www.xivmodarchive.com Open in urlscan Pro
2606:4700:10::ac43:b9a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xivmodarchive.com/
Effective URL:
https://www.xivmodarchive.com/
Submission: On August 04 via api (August 4th 2024, 7:55:15 pm UTC) from US — Scanned from US

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 47 IPs in 2 countries across 38 domains to perform 94 HTTP transactions. The main IP is 2606:4700:10::ac43:b9a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xivmodarchive.com. The Cisco Umbrella rank of the primary domain is 846795.
TLS certificate: Issued by WE1 on June 22nd 2024. Valid for: 3 months.

This is the only time www.xivmodarchive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:10:... 2606:4700:10::ac43:b9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.3.78 104.18.3.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:247... 2600:9000:247b:9a00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:251... 2600:9000:2511:7000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.222.154 172.217.222.154	15169 (GOOGLE) (GOOGLE)
3	35.244.144.25 35.244.144.25	15169 (GOOGLE) (GOOGLE)
2	69.194.240.11 69.194.240.11	26120 (RHYTHMONE) (RHYTHMONE)
1	52.3.235.238 52.3.235.238	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.117.6 74.119.117.6	19750 (AS-CRITEO) (AS-CRITEO)
1	54.158.18.149 54.158.18.149	14618 (AMAZON-AES) (AMAZON-AES)
1	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200a	27630 (AS-XFERNET) (AS-XFERNET)
1	172.67.193.156 172.67.193.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.207.148 173.194.207.148	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.222.156 172.217.222.156	15169 (GOOGLE) (GOOGLE)
3	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	100.24.111.98 100.24.111.98	14618 (AMAZON-AES) (AMAZON-AES)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1	2600:9000:23c... 2600:9000:23cb:c200:10:43f:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	173.194.175.157 173.194.175.157	15169 (GOOGLE) (GOOGLE)
2 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::84	15169 (GOOGLE) (GOOGLE)
1	142.251.174.132 142.251.174.132	15169 (GOOGLE) (GOOGLE)
1	142.251.174.103 142.251.174.103	15169 (GOOGLE) (GOOGLE)
1	104.18.38.76 104.18.38.76	() ()
1	23.55.204.22 23.55.204.22	() ()
1	52.223.22.214 52.223.22.214	() ()
1	184.28.25.15 184.28.25.15	() ()
2 2	35.244.154.8 35.244.154.8	() ()
1 1	107.178.254.65 107.178.254.65	() ()
1 2	2620:1ec:21::14 2620:1ec:21::14	() ()
1 1	198.8.71.131 198.8.71.131	() ()
7	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	() ()
2 2	185.184.8.90 185.184.8.90	() ()
2 2	34.36.216.150 34.36.216.150	() ()
3 4	34.111.113.62 34.111.113.62	() ()
2 2	35.211.178.172 35.211.178.172	() ()
1 2	173.194.207.155 173.194.207.155	() ()
1	104.18.7.198 104.18.7.198	() ()
1 1	74.121.140.211 74.121.140.211	() ()
1 1	54.174.229.107 54.174.229.107	() ()
94	47

23 2606:4700:10::ac43:b9a (United States)

ASN13335 (CLOUDFLARENET, US)

www.xivmodarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xivmodarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.3.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:247b:9a00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2511:7000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.144.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.144.244.35.bc.googleusercontent.com

tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.235.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-235-238.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.6 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.18.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-18-149.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.153 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.156 (United States)

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.111.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-111-98.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:c200:10:43f:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.204.22 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.22.214 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.25.15 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (None, ) 2 redirects

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (None, ) 1 redirects

ASN- ()

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (None, ) 1 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.131 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f350:3:2569:0:10:0:d (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (None, ) 2 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (None, ) 3 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.155 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.198 (None, )

ASN- ()

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.229.107 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	xivmodarchive.com www.xivmodarchive.com — Cisco Umbrella Rank: 846795 static.xivmodarchive.com — Cisco Umbrella Rank: 830628	403 KB
8	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 4003 sync.go.sonobi.com	8 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 ad.doubleclick.net — Cisco Umbrella Rank: 210 cm.g.doubleclick.net	225 KB
6	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 25426 tracker.nitropay.com — Cisco Umbrella Rank: 24310	210 KB
5	googlesyndication.com 718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	19 KB
5	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 24092 rumcdn.geoedge.be — Cisco Umbrella Rank: 3243 gw.geoedge.be — Cisco Umbrella Rank: 4430	165 KB
4	tapad.com 3 redirects pixel.tapad.com	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3664 google-bidout-d.openx.net — Cisco Umbrella Rank: 3568	501 B
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296 sync.crwdcntrl.net	13 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	44 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 944 gum.criteo.com — Cisco Umbrella Rank: 553	228 B
3	btloader.com btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	29 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	179 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	993 B
2	creativecdn.com 2 redirects creativecdn.com	921 B
2	linkedin.com 1 redirects px.ads.linkedin.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	840 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 383 acdn.adnxs.com	1 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 998 eb2.3lift.com	6 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1534 contextual.media.net	12 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 1255	239 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	37 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	mathtag.com 1 redirects sync.mathtag.com	861 B
1	connatix.com capi.connatix.com	82 B
1	rfihub.com 1 redirects p.rfihub.com	736 B
1	pippio.com 1 redirects pippio.com	632 B
1	indexww.com js-sec.indexww.com
1	google.com www.google.com — Cisco Umbrella Rank: 10
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1594	7 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2913	8 KB
1	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 51505	36 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 785	9 KB
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1860	11 KB
0	amazon-adsystem.com Failed s.amazon-adsystem.com Failed
94	38

	Domain	Requested by
15	static.xivmodarchive.com	www.xivmodarchive.com
8	www.xivmodarchive.com	www.xivmodarchive.com
7	sync.go.sonobi.com
4	pixel.tapad.com	3 redirects
4	securepubads.g.doubleclick.net	s.nitropay.com securepubads.g.doubleclick.net
3	match.adsrvr.org	2 redirects s.nitropay.com
3	static.criteo.net	s.nitropay.com static.criteo.net
3	tracker.nitropay.com	s.nitropay.com
3	rumcdn.geoedge.be	s.nitropay.com rumcdn.geoedge.be
3	s.nitropay.com	www.xivmodarchive.com s.nitropay.com
3	cdnjs.cloudflare.com	www.xivmodarchive.com cdnjs.cloudflare.com
2	cm.g.doubleclick.net	1 redirects
2	x.bidswitch.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	creativecdn.com	2 redirects
2	px.ads.linkedin.com	1 redirects
2	idsync.rlcdn.com	2 redirects
2	tpc.googlesyndication.com	s.nitropay.com
2	gum.criteo.com	s.nitropay.com
2	oajs.openx.net	1 redirects www.xivmodarchive.com
2	718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com	s.nitropay.com
2	api.btloader.com	btloader.com
2	ad-delivery.net	www.xivmodarchive.com
2	targeting.unrulymedia.com	s.nitropay.com
2	cdn.jsdelivr.net	www.xivmodarchive.com
1	sync.srv.stackadapt.com	1 redirects
1	sync.mathtag.com	1 redirects
1	capi.connatix.com
1	sync.crwdcntrl.net	1 redirects
1	p.rfihub.com	1 redirects
1	pippio.com	1 redirects
1	acdn.adnxs.com	s.nitropay.com
1	eb2.3lift.com	s.nitropay.com
1	contextual.media.net	s.nitropay.com
1	js-sec.indexww.com	s.nitropay.com
1	www.google.com	s.nitropay.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	gw.geoedge.be	rumcdn.geoedge.be
1	google-bidout-d.openx.net	s.nitropay.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn-ima.33across.com	s.nitropay.com
1	oa.openxcdn.net	s.nitropay.com
1	tags.crwdcntrl.net	s.nitropay.com
1	ad.doubleclick.net	www.xivmodarchive.com
1	consent.nitrocnct.com	s.nitropay.com
1	apex.go.sonobi.com	s.nitropay.com
1	htlb.casalemedia.com	s.nitropay.com
1	ib.adnxs.com	s.nitropay.com
1	tlx.3lift.com	s.nitropay.com
1	bidder.criteo.com	s.nitropay.com
1	prebid.media.net	s.nitropay.com
1	btlr.sharethrough.com	s.nitropay.com
1	btloader.com	s.nitropay.com
1	wrappers.geoedge.be	s.nitropay.com
0	s.amazon-adsystem.com Failed
94	55

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.patreon.com
discordapp.com

Subject Issuer	Validity	Valid
xivmodarchive.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
nitropay.com WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M03	`2024-07-12` - `2025-08-09`	a year	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.nitropay.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-30` - `2025-05-31`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
prebid.media.net WR3	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-10`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
casalemedia.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
nitrocnct.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
api.btloader.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
oa.openxcdn.net WR3	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
indexww.com WE1	`2024-08-03` - `2024-11-02`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
capi.connatix.com WE1	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.xivmodarchive.com/
Frame ID: F403D39F31099CE4B99B8B9554505CF7
Requests: 79 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: F349F362184791446EDA8DE57294FBE7
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 87652EF5137566D878BDD10403654761
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 24B15549752492D466E036A1FF3E234C
Requests: 1 HTTP requests in this frame

Frame: https://718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D025F6F8204356CF297C80EDD481A7C8
Requests: 1 HTTP requests in this frame

