freetrial.finalfantasyxiv.com Open in urlscan Pro
2a02:e980:f3::86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9
Effective URL:
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ...
Submission: On March 19 via api (March 19th 2021, 8:41:05 am UTC) from DE

Summary HTTP 56 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 2a02:e980:f3::86, located in United States and belongs to INCAPSULA, US. The main domain is freetrial.finalfantasyxiv.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on December 6th 2019. Valid for: 2 years.

This is the only time freetrial.finalfantasyxiv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.251.44 212.32.251.44	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	217.79.188.2 217.79.188.2	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
25	2a02:e980:f3::86 2a02:e980:f3::86	19551 (INCAPSULA) (INCAPSULA)
12	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.109.56.146 104.109.56.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	52.72.27.138 52.72.27.138	14618 (AMAZON-AES) (AMAZON-AES)
56	12

2 212.32.251.44 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

stvkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.2 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:e980:f3::86 (United States)

ASN19551 (INCAPSULA, US)

freetrial.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.56.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-56-146.deploy.static.akamaitechnologies.com

img.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.27.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-27-138.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	finalfantasyxiv.com freetrial.finalfantasyxiv.com img.finalfantasyxiv.com	957 KB
12	googletagmanager.com www.googletagmanager.com	441 KB
7	onetrust.com cdn-ukwest.onetrust.com geolocation.onetrust.com	111 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	116 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	fontawesome.com use.fontawesome.com	83 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	stvkr.com 1 redirects stvkr.com	2 KB
1	adition.com 1 redirects ad1.adfarm1.adition.com	766 B
56	9

	Domain	Requested by
25	freetrial.finalfantasyxiv.com	stvkr.com freetrial.finalfantasyxiv.com
12	www.googletagmanager.com	freetrial.finalfantasyxiv.com www.googletagmanager.com
6	cdn-ukwest.onetrust.com	stvkr.com cdn-ukwest.onetrust.com
2	errors.client.optimizely.com	cdn.optimizely.com
2	fonts.gstatic.com	fonts.googleapis.com
2	use.fontawesome.com	freetrial.finalfantasyxiv.com use.fontawesome.com
2	img.finalfantasyxiv.com	freetrial.finalfantasyxiv.com
2	stvkr.com	1 redirects
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	fonts.googleapis.com	freetrial.finalfantasyxiv.com
1	ajax.googleapis.com	freetrial.finalfantasyxiv.com
1	cdn.optimizely.com	freetrial.finalfantasyxiv.com
1	ad1.adfarm1.adition.com	1 redirects
56	13

This site contains links to these domains. Also see Links.

Domain
secure.square-enix.com
usk.de
www.square-enix.com
us.playstation.com
www.square-enix-games.com
square-enix-games.com
onetrust.com

Subject Issuer	Validity	Valid
stvkr.com R3	`2021-02-27` - `2021-05-28`	3 months	crt.sh
dragonquest.com Trusted Secure Certificate Authority 5	`2019-12-06` - `2021-08-28`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.finalfantasyxiv.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-04` - `2021-11-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
Frame ID: 0A858BA66549B719119F4E4231DD0CEE
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9 Page URL
https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9&no_co... HTTP 303
https://ad1.adfarm1.adition.com/redi?sid=4523921&kid=4059563&bid=12219261&prf%5Bp1%5D=8DVZ1TIaltZA2q8&rnd=8D... HTTP 302
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021ga... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

56
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

1769 kB
Transfer

3883 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.square-enix.com/account/app/svc/ffxivregister?lng=en-us&notr=0
Title: KOSTENLOS STARTEN

Search URL Search Domain Scan URL

URL: https://usk.de/

Search URL Search Domain Scan URL

URL: https://www.square-enix.com/

Search URL Search Domain Scan URL

URL: https://us.playstation.com/

Search URL Search Domain Scan URL

URL: https://www.square-enix-games.com/de_DE/documents/tnc
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/de_DE/documents/privacy
Title: Datenschutzrichtlinien

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/de_DE/documents/cookies
Title: Cookie-Richtlinien

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/documents/cookies
Title: Cookie-Hinweis

