cdaf6c58fbb86ce87f8e284c28ab26dbc646f7a56e5ef87
e9f6aa9fe78b402b74f5c7abc935374377fa5806485cde8683b3fef70229e1cc
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d2dfedba36ea1a797a8881a4dd30448dad8459e21cecea2089ab3bc166aa12
fb74b220747f0bd0edfa1c49201a450f10f723745d36dd9dacfc2594936eec42
fc418ec1b2def190e581120cc40717f765cb54cf13b248156dde74e1a418cda9
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995