Frame: https://718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8CC23340AFD58BCE1F6758303DDAF880
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AA0EB7EFDE21BD75DE4A93FA214FA5F5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.xivmodarchive.com
Frame ID: 54070E9F4272DDCD4A69F2E6DA23BF1F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.xivmodarchive.com&us_privacy=1YNN
Frame ID: AE2D915E155945B7171E8C07ABE3DFA6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95DBC51946E7AC10346C568E52F6D073
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C98A1C275982A91D0DEB75DFAF71B93F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 370892BFF5DCDE1ED2EBBA3103918CA8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C590%2C2073%2C273%2C2106%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C3038%2C2025%2C2069%2C237%2C556%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C2113%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C450%2C2009%2C255%2C3018%2C3017%2C2125%2C214%2C2124%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C3073%2C461%2C222%2C542%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=1&usp_consent=1&uspstring=1YNN
Frame ID: 3D4BA5EEB666C772157B3D55914ECEE4
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 32F98A4A549CBCD8344C0FC350E9834D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1387ACC571D33F7071F9BC7EE590DCB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.xivmodarchive.com/ HTTP 307
https://www.xivmodarchive.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

94
Requests

86 %
HTTPS

26 %
IPv6

38
Domains

55
Subdomains

47
IPs

2
Countries

1427 kB
Transfer

4108 kB
Size

51
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/vWR7qMbcn6
Title: XIV Mod Archive Discord Server

Search URL Search Domain Scan URL

URL: https://www.patreon.com/xivmodarchive
Title: Become a Patreon Subscriber

Search URL Search Domain Scan URL

URL: https://discordapp.com/oauth2/authorize?client_id=496178690145910785&scope=bot&permissions=68608
Title: this link

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xivmodarchive.com/ HTTP 307
https://www.xivmodarchive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1

Request Chain 81

https://idsync.rlcdn.com/711892.gif?partner_uid=4be4a4f3-7e70-4a06-b9f3-60fed6661411 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDRiZTRhNGYzLTdlNzAtNGEwNi1iOWYzLTYwZmVkNjY2MTQxMRAAGg0IoLm_tQYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&rand=00333047 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&rand=00333047&expected_cookie=03630541-d834-4b36-ace4-6488fefe9ee5

Request Chain 82

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1991787326642328486

Request Chain 83

https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=epupcAdLgi8ECln2DNIxZkuMRSpJXYJfpyDt-J7Zm2A&pi=sonobi&tc=1

Request Chain 84

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&gdpr=0&gdpr_consent=

Request Chain 85

https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4be4a4f3-7e70-4a06-b9f3-60fed6661411 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=4be4a4f3-7e70-4a06-b9f3-60fed6661411 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9e08767f-4d1f-4bc2-8832-3f5b5ed5087d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9520e7e3-2887-443b-a5e1-512be2860dc1&ttd_puid=9e08767f-4d1f-4bc2-8832-3f5b5ed5087d%2C%2C

Request Chain 87

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d5a00952-7a13-4cf2-9950-b4966434ea0b&google_hm=ZDVhMDA5NTItN2ExMy00Y2YyLTk5NTAtYjQ5NjY0MzRlYTBi&gdpr_consent=&gdpr=0

Request Chain 88

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=97d6fcd501&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=9520e7e3-2887-443b-a5e1-512be2860dc1&pubid=97d6fcd501

Request Chain 90

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=if&nuid=7f6966af-dca0-4600-9fd6-537bde76fad1

Request Chain 91

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=l4H4o9usXnRf-jhqjAfXQKL1zvU

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NGJlNGE0ZjMtN2U3MC00YTA2LWI5ZjMtNjBmZWQ2NjYxNDEx HTTP 302
https://sync.go.sonobi.com/usg.gif?google_error=15

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xivmodarchive.com/
Redirect Chain

http://www.xivmodarchive.com/
https://www.xivmodarchive.com/

93 KB
18 KB

426ms
217ms

Document
text/html

2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3ac4eb6701940754fe10cca5894cf6debb3ad51db954d223687b891e915b4552

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8ae11a5a1c37cb9b-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 19:55:04 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722801304&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=YhBwAXTlnlJ41Pd3Qqoa3seXr35LCRvxklUVGsj%2Ftok%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722801304&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=YhBwAXTlnlJ41Pd3Qqoa3seXr35LCRvxklUVGsj%2Ftok%3D
server: cloudflare
vary: Origin
via: 1.1 vegur
x-powered-by: Express

Redirect headers

Location: https://www.xivmodarchive.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 158 KB
21 KB 194ms
63ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xivmodarchive.com/
Origin: https://www.xivmodarchive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 04 Aug 2024 19:55:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1693912
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21146
x-served-by: cache-fra-eddf8230063-FRA, cache-lax-kwhp1940142-LAX
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
www.xivmodarchive.com/js/ 87 KB
32 KB 139ms
135ms Script
application/javascript 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/js/jquery.min.js
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:04 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 12007700
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710793604&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=39LhyjrtiFg%2B8GXp056akc2%2BjEEoh9DKzRIoQkPk0ug%3D
last-modified: Sat, 16 Mar 2024 21:53:33 GMT
server: cloudflare
etag: W/"15d9d-18e49417f48"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710793604&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=39LhyjrtiFg%2B8GXp056akc2%2BjEEoh9DKzRIoQkPk0ug%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8ae11a5bc87bcb9b-LAX

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 162ms
82ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xivmodarchive.com/
Origin: https://www.xivmodarchive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 960951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADRWRzijs2xLh4MQULnNugbGr3r2u1JitT9jkc8W8DEX8iJyXMlxXj%2BIe9opT1lqHb8DwuXNG%2Bd8G30MXSSsqryVREpeibPERKxAb%2FW7zkj%2FJGDQKYs9ozhf%2B3hDyo3Zl4Pu4PMH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ae11a5c4d08232b-SJC
expires: Fri, 25 Jul 2025 19:55:05 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 61 KB
16 KB 194ms
63ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xivmodarchive.com/
Origin: https://www.xivmodarchive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 04 Aug 2024 19:55:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3498949
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16588
x-served-by: cache-fra-eddf8230140-FRA, cache-lax-kwhp1940142-LAX
x-jsd-version-type: version
etag: W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.js Show response
www.xivmodarchive.com/js/ 6 KB
3 KB 75ms
72ms Script
application/javascript 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/js/common.js?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 26ad7573f0aecdf0e7f9602f2b5080c1fb933560bebca5a75cd82f2fe931ff85

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:04 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 603867
cf-polished: origSize=7830
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722197437&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=bmTSi2tX0xVWojEodKYhk2GN8EoCUmWVx3bhJwO6EqU%3D
cf-bgj: minify
last-modified: Sun, 28 Jul 2024 20:09:56 GMT
server: cloudflare
etag: W/"1e96-190faf6ca20"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722197437&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=bmTSi2tX0xVWojEodKYhk2GN8EoCUmWVx3bhJwO6EqU%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8ae11a5bc87ecb9b-LAX

GET
H3 200 ads-876.js Show response
s.nitropay.com/ 500 KB
160 KB 188ms
80ms Script
text/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-876.js

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8bc708674d0bc38b577bf3b465aba3d774a1adf6747bade226475b66dc35c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1721831508
age: 8159
x-guploader-uploadid: AHxI1nNcZVFZxeIxUDP2pBfw8WrvVjf5FsqlLKxmwZZmIShi5UESEtCffv-sVIFfDUQUL014Pfxchvl1QA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 04 Aug 2024 17:38:24 GMT
server: cloudflare
etag: W/"cffbca9d6ed7726f124eda02ec2e47df:1722793104000"
vary: Accept-Encoding
x-goog-generation: 1721832278246337
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=6TMdnQ==, md5=z/vKnW7Xcm8STtoC7C5H3w==
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 506832
cf-ray: 8ae11a5dbf28cb8d-LAX
expires: Mon, 04 Aug 2025 17:39:06 GMT

GET
H2 200 main.css
www.xivmodarchive.com/stylesheets/ 9 KB
3 KB 137ms
135ms Stylesheet
text/css 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/stylesheets/main.css?cachebreak=f89a76eb-8d06-417b-aeab-04876eccd7ec
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b5ffef28671c38dbad6c6df45af137fd7743104985b8f2661bb27969ab184403

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:04 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 603867
cf-polished: origSize=11255
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722197437&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=bmTSi2tX0xVWojEodKYhk2GN8EoCUmWVx3bhJwO6EqU%3D
cf-bgj: minify
last-modified: Sun, 28 Jul 2024 20:09:56 GMT
server: cloudflare
etag: W/"2bf7-190faf6ca20"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722197437&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=bmTSi2tX0xVWojEodKYhk2GN8EoCUmWVx3bhJwO6EqU%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8ae11a5bc877cb9b-LAX

GET
H2 200 glide.min.js Show response
www.xivmodarchive.com/js/ 27 KB
8 KB 136ms
134ms Script
application/javascript 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/js/glide.min.js?cachbreak=ver2023sept
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 84e61441effe1acd86cc5ccb8666919fe788165442d3f45544a8b29b36b889ec

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:04 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 12012384
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710788920&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=mJ9DcG7kiupeyoYW021nNV%2Flb3w7X4MalPEAU6%2FueDM%3D
last-modified: Sat, 16 Mar 2024 21:53:33 GMT
server: cloudflare
etag: W/"6d0a-18e49417f48"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710788920&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=mJ9DcG7kiupeyoYW021nNV%2Flb3w7X4MalPEAU6%2FueDM%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8ae11a5bc880cb9b-LAX