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/documents/privacy
Title: Datenschutz-Hinweise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9 Page URL
https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9&no_cookie=1&widht=1600&height=1200&timezone=-60 HTTP 303
https://ad1.adfarm1.adition.com/redi?sid=4523921&kid=4059563&bid=12219261&prf%5Bp1%5D=8DVZ1TIaltZA2q8&rnd=8DVZ1TIaltZA2q8&click_id=8DVZ1TIaltZA2q8 HTTP 302
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set click-FQU4YVXN-NLJQCM7Z Show response
stvkr.com/ 2 KB
1 KB 98ms
37ms Document
text/html 212.32.251.44
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2bd99ad0719c1d65cf7c002f78f3d99f6bba69c1db42bf073e8af4c7f387487f

Request headers

Host: stvkr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 19 Mar 2021 08:40:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=g4ubgmqd7am1i37vosflhj7fo1; path=/; SameSite=None; Secure cnt=4979c0a3001e4688b45bdad2ad39f7e0; expires=Sat, 19-Mar-2022 08:40:40 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.stvkr.com init_referer=NNNNNNNNNNNNNjZPNNNNNNNVvk8%3D; expires=Fri, 19-Mar-2021 08:41:40 GMT; Max-Age=60; path=/; SameSite=None; Secure; skip_js_r=1; expires=Sun, 18-Apr-2021 08:40:40 GMT; Max-Age=2592000; path=/; SameSite=None; Secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

GET
H2

200

Primary Request / Show response
freetrial.finalfantasyxiv.com/de/
Redirect Chain

https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9&no_cookie=1&widht=1600&height=1200&timezone=-60
https://ad1.adfarm1.adition.com/redi?sid=4523921&kid=4059563&bid=12219261&prf%5Bp1%5D=8DVZ1TIaltZA2q8&rnd=8DVZ1TIaltZA2q8&click_id=8DVZ1TIaltZA2q8
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283

16 KB
5 KB

589ms
539ms

Document
text/html

2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283

Requested by

Host: stvkr.com
URL: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fdb61b2c4860d3d163709b51ce5f24a06c3d83bd85394a9f1d9764ff26d4252c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: freetrial.finalfantasyxiv.com
:scheme: https
:path: /de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://stvkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9

Response headers

date: Fri, 19 Mar 2021 08:40:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
set-cookie: visid_incap_1837129=Fm7aq6UyQvCAHPmu1zh5/IhjVGAAAAAAQUIPAAAAAACgOJduHzrtErGIf0OsbM6j; expires=Fri, 18 Mar 2022 21:42:11 GMT; HttpOnly; path=/; Domain=.finalfantasyxiv.com; Secure; SameSite=None incap_ses_878_1837129=pbOtbwuk8GddHDIApkgvDIhjVGAAAAAAkxBq64XpA1CymHj9YCbhsg==; path=/; Domain=.finalfantasyxiv.com; Secure; SameSite=None
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 14-174447254-174447255 NNNN CT(98 199 0) RT(1616143240184 0) q(0 0 3 0) r(4 6) U12

Redirect headers

Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Fri, 19 Mar 2021 09:40:40 +0100
Location: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
P3P: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6941282361461507283; expires=Thu, 17-Jun-2021 09:40:40 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure lc_4059563=w=4523921|t=1616143240; expires=Fri, 19-Mar-2021 09:10:40 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure

GET
H2 200 main.css
freetrial.finalfantasyxiv.com/de/css/ 16 KB
4 KB 422ms
421ms Stylesheet
text/css 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/css/main.css

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

016f5a75d106512e33a4035bdf49f2d27b3d2fea424a653c1051ab87528f8908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"413a-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: text/css
x-iinfo: 14-174447418-174434543 2VNN RT(1616143240729 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=12124, public
content-length: 3451
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8571101-12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed6dff0c74d4c8896ac19d1d31c552e08ee4e08af39876a1c088beecddb80371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39202
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:40 GMT

GET
H2 200 square_enix_master.js Show response
cdn.optimizely.com/public/17026340012/s/ 461 KB
115 KB 26ms
12ms Script
text/javascript 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/17026340012/s/square_enix_master.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e6bf85be8cd30879bf2d9152b0f1e97f9eaff33dfb8a3489bfcda8499e6a7f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: mFJWPPr1tL3QL1Rtj0gzLvTlUL1Emrma
content-encoding: gzip
etag: "fb66903ba2566ce398f52863a91e48c1"
x-amz-request-id: 438VAAYQDVTRPBSS
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1181
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 117213
x-amz-id-2: 3JJVhbhEqpu45/lN2C4safeS3Xb+aqp9Wa4fDwLZHWJ6U6yDKv34DqyW1F9fK/yyKwoARg/KKC0=
last-modified: Thu, 18 Mar 2021 14:30:14 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 08:40:40 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 top_ffxiv_logo_de.png
freetrial.finalfantasyxiv.com/img/ 175 KB
176 KB 424ms
423ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/top_ffxiv_logo_de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b292f57cd23308285807705c4935f8b18c20545e2defffedf042a27b6473e916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "2bd4f-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447432-174447433 2VNN RT(1616143240776 0) q(0 0 0 -1) r(0 4)
cache-control: max-age=12125, public
content-length: 179535
expires: Fri, 19 Mar 2021 12:02:46 GMT

GET
H2 200 trailer-thumb01.png
freetrial.finalfantasyxiv.com/de/img/ 23 KB
23 KB 433ms
430ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/trailer-thumb01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

53bd01e7928926a22b252f5c1c3b8b906c04c4af623545923b4ef721f1882e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "5bfe-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447546-174424653 2VNN RT(1616143241183 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=12124, public
content-length: 23550
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 trailer-thumb02.png
freetrial.finalfantasyxiv.com/de/img/ 22 KB
22 KB 426ms
423ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/trailer-thumb02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4c2c12169c872494a894c867ae35b3a3ff9c1f4b7194898e4243755d0256ec63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "5696-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447547-174422510 2VNN RT(1616143241185 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=12124, public
content-length: 22166
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 usk_rating.png
freetrial.finalfantasyxiv.com/de/img/ 1 KB
1 KB 423ms
420ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/usk_rating.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

80456479b829f440dcd77ab55977916d0e60305dcda8fbbdc61083f3a1d986cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "523-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447550-174433701 2VNN RT(1616143241187 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=12124, public
content-length: 1315
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 square-enix-logo.png
freetrial.finalfantasyxiv.com/img/ 2 KB
2 KB 423ms
420ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/square-enix-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3c233fb324049a238c47dcf9b6f7fd9d40b8d0320b2f3e7755ad0350f9f60229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "d81-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447551-174426793 2VNN RT(1616143241189 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=12124, public
content-length: 2283
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 ps4.png
freetrial.finalfantasyxiv.com/img/ 2 KB
2 KB 458ms
455ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/ps4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

44361d524e926d76b90fe63dff91eb0c20876c3605a1a9249c15c59340b3e3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "a74-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447554-174446550 2VNN RT(1616143241193 0) q(0 1 1 -1) r(5 5)
cache-control: max-age=12124, public
content-length: 1849
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 pc.png
freetrial.finalfantasyxiv.com/img/ 530 B
652 B 1637ms
1634ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/pc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4ae2cd96faa1722227404edadc317c60b3fb91828c20cd34612be06c4ee9832a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:42 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "6b9-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447555-174447451 2VNN RT(1616143241195 0) q(0 4 4 -1) r(17 17)
cache-control: max-age=12123, public
content-length: 530
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 mac-icon.jpg
freetrial.finalfantasyxiv.com/img/ 1 KB
1 KB 528ms
526ms Image
image/jpeg 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/mac-icon.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f73e4ecaf55919fa0a36d1ec1eecd35bf88c09850f7807014cd6e264640c9f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "7fa-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-174447557-174438360 2VNN RT(1616143241202 0) q(0 3 3 -1) r(4 4)
cache-control: max-age=12125, public
content-length: 1184
expires: Fri, 19 Mar 2021 12:02:46 GMT