GET
H2 200 spinner.gif
www.xivmodarchive.com/ 62 KB
62 KB 74ms
73ms Image
image/gif 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xivmodarchive.com/spinner.gif
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:04 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 3832573
cf-polished: origSize=84548, status=vary_header_present
x-powered-by: Express
content-length: 63162
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1718968731&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xv3qnv9LZouXz4gMZsaRFO49mLNmVE%2BplpLG48MqfL0%3D
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Jun 2024 02:00:00 GMT
server: cloudflare
etag: W/"14a44-19029128d00"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718968731&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xv3qnv9LZouXz4gMZsaRFO49mLNmVE%2BplpLG48MqfL0%3D"}]}
content-type: image/gif
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ae11a5bc882cb9b-LAX

GET
H2 200 update.png
static.xivmodarchive.com/images/overlays/ 4 KB
5 KB 138ms
95ms Image
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/images/overlays/update.png

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

012dc45f80ee1675ee97684f68767c03233831e949530fd16090580d3630898e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000022307c3c-0065bad73c-41e2d025-nyc3a
age: 520652
cf-polished: origSize=6577, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-length: 4271
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Feb 2022 20:37:32 GMT
server: cloudflare
etag: "f3ddb23de405931587e97c5fbb002468"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: max-age=604800
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5c093ecb9b-LAX

GET
H2 200 new.png
static.xivmodarchive.com/images/overlays/ 3 KB
3 KB 70ms
67ms Image
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/images/overlays/new.png

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ce66c05e7a78e1364ea035e83ef617bc10490f39096ec6ebbb34cef11f8e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002a93e0f9-0065f1d7be-41db5baf-nyc3a
age: 236036
cf-polished: origSize=4705, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-length: 2805
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Feb 2022 20:37:32 GMT
server: cloudflare
etag: "b06c2a9c871eb23b7786f5f5b5c6c398"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: max-age=604800
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5c9adccb9b-LAX

GET
H2 200 blobpeek.png
www.xivmodarchive.com/ 5 KB
5 KB 70ms
69ms Image
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xivmodarchive.com/blobpeek.png
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 840776
cf-polished: origSize=9135, status=vary_header_present
x-powered-by: Express
content-length: 5008
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1721960529&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=UO7VctNJqJQv4thY%2Br1RLqS9O9CDjSN33SrupShVN2Y%3D
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Jul 2024 21:11:42 GMT
server: cloudflare
etag: W/"23af-190e695e6b0"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1721960529&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=UO7VctNJqJQv4thY%2Br1RLqS9O9CDjSN33SrupShVN2Y%3D"}]}
content-type: image/png
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ae11a5d5cfecb9b-LAX

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 84ms
84ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.xivmodarchive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1024962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4LNYK9vbHrahQd2bCOnFnDgecFruJ9Sw6fHAiKxjRYMvyu3Zdqu%2FvRsjM%2B6uPTJj9wc1nnmvQAblX8oPNwsrQ3BQQdkAQ7qLuSIuYnUQsVxhBYaktkSI8CFPWV0788ocXEZrP9Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ae11a5d7de7232b-SJC
expires: Fri, 25 Jul 2025 19:55:05 GMT

GET
H2 200 dc3924c9-1e8a-4fa1-b9a4-b9e4ffd9ac5b.jpg
static.xivmodarchive.com/mod-thumbnails/ 11 KB
11 KB 77ms
76ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/dc3924c9-1e8a-4fa1-b9a4-b9e4ffd9ac5b.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182a49bc9b2a5cabaa475ae91cf6d65082294bccf8ede5059d175e95d9d464e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000001168393c-00667b5bdf-46bec19c-nyc3a
age: 3440707
cf-polished: origSize=11139, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_109625_thumbnail.jpg"
content-length: 11017
cf-bgj: imgq:100,h2pri
last-modified: Wed, 26 Jun 2024 00:06:24 GMT
server: cloudflare
etag: "f182b4b7d00325efd24dd3cef61d7b9d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5dbe1acb9b-LAX

GET
H2 200 20992ba8-5ad2-4c03-86fa-18aac3012985.jpg
static.xivmodarchive.com/mod-thumbnails/ 12 KB
12 KB 72ms
71ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/20992ba8-5ad2-4c03-86fa-18aac3012985.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

412d4c83e9e7738a2191068f60ef6d665a9d2bbd27d2ee5a565d1b3135935985

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000000000000189718eb-0066afd9c2-46b60b27-nyc3a
age: 683
cf-polished: origSize=12874, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112195_thumbnail.jpg"
content-length: 12416
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Aug 2024 19:28:50 GMT
server: cloudflare
etag: "ae050cd404e830733c7110c045031fe2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5dbe1fcb9b-LAX

GET
H2 200 1b2f6895-df8c-45e5-ba33-1dc0cfd7abd0.jpg
static.xivmodarchive.com/mod-thumbnails/ 34 KB
35 KB 73ms
72ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/1b2f6895-df8c-45e5-ba33-1dc0cfd7abd0.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f4266848b0691fa76e57a2989f1706b14cebdb37f5047d59333bb25504c6653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000009f1dd9c-0066595c83-46bb7dd6-nyc3a
age: 946046
cf-polished: origSize=36976, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_92702_thumbnail.jpg"
content-length: 35171
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Nov 2023 07:55:38 GMT
server: cloudflare
etag: "374094fbf7c424a3760c9f2a8cfe8359"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5dbe21cb9b-LAX

GET
H2 200 709f948d-d37b-40db-a4d9-74b66cd93efa.jpg
static.xivmodarchive.com/mod-thumbnails/ 14 KB
15 KB 75ms
75ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/709f948d-d37b-40db-a4d9-74b66cd93efa.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2943648ed08cf933d573676e640c238e64529f666a057a3819de6f1ebcfffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000000000000094e8ab8-0066afcbac-47b19687-nyc3a
age: 4315
cf-polished: origSize=14670, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112192_thumbnail.jpg"
content-length: 14418
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Aug 2024 18:30:27 GMT
server: cloudflare
etag: "6e7086c159568142ed8fa1c056f508f4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5dbe23cb9b-LAX

GET
H2 200 e336671a-4d48-441b-901c-84c0fd5d9ccb.jpg
static.xivmodarchive.com/mod-thumbnails/ 22 KB
22 KB 70ms
70ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/e336671a-4d48-441b-901c-84c0fd5d9ccb.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89d469a551a8b26a4790bd10eee325f3c4ca397bcc34a02de70f4085f3d35809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5488
x-amz-request-id: tx00000000000000741bb57-0066afc702-47ccc5db-nyc3a
cf-polished: origSize=22934, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112191_thumbnail.jpg"
content-length: 22335
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Aug 2024 18:09:06 GMT
server: cloudflare
etag: "acd5ff3e32b26d085cc02f6e1d67ffa2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5dbe27cb9b-LAX

GET
H2 200 7140f327-1ba3-4186-b155-7de91065934a.jpg
static.xivmodarchive.com/mod-thumbnails/ 20 KB
21 KB 73ms
71ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/7140f327-1ba3-4186-b155-7de91065934a.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8fb914491433d3734c747982ba5a3e4f67a022836c678c61931381e0afd1481

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 76903
x-amz-request-id: tx00000000000001872e94d-0066aead52-46b60b27-nyc3a
cf-polished: origSize=21630, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112103_thumbnail.jpg"
content-length: 20935
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2024 21:53:44 GMT
server: cloudflare
etag: "50bf35046b6bc8f1095dd098a6cff8ff"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5deeb7cb9b-LAX

GET
H2 200 14b334c3-489b-4b36-80a6-418fc0a68b96.jpg
static.xivmodarchive.com/mod-thumbnails/ 10 KB
10 KB 71ms
71ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/14b334c3-489b-4b36-80a6-418fc0a68b96.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0554639f28c08368e9a49c1a1ea95753c7faf0c7be86e80e326a4919460f3bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 73320
x-amz-request-id: tx000000000000009494c87-0066aebe14-4795e319-nyc3a
cf-polished: origSize=10358, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112113_thumbnail.jpg"
content-length: 10181
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2024 23:27:54 GMT
server: cloudflare
etag: "80bbad6203b4f2dc19a6a7f0950605be"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5dfedecb9b-LAX

GET
H2 200 513e303d-16bf-4d7d-b58f-616943647978.jpg
static.xivmodarchive.com/mod-thumbnails/ 22 KB
23 KB 101ms
101ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/513e303d-16bf-4d7d-b58f-616943647978.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eed7101b03cca53541cd720e581550c18c362ce7c881b99ca1a70b032b5be5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000000670654b-0066ac9f2c-47ccc5db-nyc3a
age: 211823
cf-polished: origSize=23874, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_111935_thumbnail.jpg"
content-length: 22975
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Aug 2024 08:55:11 GMT
server: cloudflare
etag: "24d1b892a89380b13c5cefdf040401be"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5e1f52cb9b-LAX

GET
H2 200 864c6306-1ab4-4d3e-8395-2d71c41bbf4f.jpg
static.xivmodarchive.com/mod-thumbnails/ 27 KB
27 KB 70ms
69ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/864c6306-1ab4-4d3e-8395-2d71c41bbf4f.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba14aa2a8eaaa66297307a5dcf6d8a4fd9a255b913d4073f4792563ef308cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000000000000091289e5-0066aeadd9-47b19687-nyc3a
age: 76903
cf-polished: origSize=29129, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112099_thumbnail.jpg"
content-length: 27731
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2024 22:15:33 GMT
server: cloudflare
etag: "3b5c53a06b8e451c12ad15da6873a95a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5e3fa5cb9b-LAX

GET
H2 200 4ab11552-4e8a-4c19-9172-2f3bc14c2824.jpg
static.xivmodarchive.com/mod-thumbnails/ 19 KB
19 KB 72ms
71ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/4ab11552-4e8a-4c19-9172-2f3bc14c2824.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc66ec0d5d70df87975ef895a96b3302acf63668f87f28446961b3aa534a48f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 78659
x-amz-request-id: tx0000000000000187219a6-0066aea8f5-46b60b27-nyc3a
cf-polished: origSize=19727, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112086_thumbnail.jpg"
content-length: 19057
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2024 22:02:02 GMT
server: cloudflare
etag: "e40ae48d6d0d5d2e252f0fd5176822e5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5e3fa8cb9b-LAX

GET
H2 200 d08dedbc-bb12-4a7f-a998-23540c02aaa5.jpg
static.xivmodarchive.com/mod-thumbnails/ 15 KB
15 KB 72ms
71ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/d08dedbc-bb12-4a7f-a998-23540c02aaa5.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a287263169aaf595274fdcd94772c395a1d4cd51e599d21cb8dbe10d59a705fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000000000000094f8275-0066afd09d-47b19687-nyc3a
age: 3048
cf-polished: origSize=15732, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_71766_thumbnail.jpg"
content-length: 15282
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Mar 2023 22:45:52 GMT
server: cloudflare
etag: "58dab526f13688bd416226e7319f6d33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5e4faecb9b-LAX

GET
H2 200 f87537f9-ae52-426c-ac16-192ea43f0726.jpg
static.xivmodarchive.com/mod-thumbnails/ 38 KB
38 KB 68ms
67ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/f87537f9-ae52-426c-ac16-192ea43f0726.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada9adc2637ba9a5cd79b59c2cdc4e77c123cfa56bc8c3361529f167780f4a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 3048
x-amz-request-id: tx00000000000001ce15126-0066afd09d-46bec19c-nyc3a
cf-polished: origSize=41689, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_76527_thumbnail.jpg"
content-length: 38858
cf-bgj: imgq:100,h2pri
last-modified: Sun, 14 May 2023 14:46:44 GMT
server: cloudflare
etag: "aad5a58c026b29849933b52181b1647c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5e5ff4cb9b-LAX

GET
H2 200 164758d0-f762-4f51-8454-1f87e38143c8.jpg
static.xivmodarchive.com/mod-thumbnails/ 15 KB
15 KB 89ms
88ms Image
image/jpeg 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xivmodarchive.com/mod-thumbnails/164758d0-f762-4f51-8454-1f87e38143c8.jpg

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d790b8fce7d0d18a1e654b7839030285788f0f81f803402bb8dc6c8d05d09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000000743525f-0066afcd13-47ccc5db-nyc3a
age: 3723
cf-polished: origSize=16041, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-disposition: inline; filename="mod_112193_thumbnail.jpg"
content-length: 15466
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Aug 2024 18:36:42 GMT
server: cloudflare
etag: "9565382f493a3273a04e016843402767"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 0d3b304d-1deb-4123-a901-f0ca45e04f8d
cache-control: public,max-age=31536000,immutable
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae11a5e680bcb9b-LAX

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
153 KB 79ms
79ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.xivmodarchive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 247724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5f2Yx%2FccxLHPOZP5QCxZqiH3sSkBa65ad0HPYR8OzDzR5AWlTsL6n31LgJ3pBuE5meiwqxqc1tNSJBG%2FsHO757UqzGJxZytLoyV77e4RcDnvwHSq6cwoxX4oMVO%2FQdERp7T53s8l"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ae11a5e9ed7232b-SJC
expires: Fri, 25 Jul 2025 19:55:05 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
4 KB 486ms
126ms Fetch
text/html 2600:9000:247b:9a00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:9a00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-amz-version-id: SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date: Sun, 04 Aug 2024 10:19:02 GMT
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 34565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3527
last-modified: Tue, 19 Dec 2023 13:15:23 GMT
server: AmazonS3
etag: "6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: W1KBrV_RspCG6wtQPhZ4P0DV9S7P6MsCfG_TLVEH28U2-BnLDKEDTw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame F349 471 KB
155 KB 507ms
151ms Script
text/javascript 2600:9000:2511:7000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3a99ddd992fb5ed010d8e757fcc50ef01a8e55b639552864e8cf4c863e850c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:33:40 GMT
x-amz-version-id: DkYK63iGy_gdBYkWyIytcTK6ZGJBOidb
content-encoding: br
via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 1287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 04 Aug 2024 19:11:36 GMT
server: AmazonS3
etag: W/"3f3f70acb2fcad06b7bc7d413e5e75b3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: gvMoB74-HHxrpghcxhqUqmn_2EqukuzuMNBUQ1dvO0H8-3-jd-R64Q==

GET
H2 200 tag Show response
btloader.com/ 101 KB
29 KB 199ms
71ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a203280ff19394e6e5c3dc29b4a9f96ea92d69efdee844b35184353da551098e

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2024 19:09:15 GMT
server: cloudflare
age: 2673
etag: "5fe5426544ec215b5517f8b571d9710a"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8ae11a636d5231b5-LAX
content-length: 29352

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ 15 KB
6 KB 484ms
129ms Script
application/javascript 2600:9000:2511:7000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c4eb2f1959255f93f04c42f5b8150ee0455e4811110d6f0516defb5da07b428

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:33:41 GMT
x-amz-version-id: uACa8Sy6zKAd8hyVyGaMtzAhCw9rHSm5
content-encoding: br
last-modified: Sun, 21 Jul 2024 14:23:45 GMT
server: AmazonS3
via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"91c021a6d392953316a5daf10efc1e13"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 1286
x-amz-cf-id: Ls8xiwH4Eop-0iE7jzuT9Vmeg3M--TK2s1TCC8-FyOu6f1zszTVIcQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 437ms
191ms Script
text/javascript 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

cafe /

Resource Hash

e5721abe56ba64748325f33f51b459595bdb72c915db8163845915e29e8b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31884
x-xss-protection: 0
server: cafe
etag: 305 / 19939 / m202407300101 / config-hash: 7165670400735415214
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Aug 2024 19:55:06 GMT

GET
H3 200 gpp-bf4f755.min.js Show response
s.nitropay.com/ 261 KB
49 KB 81ms
80ms Script
application/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/gpp-bf4f755.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33361bf68bdc76d93661566ef309ec2a3fa2515cbde9de1f0799343474e1aa9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 364208
x-guploader-uploadid: AHxI1nP2sZfEv8vzOLNh__DBUWyJLmfETPhO9u7cZbtH62ijp3jWpfx0nhE_2_XIsdF9nbEHuSOi7CLc1A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 05:20:26 GMT
server: cloudflare
etag: W/"30c6e780bb669ffa970e2624c9933298"
vary: Accept-Encoding
x-goog-hash: crc32c=fF0HnQ==, md5=MMbngLtmn/qXDiYkyZMymA==
x-goog-generation: 1716873626804716
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800
x-goog-stored-content-length: 267561
access-control-expose-headers: Content-Type
cf-ray: 8ae11a62ac12cb8d-LAX
expires: Wed, 07 Aug 2024 14:44:58 GMT

GET
H2 204 876
tracker.nitropay.com/a/ 0
0 286ms
112ms Fetch 35.244.144.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/a/876?d=eyJocmVmIjoiaHR0cHM6Ly93d3cueGl2bW9kYXJjaGl2ZS5jb20vIiwidiI6MzMsImEiOmZhbHNlLCJzIjp0cnVlLCJjIjoiVVMiLCJyIjoiQ0EifQ%3D%3D
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
via: 1.1 google
server: nginx/1.27.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 450ms
121ms Preflight
text/plain 69.194.240.11
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.xivmodarchive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.xivmodarchive.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 04 Aug 2024 19:55:06 GMT

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 25 KB
11 KB 618ms
284ms Fetch
application/json 52.3.235.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.3.235.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-235-238.compute-1.amazonaws.com

Software

Resource Hash

379148be832d6a5f5a5570a05d0dc4880c1137e5b065e6e1d36d138e7ea0ffb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.xivmodarchive.com
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-encoding: gzip
x-openrtb-version: 2.5
access-control-allow-credentials: true
content-length: 11299
content-type: application/json; charset=utf-8

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 24 KB
12 KB 495ms
349ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 3b8b31f0f4eaddc51c34f1936e5aa1689f27ccda7efc4fe950a7612d84e530db

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:05 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
observe-browsing-topics: ?1
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 19:55:06 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
228 B 437ms
158ms Fetch 74.119.117.6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=37027989767&lsavail=1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 19:55:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.xivmodarchive.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 12 KB
6 KB 579ms
313ms Fetch
application/json 54.158.18.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.0&referrer=https%3A%2F%2Fwww.xivmodarchive.com%2F&tmax=1200&gdpr=false&us_privacy=1YNN

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.158.18.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-18-149.compute-1.amazonaws.com

Software

Resource Hash

885beb73c4c20064c65cad5d1c5c8f253830e8539b3b4c46760ecd1c66700a17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: zstd
accept-ch: sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
observe-browsing-topics: ?1
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 5483
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 415ms
134ms Fetch
application/json 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

61177d1a66eb747df8b86eaa5e52e7121885793b6c25815c3f55c0f3bc6b2aeb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:06 GMT
an-x-request-uuid: a83996e5-441d-4db3-b774-310d43de8fb0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.245; 162.245.206.245; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 22 KB
9 KB 401ms
252ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=853776
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51af0d91c245c526e018bf87c4f066b321a1cf58f4bd139ca44e467cf2d8bf24

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics: ?1
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvUM24FMimSyXpsBDuFEcRremE9S8Kx0vCC5vGlZzhi%2BA1%2FYwMfLH1IXpsvxFh4a8x9ULHeK%2B06zDlrSMZm0Y87TlTZQORipISr5%2B3A0XlGEbPZ1fhKGkoWcAmnluewZMjtDMIsF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8ae11a63d99b0cf3-LAX
expires: 0