GET
H2 200 WbP7-gW3eZL2HyGYGrvLqorznk.svg
img.finalfantasyxiv.com/lds/h/u/ 2 KB
2 KB 365ms
278ms Image
image/svg+xml 104.109.56.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.finalfantasyxiv.com/lds/h/u/WbP7-gW3eZL2HyGYGrvLqorznk.svg
Requested by: Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.56.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-56-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a782704f3577d0311dccf36faecaed57292c05b0eafb71add4aa8a10e6e6e8f

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Thu, 27 Jun 2019 08:13:10 GMT
server: nginx
etag: "5d147a96-619"
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1561
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H2 200 yBAnSiXwKsWFR_e285d93si7Vw.svg
img.finalfantasyxiv.com/lds/h/W/ 2 KB
2 KB 365ms
277ms Image
image/svg+xml 104.109.56.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.finalfantasyxiv.com/lds/h/W/yBAnSiXwKsWFR_e285d93si7Vw.svg
Requested by: Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.56.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-56-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9dde5e52dd0b9ab595cce1193b55605b0d99f7ddc75d620c3bb32a3b9585e36e

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Thu, 27 Jun 2019 08:13:10 GMT
server: nginx
etag: "5d147a96-877"
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2167
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 12:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72695
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 12:29:06 GMT

GET
H2 200 main.js Show response
freetrial.finalfantasyxiv.com/de/js/ 3 KB
1 KB 117ms
114ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d234c5c6dc2e8d7d715f6609473662137d4649ba5a181d5e7b45791526e40936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"14ba-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 14-174447544-174434543 2VNN RT(1616143241179 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=20800, public
content-length: 1052
expires: Fri, 19 Mar 2021 14:27:21 GMT

GET
H2 200 lazy-load.js Show response
freetrial.finalfantasyxiv.com/de/js/ 7 KB
3 KB 531ms
529ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/lazy-load.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0977fd57728130160687936aeea6f3628f0238e54f3860aaeff9add19e1e77c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"1a7d-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 14-174447559-174422510 2VNN RT(1616143241204 0) q(0 3 3 -1) r(4 4)
cache-control: max-age=20799, public
content-length: 3147
expires: Fri, 19 Mar 2021 14:27:20 GMT

GET
H2 200 lazy-bg.js Show response
freetrial.finalfantasyxiv.com/de/js/ 2 KB
919 B 531ms
530ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/lazy-bg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

040819139b0962a8afaa43e06589bbb66d492fab9ced8b80d8e21f516f40dae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"d25-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 14-174447560-174447433 2VNN RT(1616143241207 0) q(0 3 3 -1) r(5 5)
cache-control: max-age=20799, public
content-length: 813
expires: Fri, 19 Mar 2021 14:27:20 GMT

GET
H2 200 magnific.js Show response
freetrial.finalfantasyxiv.com/de/js/ 21 KB
7 KB 534ms
533ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/magnific.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6f5f3d7368f5d771da3813a5bda537f7c2c5e043a8be11c5369aaeceeb0c4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"52b3-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 14-174447561-174433978 2VNN RT(1616143241209 0) q(0 4 4 -1) r(5 5)
cache-control: max-age=20799, public
content-length: 7565
expires: Fri, 19 Mar 2021 14:27:20 GMT

GET
H2 200 _Incapsula_Resource Show response
freetrial.finalfantasyxiv.com/ 140 KB
20 KB 57ms
56ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1214953284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b544afbbadefc11703dc5fc3a7529bc0ce3c72cff5779ad9e32be34cd75b60a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20211
content-type: application/javascript

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 326 KB
80 KB 52ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7225f5d3972026c82f80f92aa201965ade55bf89420214bb793355c7e5be022e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81926
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H2 200 final-fantasy-xiv-stormblood-button-left.png
freetrial.finalfantasyxiv.com/img/ 3 KB
3 KB 561ms
561ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/final-fantasy-xiv-stormblood-button-left.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0bf8e25ba6f447f090d680615920b90c4bc4b5cfab51459c3eb0c148c75e0996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "f92-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447563-174434543 2VNN RT(1616143241219 0) q(0 4 4 -1) r(5 5)
cache-control: max-age=12124, public
content-length: 3003
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 final-fantasy-xiv-stormblood-button-right.png
freetrial.finalfantasyxiv.com/img/ 3 KB
3 KB 629ms
629ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/final-fantasy-xiv-stormblood-button-right.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