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
239 B 389ms
134ms Fetch
application/json 69.194.240.11
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:08 GMT
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 2 KB
3 KB 586ms
184ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2217977904fc9d10a%22%3A%2273417d48500921b44e50%7C728x90%2C970x90%7Cgpid%3D%2F%23common-banner-ad-1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.xivmodarchive.com%2F&s=b74a3bf5-24dd-4a8a-b1c9-059d851cbb42&pv=e469904a-6f5c-4bec-a7ea-d5319b822851&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=999&iqid=%7B%22pcid%22%3A%222756d086-8bf2-4a23-a526-c0891570c1b1%22%2C%22pcidDate%22%3A1722801306039%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%2239e3ebd2-b6ba-422e-bd4d-7527cdd28095%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22xivmodarchive.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22xivmodarchive.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.xivmodarchive.com%2F%22%2C%22name%22%3A%22XIV%20Mod%20Archive%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22753%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225b7f3abd-ba7c-4167-9b7c-854dc411f219%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1YNN&coppa=0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

840b89ffca6824258b7ebcd755537a5b7c78801d69877a3be263a5b15246b7fc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:06 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 712
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 1.gif
s.nitropay.com/ 42 B
623 B 71ms
71ms Image
image/gif 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 364208
x-guploader-uploadid: AHxI1nNnXDJOlJoeWrR-xRaDTNu3nc-HezfUJETY98ipVgw35kumqrgjBIOoPUU-44CntiuU8xKJ7u8Xbg
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 42
x-goog-meta-
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
server: cloudflare
etag: "d89746888da2d9510b64a9f031eaecd5"
vary: Accept-Encoding
x-goog-generation: 1611305925409947
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 42
accept-ranges: bytes
cf-ray: 8ae11a630cf7cb8d-LAX
expires: Wed, 07 Aug 2024 14:44:58 GMT

GET
H3 200 additional-consent-providers.csv Show response
consent.nitrocnct.com/ 116 KB
36 KB 189ms
75ms XHR
text/plain 172.67.193.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-bf4f755.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 516250
x-guploader-uploadid: ABPtcPoz4RgdcEfA65B6lESx13IixyN8JUnoP0McS8XHP-gRk1aAX5BojTigX0WTgVy3nTczt-4
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
server: cloudflare
etag: W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary: Accept-Encoding
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation: 1689147090287559
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LiruWcbxpyDp8x%2Fd6HEfNVjFNccJq1Jcj0XlToolSeqrH9xlUDppWFU6V%2FqyQ7N8UNd4z4QE3Ts%2FZS1tyqySKlg79KBptzov1nVrgVo93kgrFPsLl4yKVCToedXJcZ2mhkS%2F3n3pAbE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 119221
cf-ray: 8ae11a641820cb91-LAX
expires: Mon, 05 Aug 2024 20:19:39 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
909 B 248ms
73ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1403727
x-guploader-uploadid: ABPtcPra9d8_1cAUA1puYgPaDlSF3jxVddoyAk-EtkXyHJkJZG-bxPqX7Ma8N1zwawfflvspzxc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnSBFMidUztdntOV3RnB7Dx9bL%2FPWhAZLSvk3I5T08hswzXIkB3fu7IyLdsFn0tn8efsCEppW3RhJo36KdkanersVWXFlv3isRbBc1AuGciCvtPdf2nmh3G0iomuJPMNwBKZm7qAuS8hXGZJ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8ae11a650ddf0fdd-LAX
expires: Fri, 19 Jul 2024 14:16:51 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 282ms
124ms Image
image/x-icon 173.194.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f148.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 14:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Aug 2024 14:34:21 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
335 B 251ms
78ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9433798028907714
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1403727
x-guploader-uploadid: ABPtcPra9d8_1cAUA1puYgPaDlSF3jxVddoyAk-EtkXyHJkJZG-bxPqX7Ma8N1zwawfflvspzxc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5onlO82WqYzZRtNfxBdUFlcpmzjDitJNryIITKZDH29Yyjt4867ahX5izUcdsH5gs6BhqKRCe0Tde5Ida8YuldwPw5JT84C73byE92ROSxMTDuYFikPcD1xMPCRPgYC%2F0Z5gDwufVgstLB15w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8ae11a650ddd0fdd-LAX
expires: Fri, 19 Jul 2024 14:16:51 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 8765 471 KB
0 9ms
9ms Script
text/javascript 2600:9000:2511:7000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3a99ddd992fb5ed010d8e757fcc50ef01a8e55b639552864e8cf4c863e850c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:33:40 GMT
x-amz-version-id: DkYK63iGy_gdBYkWyIytcTK6ZGJBOidb
content-encoding: br
via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 1287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 04 Aug 2024 19:11:36 GMT
server: AmazonS3
etag: W/"3f3f70acb2fcad06b7bc7d413e5e75b3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: gvMoB74-HHxrpghcxhqUqmn_2EqukuzuMNBUQ1dvO0H8-3-jd-R64Q==

GET
H2 200 country Show response
api.btloader.com/ 37 B
153 B 279ms
113ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=6278260873756672
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:06 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 276ms
112ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=XbQ43uD3m&w=6219774819303424&o=6278260873756672&cv=2.1.48&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.xivmodarchive.com%2F&sid=229udF4q&pm=false&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Aug 2024 19:55:06 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/ 473 KB
148 KB 125ms
124ms Script
text/javascript 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

cafe /

Resource Hash

612b2f37cd260cc286f109fed7a48e61d145a494834e3a34216006cea4e84794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66755
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151010
x-xss-protection: 0
server: cafe
etag: 12537848118680316156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 04 Aug 2025 01:22:31 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 24B1 0
0 363ms
122ms Document
text/html 172.217.222.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f156.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28869
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 19:35:41 GMT
expires: Sun, 04 Aug 2024 20:25:41 GMT
last-modified: Mon, 29 Jul 2024 19:44:55 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 498ms
243ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-a6cc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 19:55:07 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 41 KB
12 KB 444ms
140ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ab6a80f08f72f0a47856fdbfe7e52033241a90ca535d580fb0804f699cbab79

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 20:00:10 GMT
content-encoding: gzip
via: 1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 19:29:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 86098
x-amz-server-side-encryption: AES256
etag: W/"3abe05c75d17416205a8d140e793bf74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: FkJhRiVEBjrO8oo__1v1pElmoerwnBy9yTaZomARjm757nBF3dOKOw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 213ms
62ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:41:40 GMT
content-encoding: gzip
age: 922407
x-guploader-uploadid: AHxI1nPqX_ejdtcGk1hh7nc3w4t2vp5fFvzke_rv3y6jF06UkfBJNYdyPAZr9RDy-Hd4dZ0tQoUjNou0hg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 25 Jul 2025 03:41:40 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 218ms
70ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d77f315a9ede12ec08f5fb566b6374eabf0a48e3cedd3d0f7e35a456298ed7

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2024 21:41:55 GMT
server: cloudflare
age: 338090
etag: W/"66a17523-4429"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8ae11a698ae77d07-LAX
expires: Wed, 07 Aug 2024 19:55:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 111 KB
45 KB 497ms
497ms Fetch
text/plain 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3419626629395264&correlator=337187124108713&eid=31085738%2C31084181%2C95331446%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407300101&ptt=17&impl=fif&us_privacy=1YNN&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A22736401783%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1722801306945&lmt=1722801306&adxs=436&adys=72&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.xivmodarchive.com%2F&vis=1&psz=1600x90&msz=1600x90&fws=0&ohw=0&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYvPrW95EySABSAghkEhsKDDMzYWNyb3NzLmNvbRi8-tb3kTJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YvPrW95EySABSAghkEhQKBW9wZW54GLz61veRMkgAUgIIZA..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722801304885&idt=2009&prev_scp=ncpm%3D0.25%26refresh%3D30%26domain%3Dxivmodarchive.com%26hostname%3Dwww.xivmodarchive.com%26contax%3D680&adks=880986179&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

cafe /

Resource Hash

ea6be763c107f40c19e2b32d4b4c4c5d31692d78f5db7bfa56edd80070989029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46456
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D025 0
0 436ms
123ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 19:55:07 GMT
expires: Sun, 04 Aug 2024 19:55:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1

85 B
194 B

118ms
116ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1
Requested by: Host: www.xivmodarchive.com
URL: https://www.xivmodarchive.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b3c75b41011d040feaecedd69f89ea4473e0c75410c47493933c748640e0dd64

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Xunhv4hECG0z8CRZJvPyyySItEk"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xivmodarchive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 04 Aug 2024 19:55:07 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.xivmodarchive.com
location: /esp?url=https%3A%2F%2Fwww.xivmodarchive.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 258ms
258ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 19:55:07 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
620 B 416ms
129ms XHR
application/json 100.24.111.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.111.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-111-98.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 94591b65f7dec858d4c06df1fcd4454d440583d74c135f49d497b66bd5f74f8c

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: no-cache
x-server: 10.40.4.88
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 container.html
718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CC2 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 19:55:07 GMT
expires: Sun, 04 Aug 2024 19:55:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 876
tracker.nitropay.com/i/ 0
0 112ms
111ms Fetch 35.244.144.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/876?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImNvbW1vbi1iYW5uZXItYWQtMSIsImJpZGRlciI6ImFkeCIsImhlaWdodCI6OTAsIndpZHRoIjo3MjgsImNwbSI6MC4yNSwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL3d3dy54aXZtb2RhcmNoaXZlLmNvbS8iLCJ0aW1lVG9SZXNwb25kIjo2MDYsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMTkxMWVmNS1iOWExLTcwMDAtYjE3Mi00NGZlYWJlNWU1ZjkiLCJjIjoiVVMiLCJyIjoiQ0EiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcyMjgwMTMwNzUyMSwiZiI6ImpicXRsbyIsInYiOiIwN2FlMjBmIn0%3D
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
via: 1.1 google
server: nginx/1.27.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame AA0E 0
0 211ms
65ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 453
content-type: text/html
date: Sun, 04 Aug 2024 19:55:07 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 syncframe
gum.criteo.com/ Frame 5407 0
0 369ms
127ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.xivmodarchive.com

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 19:55:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 380962
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H3 204 876
tracker.nitropay.com/i/ 0
10 B 182ms
111ms Ping
text/plain 35.244.144.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/876?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImNvbW1vbi1iYW5uZXItYWQtMSIsImJpZGRlciI6ImFkeCIsImhlaWdodCI6OTAsIndpZHRoIjo3MjgsImNwbSI6MC4yNSwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL3d3dy54aXZtb2RhcmNoaXZlLmNvbS8iLCJ0aW1lVG9SZXNwb25kIjo2MDYsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMTkxMWVmNS1iOWExLTcwMDAtYjE3Mi00NGZlYWJlNWU1ZjkiLCJjIjoiVVMiLCJyIjoiQ0EiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcyMjgwMTMwNzUyMSwiZiI6ImpicXRsbyIsInYiOiIwN2FlMjBmIn0%3D&v=true&t=1001
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:08 GMT
via: 1.1 google
server: nginx/1.27.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
0 0ms
0ms XHR
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: nginx /
Resource Hash: 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:07 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 19:55:07 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
218 B 587ms
168ms XHR
text/plain 2600:9000:23cb:c200:10:43f:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:c200:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Aug 2024 19:55:09 GMT
via: 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
content-length: 0
x-amz-cf-id: j0QBIDLWgXWRhlZ3dxbyHZLM7IGsmE9px95CUtq4PKsoWScUl3WZNw==
x-cache: Miss from cloudfront

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 432ms
183ms XHR
application/json 173.194.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f157.1e100.net

Software

cafe /

Resource Hash

4b1471652aafb30a1ec70035a827c6867d6794f038f4a622214c0e6ebdb77865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12811
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame AE2D 0
0 143ms
142ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.xivmodarchive.com&us_privacy=1YNN

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 19:55:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 11425418
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 favicon.png
www.xivmodarchive.com/ 510 B
1 KB 71ms
71ms Other
image/png 2606:4700:10::ac43:b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xivmodarchive.com/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:09 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 12019174
cf-polished: origSize=2271, status=vary_header_present
x-powered-by: Express
content-length: 510
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710782135&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=cQpu34iXZ31RcF%2FHcSKEGNtUmUkEd%2BiDwdZx6HW5Wto%3D
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 21:53:33 GMT
server: cloudflare
etag: W/"8df-18e49417f48"
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710782135&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=cQpu34iXZ31RcF%2FHcSKEGNtUmUkEd%2BiDwdZx6HW5Wto%3D"}]}
content-type: image/png
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ae11a7a8f73cb9b-LAX

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
678 B 258ms
85ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: cae2b11ed15683f2dbe397272f4736766aa3f5696c984ef5f5bbec6cbc7b8eb1

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 19:55:10 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.xivmodarchive.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 03 Sep 2024 19:55:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 369ms
125ms Script
text/javascript 2607:f8b0:400d:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 19:55:10 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95DB 0
0 125ms
122ms Document
text/html 142.251.174.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 378025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jul 2024 10:54:45 GMT
expires: Thu, 31 Jul 2025 10:54:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame C98A 0
0 381ms
133ms Document
text/html 142.251.174.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f103.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rDQuaxfIK0KoDoHeeBRLJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rDQuaxfIK0KoDoHeeBRLJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 19:55:10 GMT
expires: Sun, 04 Aug 2024 19:55:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame 3708 0
0 213ms
73ms Document
text/html 104.18.38.76

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 68
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8ae11a88698c08c7-LAX
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 19:55:12 GMT
expires: Sun, 04 Aug 2024 23:55:12 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 checksync.php
contextual.media.net/ Frame 3D4B 0
0 592ms
293ms Document
text/html 23.55.204.22

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C590%2C2073%2C273%2C2106%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C3038%2C2025%2C2069%2C237%2C556%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C2113%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C450%2C2009%2C255%2C3018%2C3017%2C2125%2C214%2C2124%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C3073%2C461%2C222%2C542%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=1&usp_consent=1&uspstring=1YNN

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.22 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 12975
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 19:55:12 GMT
expires: Sun, 04 Aug 2024 19:55:12 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync
eb2.3lift.com/ Frame 32F9 0
0 354ms
125ms Document
text/html 52.223.22.214

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1072
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 19:55:12 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 1387 0
0 537ms
139ms Document
text/html 184.28.25.15

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-876.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.25.15 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.xivmodarchive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Aug 2024 19:55:12 GMT
ETag: "623de86a-cf34"
Expires: Mon, 05 Aug 2024 19:55:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/711892.gif?partner_uid=4be4a4f3-7e70-4a06-b9f3-60fed6661411
https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDRiZTRhNGYzLTdlNzAtNGEwNi1iOWYzLTYwZmVkNjY2MTQxMRAAGg0IoLm_tQYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&rand=00333047
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&rand=00333047&expected_cookie=03630541-d834-4b36-ace4-6488fefe9ee5

0
360 B

125ms
125ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&rand=00333047&expected_cookie=03630541-d834-4b36-ace4-6488fefe9ee5
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:12 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 365327C014C74E4083D10A54D83B517B Ref B: LAX311000112017 Ref C: 2024-08-04T19:55:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYe4PBF++rBFn43WXSxlQ==

Redirect headers

date: Sun, 04 Aug 2024 19:55:12 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 825279017C354E4F8B9F39A5102DE083 Ref B: LAX311000112017 Ref C: 2024-08-04T19:55:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=ecf2f2ae8323cea730cb0e96bb4dee47929e5031437cb435e6cf84ee4bdaf2b5791426b5417dce21&rand=00333047&expected_cookie=03630541-d834-4b36-ace4-6488fefe9ee5
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYe4PBDy5Iz+v9zk0KJfw==

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1991787326642328486

49 B
828 B

188ms
117ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1991787326642328486

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1991787326642328486
Date: Sun, 04 Aug 2024 19:55:12 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=sonobi
https://creativecdn.com/cm-notify?pi=sonobi&tc=1
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=epupcAdLgi8ECln2DNIxZkuMRSpJXYJfpyDt-J7Zm2A&pi=sonobi&tc=1

49 B
776 B

117ms
117ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rh&nuid=epupcAdLgi8ECln2DNIxZkuMRSpJXYJfpyDt-J7Zm2A&pi=sonobi&tc=1

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=rh&nuid=epupcAdLgi8ECln2DNIxZkuMRSpJXYJfpyDt-J7Zm2A&pi=sonobi&tc=1
pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT, Sun, 04 Aug 2024 19:55:12 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&gdpr=0&gdpr_consent=

49 B
783 B

120ms
120ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bs&nuid=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&gdpr=0&gdpr_consent=

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 04 Aug 2024 19:55:12 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.go.sonobi.com/us.gif?nw=bs&nuid=6072dbb3-e889-4774-b727-ebc4965aa9e7-66afdca0-5553&gdpr=0&gdpr_consent=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4be4a4f3-7e70-4a06-b9f3-60fed6661411
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=4be4a4f3-7e70-4a06-b9f3-60fed6661411
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9e08767f-4d1f-4bc2-8832-3f5b5ed5087d%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9520e7e3-2887-443b-a5e1-512be2860dc1&ttd_puid=9e08767f-4d1f-4bc2-8832-3f5b5ed5087d%2C%2C

95 B
124 B

92ms
92ms

Image
image/png

34.111.113.62

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9520e7e3-2887-443b-a5e1-512be2860dc1&ttd_puid=9e08767f-4d1f-4bc2-8832-3f5b5ed5087d%2C%2C

Protocol

Server

34.111.113.62 -, , ASN (),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:12 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9520e7e3-2887-443b-a5e1-512be2860dc1&ttd_puid=9e08767f-4d1f-4bc2-8832-3f5b5ed5087d%2C%2C
date: Sun, 04 Aug 2024 19:55:12 GMT
server: Kestrel
content-length: 359

GET 7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d5a00952-7a13-4cf2-9950-b4966434ea0b&google_hm=ZDVhMDA5NTItN2ExMy00Y2YyLTk5NTAtYjQ5NjY0MzRlYTBi&...