46a653ab800ab04ac53d71793a6a8ea3b502996feb7ac4b20b4b00c54bbcecd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "106d-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447565-174424653 2VNN RT(1616143241223 0) q(0 4 4 -1) r(6 6)
cache-control: max-age=12124, public
content-length: 2948
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 bottom-cta-left.png
freetrial.finalfantasyxiv.com/de/img/ 2 KB
2 KB 636ms
636ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/bottom-cta-left.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d19ff040def0bc446a5a021537df9ccefc2e45d3a3dec4d276458731c59fd079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "7cf-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447566-174438360 2VNN RT(1616143241226 0) q(0 5 5 -1) r(6 6)
cache-control: max-age=12125, public
content-length: 1999
expires: Fri, 19 Mar 2021 12:02:46 GMT

GET
H2 200 bottom-cta-right.png
freetrial.finalfantasyxiv.com/de/img/ 2 KB
2 KB 635ms
635ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/bottom-cta-right.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7631a00da585a8e78006a64d414031d9a085b16568665f26d9fd8e06337ad04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "7a9-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447569-174447433 2VNN RT(1616143241230 0) q(0 5 5 -1) r(6 6)
cache-control: max-age=12125, public
content-length: 1961
expires: Fri, 19 Mar 2021 12:02:46 GMT

GET
H2 200 alegreyasc-regular-webfont.woff2
freetrial.finalfantasyxiv.com/de/font/ 26 KB
26 KB 215ms
215ms Font
font/woff2 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/font/alegreyasc-regular-webfont.woff2

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ad5ff485bf20446d77d6f294b4ad64ac9c9249ceaed167c69af9121800b1b413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "6904-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: font/woff2
x-iinfo: 14-174447570-174447255 PNNN RT(1616143241232 0) q(0 0 0 -1) r(1 1) U12
accept-ranges: bytes
content-length: 26884

GET
H2 200 _Incapsula_Resource
freetrial.finalfantasyxiv.com/ 1 B
36 B 6ms
6ms Image
text/plain 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9899723317030067

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 159 KB
51 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5F2RMC&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ecf34a36adae191eec78076b8dff7a01c5553fcc5b7943da6cd1fca6f349870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51973
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
52 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55Z4HC7&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b8127d4977cf08d4398f053bf2d2b707e9476013ba4350f5cadec40d3aece27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52783
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
61 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TC9NQJ9&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df3b2de7cdf3a9946ca62153860b83e6149250c9b7ef56c91785cb80dd3130c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62827
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
63 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZBX977&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eea135aab15daf40e93e5bdb637114246ba8cf7ce4865da00ce462014e30b00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64236
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
55 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B85TLL&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc6af5e18ad8424b5b542b46cf0f1dac26c0000a0be60a6aaab15cbdd44b40a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56629
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
40 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRT85CK&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f207da37604dca41f0e6531067a0bb90efa292ad98f0114cb763c871922f5328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40642
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 16 KB
6 KB 40ms
24ms Script
application/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: stvkr.com
URL: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=892c7c905c8ed9971c6a63bc971d01e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: 8g79L9PKY/vudZazgfW0YA==
age: 2829
content-length: 5578
cf-request-id: 08eb3de93800000ebb753b9000000001
x-ms-lease-status: unlocked
last-modified: Tue, 16 Mar 2021 21:40:08 GMT
server: cloudflare
etag: 0x8D8E8C411D8A7C7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7bfdc0a8-301e-0007-7873-1cd21e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 632565bb8a150ebb-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.4.1/css/ 49 KB
13 KB 101ms
32ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by: Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Thu, 11 Oct 2018 20:07:26 GMT
server: NetDNA-cache/2.2
etag: W/"beb60a9475685e87a9738a7306591e69"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 06:53:07 GMT
server: ESF
date: Fri, 19 Mar 2021 08:40:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 08:40:41 GMT