170 B
243 B

127ms
126ms

Image
image/png

173.194.207.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d5a00952-7a13-4cf2-9950-b4966434ea0b&google_hm=ZDVhMDA5NTItN2ExMy00Y2YyLTk5NTAtYjQ5NjY0MzRlYTBi&gdpr_consent=&gdpr=0

Protocol

Server

173.194.207.155 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d5a00952-7a13-4cf2-9950-b4966434ea0b&google_hm=ZDVhMDA5NTItN2ExMy00Y2YyLTk5NTAtYjQ5NjY0MzRlYTBi&gdpr_consent=&gdpr=0
Date: Sun, 04 Aug 2024 19:55:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=97d6fcd501&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=9520e7e3-2887-443b-a5e1-512be2860dc1&pubid=97d6fcd501

49 B
845 B

365ms
119ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=9520e7e3-2887-443b-a5e1-512be2860dc1&pubid=97d6fcd501

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=9520e7e3-2887-443b-a5e1-512be2860dc1&pubid=97d6fcd501
date: Sun, 04 Aug 2024 19:55:11 GMT
server: Kestrel
content-length: 227

GET
H3 200 pixel
capi.connatix.com/us/ 82 B
82 B 226ms
114ms Image
image/gif 104.18.7.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=4be4a4f3-7e70-4a06-b9f3-60fed6661411&pId=43&gdpr_consent=&callback=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.7.198 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:55:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8ae11a884bdadb66-LAX
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 95
alt-svc: h3=":443"; ma=86400

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=if&nuid=7f6966af-dca0-4600-9fd6-537bde76fad1

49 B
845 B

119ms
119ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=if&nuid=7f6966af-dca0-4600-9fd6-537bde76fad1

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 04 Aug 2024 19:55:12 GMT
Strict-Transport-Security: 31536000
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: all
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin
Server: MT3 1637 26565ec master iad iad-pixel-x2 config_version:"668"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.go.sonobi.com/us.gif?nw=if&nuid=7f6966af-dca0-4600-9fd6-537bde76fad1
Cache-Control: no-cache,no-store,must-revalidate
Keep-Alive: timeout=360

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=l4H4o9usXnRf-jhqjAfXQKL1zvU

49 B
760 B

126ms
125ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=l4H4o9usXnRf-jhqjAfXQKL1zvU

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=l4H4o9usXnRf-jhqjAfXQKL1zvU
Date: Sun, 04 Aug 2024 19:55:12 GMT
Connection: keep-alive
Content-Length: 99
Content-Type: text/html; charset=utf-8

GET
H2

200

usg.gif
sync.go.sonobi.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NGJlNGE0ZjMtN2U3MC00YTA2LWI5ZjMtNjBmZWQ2NjYxNDEx
https://sync.go.sonobi.com/usg.gif?google_error=15

49 B
368 B

120ms
119ms

Image
image/gif

2607:f350:3:2569:0:10:0:d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_error=15

Protocol

Server

2607:f350:3:2569:0:10:0:d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xivmodarchive.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-158
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:55:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.go.sonobi.com/usg.gif?google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407300101&jk=3419626629395264&bg=!8fKl8r3NAAZjy5caQ8s7ADQBe5WfOF76Jdd71tbBuIoilKc376Poe0Ap3zX4k2QWeS7a4AgSfPwoEqJP-2ee-zzPAdv1AgAAAI1SAAAABmgBB34ANhxE0v0JLXteK7mkHxdMndIyj-Gu6UHk9IX3ck8YAqQq6CPf-cXxkeQ8f_iEWxI4e47RAM2cDJkCvS6KyadMhw8Oydchrv4t_7OCpNJf6XhgMG4QH5ZmLcN7BhsDcxy95yCW2SJNv84F-OQp4IOLp3ZN1DvVhfaVu1Ki6s0cDwpKZu5aYXC1bRf5wVUCSBz9HOzeehGG0Pzr0gM_DOyAQ1aGQGh-SliDuYdl2vPnIj4te3rWrknWoOikhpQCEGtOOUl26MTxgA21rKjUee-AG7gwWOLAh3IGAkBmJtrf3hRhzQpnORUcg5DXVmKcIkPfLAnYyH8vzxXEltP19WJFmA77qF04kJRNZWT53H273nyds8P6KE5WVdRN5-1SP05MWuGvEypap9KOLKBZJ7aOiWnvJ428WZJSIX6qIY83TgQcg_pZASfbypeDGaRkHnXpNiCw3q6XkwhkqBE8iMpwMFZB-p5ozShmZYg5GNwoAcJ_OPkaENEsQscNJa7hN0FA3-MO54zTfVUgIJE_pNBiryPboCLi1g2HXwG5SiO-c_e8lSwTAlqGV_-DGepkk9SLizhiLC0M_Q8_dGYMa2SEsDXaojdSVofFgXlYmdINYlaNlfF3XSyWGZGmjzDIGhnkONwxlCa4FtZCqxIYWFtRoLFxWTOd0h3hNoizMDcDAfbnKlAaCJ28jd7YcJgXkQfOkP8WaWevIzI24KBOpUCBDMECp60srpfxhUraYJVY-D9QNxzKMTVCXdn7qujizhf4SY2Besq9WljXhJH8-s0nRy-QYEshN8RfGiHXQsgk6pb4DjZQ0PJ54jMnQ3yHAISWtwIJuj80qpvgRVaiKPBtStW3iyCQprsAaJ2gp9Z1OazG7gfdQ4Y1HrZI2b0xLazG3kL_SOHgPxGuwxEvEKaAgbyVLNZ0yAIyDU4lXC7069s0sbFbH_fjvVznSsvgHS1U_xut3cCLgTHv4xCE_JTa0JkVqYOZlHZhN3ECGDjS9LeQ0PggWwIF

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xivmodarchive.com/	1970-01-21 07:18:57	Name: connect.sid Value: s%3A9_pOBMfV_5P-2SRl15iZdfaPf7HVM3K-.5OAMFkbMGcGWHP1y8cVxuTGulOmEPsQf%2FeD7yFgQdcA
.nitropay.com/	1970-01-20 22:33:23	Name: __cf_bm Value: Vy_L3SoqStRSbEsNevkaf64ZgqTauU2HZfx2rXzybyU-1722801305-1.0.1.1-JJ65.3RXHXYoO5GvBS12gpvqnpvaP6qfQDpovS8J5F3TWHFGCwd3QG6SmTJeRj0HvK2S6SJIzN76Yp1e3ymqkQ
.xivmodarchive.com/	1970-01-21 07:18:57	Name: ncmp.domain Value: xivmodarchive.com
.casalemedia.com/	1970-01-21 07:18:57	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:42:57	Name: XANDR_PANID Value: VB5W2KBjXadDfHa5Q1HRMba5wXOC0bst2rI0Ifd46Fsi-uKAZmcQ0_eWxfunESsWwxQozBQQl3ExFb-Wdilaz9Xq2xH9IV2WVkkk_LQkA6E.
.adnxs.com/	1970-01-21 00:42:57	Name: icu Value: ChgI5YA9EAoYASABKAEwmrm_tQY4AUABSAEQmrm_tQYYAA..
.adnxs.com/	1970-01-21 08:09:21	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:42:57	Name: uuid2 Value: 7444753673873045285
prebid.media.net/	1970-01-21 02:52:33	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-21 00:42:57	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-21 00:42:57	Name: tluid Value: 1435851337285982852107
.go.sonobi.com/	1970-01-21 07:18:57	Name: __uis Value: 4be4a4f3-7e70-4a06-b9f3-60fed6661411
.go.sonobi.com/	1970-01-20 22:34:47	Name: _usd_xivmodarchive.com Value: e469904a-6f5c-4bec-a7ea-d5319b822851
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-20 22:33:21	Name: __uih Value: 1
.go.sonobi.com/	1970-01-20 23:20:09	Name: __uin_lr Value: 1
.go.sonobi.com/	1970-01-20 22:52:04	Name: __uir_lr Value: 50266505
.go.sonobi.com/	1970-01-20 23:20:09	Name: __uin_cx Value: 1
.go.sonobi.com/	1970-01-20 22:52:04	Name: __uir_cx Value: 50266505
.go.sonobi.com/	1970-01-20 22:34:47	Name: __uin_z1 Value: 1
.go.sonobi.com/	1970-01-20 22:33:55	Name: __uir_z1 Value: 50266505
.go.sonobi.com/	1970-01-20 22:33:24	Name: __uin_tp Value: 1
.go.sonobi.com/	1970-01-20 22:33:22	Name: __uir_tp Value: 50266505
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86158\|Zq/cn
.sharethrough.com/	1970-01-20 23:16:33	Name: stx_user_id Value: 9426e9ca-14fd-45e2-a0db-bba832e34e00
.openx.net/	1970-01-21 07:18:57	Name: i Value: bd2c3c30-9b4e-4976-82fc-2d869bdc530c\|1722801307
.xivmodarchive.com/	1970-01-21 07:54:57	Name: __gads Value: ID=1ca751b04f49f431:T=1722801307:RT=1722801307:S=ALNI_MZD2Qe2LSemXefz1YxlhNS-duM7Eg
.xivmodarchive.com/	1970-01-21 07:54:57	Name: __gpi Value: UID=00000ec6dad69551:T=1722801307:RT=1722801307:S=ALNI_MYC5qE0bltNnyxVR5RQYXn4f3RdFQ
.xivmodarchive.com/	1970-01-21 02:52:33	Name: __eoi Value: ID=d44694b34e026e33:T=1722801307:RT=1722801307:S=AA-AfjbcvvDOHtthcaf4XqlOynvz
.openx.net/	1970-01-20 22:54:57	Name: pd Value: v2\|1722801307\|vMgavPkWgy
.crwdcntrl.net/	1970-01-21 05:02:06	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:02:06	Name: _cc_id Value: 6bdc7c134f38380d821e33e5b7d673de
.xivmodarchive.com/	1970-01-20 22:33:21	Name: lotame_domain_check Value: xivmodarchive.com
.xivmodarchive.com/	1970-01-21 05:02:09	Name: _cc_id Value: 6bdc7c134f38380d821e33e5b7d673de
.xivmodarchive.com/	1970-01-20 22:34:47	Name: panoramaId_expiry Value: 1722887707746
.adsrvr.org/	1970-01-21 07:18:57	Name: TDID Value: 9520e7e3-2887-443b-a5e1-512be2860dc1
.yahoo.com/	1970-01-21 07:19:18	Name: A3 Value: d=AQABBJzcr2YCENdiTdxE5Z4K03ow0VwuZjMFEgEBAQEusWa5ZgAAAAAA_eMAAA&S=AQAAAh2nDbV3FLpNai3UB0as2Ek
.adsrvr.org/	1970-01-21 07:18:57	Name: TDCPM Value: CAEYBSABKAIyCwjEvbaqwrKaPRAFOAE.
.amazon-adsystem.com/	1970-01-21 04:18:57	Name: ad-id Value: A6HVvhr5C0NJkTRG3VcAvcc
.amazon-adsystem.com/	1970-01-21 08:09:21	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-21 08:09:21	Name: IDE Value: AHWqTUktN6v6ZrgimkctaYTBcIB7ZINmj4Rn6vhZqp1_2OzI-6WaF06bjatd3OzK
.criteo.com/	1970-01-21 07:54:57	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 07:54:57	Name: uid Value: 4cc20acf-3ccc-455f-add1-98995b163c46
.casalemedia.com/	1970-01-21 00:42:57	Name: CMPS Value: 2002
.casalemedia.com/	1970-01-21 07:18:57	Name: CMID Value: Zq-cnNHM4dAAAA4dAWe9NQAA
.casalemedia.com/	1970-01-21 00:42:57	Name: CMPRO Value: 2526
.doubleclick.net/	1970-01-20 23:16:33	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:52:33	Name: receive-cookie-deprecation Value: 1
.xivmodarchive.com/	1970-01-21 07:54:57	Name: cto_bundle Value: qE_gVF93Tkh4V3FHdkdDY1FjRmdRWFpUOVRUM0hrbTlPMmVzUGpsS0tpZUFyTXBIRHhvUnR0VmNSJTJCRHNGWnRUQyUyQmhJOXd4R1dMQWtOd1JqbSUyQklPZkJwYmwyVXlNNktjdGIwYmFWemZhUnE1MGk5UDlZSk0zdW1VV2Z0RThsSmthQlRicyUyRkZ6SUJUQVRmVGUlMkZkbnhPUnUxTGtBazcwc2w4RGR1cGhUdDAxWFhOa2Y4JTNE
www.xivmodarchive.com/	1970-01-20 23:59:45	Name: na-unifiedid Value: %7B%22TDID%22%3A%229520e7e3-2887-443b-a5e1-512be2860dc1%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222024-07-04T19%3A55%3A10%22%7D
www.xivmodarchive.com/	1970-01-20 23:59:45	Name: na-unifiedid_cst Value: tSxsLCAsJQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

718a0d5a9d5f5b24b5c23d2b9bc836aa.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
apex.go.sonobi.com
api.btloader.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
capi.connatix.com
cdn-ima.33across.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
consent.nitrocnct.com
contextual.media.net
creativecdn.com
eb2.3lift.com
google-bidout-d.openx.net
gum.criteo.com
gw.geoedge.be
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
js-sec.indexww.com
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.tapad.com
prebid.media.net
px.ads.linkedin.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.nitropay.com
securepubads.g.doubleclick.net
static.criteo.net
static.xivmodarchive.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
tracker.nitropay.com
wrappers.geoedge.be
www.google.com
www.xivmodarchive.com
x.bidswitch.net
pagead2.googlesyndication.com
s.amazon-adsystem.com
100.24.111.98
104.17.25.14
104.18.3.78
104.18.38.76
104.18.7.198
107.178.254.65
108.138.128.28
130.211.23.194
142.251.174.103
142.251.174.132
172.217.222.154
172.217.222.156
172.64.151.101
172.64.152.89
172.67.193.156
173.194.175.157
173.194.207.148
173.194.207.155
184.28.25.15
185.184.8.90
198.8.71.131
23.55.204.22
2600:9000:23cb:c200:10:43f:4340:93a1
2600:9000:247b:9a00:2:d490:4d80:93a1
2600:9000:2511:7000:4:b37b:9440:93a1
2606:4700:10::6816:4bd8
2606:4700:10::ac43:b9a
2606:4700:20::ac43:4513
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:d
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c1d::84
2620:100:a00b::12
2620:100:a00b::4
2620:1ec:21::14
2a04:4e42::485
34.102.146.192
34.111.113.62
34.120.135.53
34.120.63.153
34.36.216.150
34.98.64.218
35.211.178.172
35.244.144.25
35.244.154.8
35.71.131.137
52.223.22.214
52.3.235.238
54.158.18.149
54.174.229.107
68.67.179.153
69.194.240.11
74.119.117.6
74.121.140.211
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
012dc45f80ee1675ee97684f68767c03233831e949530fd16090580d3630898e
0554639f28c08368e9a49c1a1ea95753c7faf0c7be86e80e326a4919460f3bd5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
182a49bc9b2a5cabaa475ae91cf6d65082294bccf8ede5059d175e95d9d464e8
1c4eb2f1959255f93f04c42f5b8150ee0455e4811110d6f0516defb5da07b428
24ce66c05e7a78e1364ea035e83ef617bc10490f39096ec6ebbb34cef11f8e36
26ad7573f0aecdf0e7f9602f2b5080c1fb933560bebca5a75cd82f2fe931ff85
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2ab6a80f08f72f0a47856fdbfe7e52033241a90ca535d580fb0804f699cbab79
2c8bc708674d0bc38b577bf3b465aba3d774a1adf6747bade226475b66dc35c1
2e2943648ed08cf933d573676e640c238e64529f666a057a3819de6f1ebcfffc
33361bf68bdc76d93661566ef309ec2a3fa2515cbde9de1f0799343474e1aa9a
379148be832d6a5f5a5570a05d0dc4880c1137e5b065e6e1d36d138e7ea0ffb7
3ac4eb6701940754fe10cca5894cf6debb3ad51db954d223687b891e915b4552
3b8b31f0f4eaddc51c34f1936e5aa1689f27ccda7efc4fe950a7612d84e530db
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4266848b0691fa76e57a2989f1706b14cebdb37f5047d59333bb25504c6653
412d4c83e9e7738a2191068f60ef6d665a9d2bbd27d2ee5a565d1b3135935985
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
4b1471652aafb30a1ec70035a827c6867d6794f038f4a622214c0e6ebdb77865
50d790b8fce7d0d18a1e654b7839030285788f0f81f803402bb8dc6c8d05d09e
51af0d91c245c526e018bf87c4f066b321a1cf58f4bd139ca44e467cf2d8bf24
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
61177d1a66eb747df8b86eaa5e52e7121885793b6c25815c3f55c0f3bc6b2aeb
612b2f37cd260cc286f109fed7a48e61d145a494834e3a34216006cea4e84794
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
7ba14aa2a8eaaa66297307a5dcf6d8a4fd9a255b913d4073f4792563ef308cd0
840b89ffca6824258b7ebcd755537a5b7c78801d69877a3be263a5b15246b7fc
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e61441effe1acd86cc5ccb8666919fe788165442d3f45544a8b29b36b889ec
885beb73c4c20064c65cad5d1c5c8f253830e8539b3b4c46760ecd1c66700a17
89d469a551a8b26a4790bd10eee325f3c4ca397bcc34a02de70f4085f3d35809
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
94591b65f7dec858d4c06df1fcd4454d440583d74c135f49d497b66bd5f74f8c
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a203280ff19394e6e5c3dc29b4a9f96ea92d69efdee844b35184353da551098e
a287263169aaf595274fdcd94772c395a1d4cd51e599d21cb8dbe10d59a705fe
a85fc0a877ead70ff2c66858d9dcf10e68856564b17444c224060617cc4f4b6b
ada9adc2637ba9a5cd79b59c2cdc4e77c123cfa56bc8c3361529f167780f4a2f
b3a99ddd992fb5ed010d8e757fcc50ef01a8e55b639552864e8cf4c863e850c0
b3c75b41011d040feaecedd69f89ea4473e0c75410c47493933c748640e0dd64
b5ffef28671c38dbad6c6df45af137fd7743104985b8f2661bb27969ab184403
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
cae2b11ed15683f2dbe397272f4736766aa3f5696c984ef5f5bbec6cbc7b8eb1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8fb914491433d3734c747982ba5a3e4f67a022836c678c61931381e0afd1481
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc66ec0d5d70df87975ef895a96b3302acf63668f87f28446961b3aa534a48f1
dc9f6b2d083dad0eb289a277f6378c53cbe5e49f00e022ea68cef25945ac21b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5721abe56ba64748325f33f51b459595bdb72c915db8163845915e29e8b60dd
e7d77f315a9ede12ec08f5fb566b6374eabf0a48e3cedd3d0f7e35a456298ed7
ea6be763c107f40c19e2b32d4b4c4c5d31692d78f5db7bfa56edd80070989029
eed7101b03cca53541cd720e581550c18c362ce7c881b99ca1a70b032b5be5a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3302a9867af425bc90f1f5b1046f107326d7be3cb4db0897b1a75598a7f63cc
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.xivmodarchive.com Open in urlscan Pro 2606:4700:10::ac43:b9a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

86 %HTTPS

26 %IPv6

38 Domains

55 Subdomains

47 IPs

2 Countries

1427 kBTransfer

4108 kBSize

51 Cookies

3 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xivmodarchive.com Open in urlscan Pro
2606:4700:10::ac43:b9a Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

86 %
HTTPS

26 %
IPv6

38
Domains

55
Subdomains

47
IPs

2
Countries

1427 kB
Transfer

4108 kB
Size

51
Cookies

94 HTTP transactions
0 data transactions