GET
H2 200 magnific.css
freetrial.finalfantasyxiv.com/de/css/ 8 KB
2 KB 206ms
205ms Stylesheet
text/css 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/css/magnific.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a17757969607f832887baa3b470ee7c212b0c50d32b3f24744e6d302eea077d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"1e6c-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: text/css
x-iinfo: 14-174447624-174447433 2VNN RT(1616143241394 0) q(0 1 1 -1) r(2 2)
cache-control: max-age=12124, public
content-length: 2006
expires: Fri, 19 Mar 2021 12:02:45 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 110192
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:04:09 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 311109
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:15:32 GMT

GET
H2 200 e224d806-772f-4a8e-85f8-7e6c4b216f88.json Show response
cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/ 3 KB
2 KB 29ms
16ms XHR
application/x-javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/e224d806-772f-4a8e-85f8-7e6c4b216f88.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51f3adfbc7bedbafbbcbfc13345609bc801f1e7fd31ba236495f71d3c921c730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: WEx6XWyrxJgLbODXTd9fWw==
age: 2794
content-length: 1383
cf-request-id: 08eb3de9c800002c224110b000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 09:17:30 GMT
server: cloudflare
etag: 0x8D886229D7226B0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: da30cfd2-701e-0000-0573-1c249b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 632565bc78e62c22-FRA

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
95 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5B85TLL&cv=50&v=3&t=t&pid=1001097440&rv=3a0&es=1&e=gtm.js&eid=1&ut=C&tc=49&tr=1lcl.1hl.1lcl.1lcl.1lcl.1lcl.1hl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1hl.1lcl.1hl.1hl.1cl.1hl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl&ti=1lcl.1hl.1lcl.1lcl.1lcl.1lcl.1hl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1hl.1lcl.1hl.1hl.1cl.1hl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl&z=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 08:40:41 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ 70 KB
71 KB 39ms
39ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://use.fontawesome.com/releases/v5.4.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Thu, 11 Oct 2018 20:08:04 GMT
server: NetDNA-cache/2.2
etag: "1dc5b6dd4bf409a6f919be38603f76a0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 72000

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5B85TLL&cv=50&v=3&t=t&pid=1001097440&rv=3a0&es=1&e=gtm.dom&eid=37&ut=C&tc=49&z=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 08:40:41 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
239 B 21ms
19ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 632565bcab0e0ebb-FRA
cf-request-id: 08eb3de9e500000ebbf8a27000000001

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.8.0/ 332 KB
71 KB 18ms
18ms Script
application/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: ZxViCiQmz7HefYYdJwAS4g==
age: 2786
content-length: 72918
cf-request-id: 08eb3de9fd00000ebb3001c000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Oct 2020 18:26:35 GMT
server: cloudflare
etag: 0x8D875EED76F8FB8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 22ff5f7f-d01e-006b-7473-1c79cd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 632565bccb3c0ebb-FRA

GET
H2 200 de.json Show response
cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/b7fe9e9c-e00b-48c3-801a-9e5207bee0af/ 53 KB
13 KB 37ms
37ms Fetch
application/x-javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/b7fe9e9c-e00b-48c3-801a-9e5207bee0af/de.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a1d3f735125105a795f8c3846a89be5e3353fac881b48fe222255a94b0aff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: WiPJwMOuJ7HGVTPY8pCxqA==
age: 2792
content-length: 13243
cf-request-id: 08eb3dea1f00002c226e05c000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 09:17:38 GMT
server: cloudflare
etag: 0x8D88622A287201C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4af25287-501e-0035-7473-1c8ace000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 632565bcf97d2c22-FRA

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/ 12 KB
3 KB 32ms
32ms Fetch
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/otFlat.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: MC/cbbO9nlbWDh1quobBbA==
age: 2785
content-length: 3328
cf-request-id: 08eb3dea4b00002c225bb9b000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Oct 2020 18:26:23 GMT
server: cloudflare
etag: 0x8D875EED04BCF0C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6605dbd2-401e-0003-2973-1c279c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 632565bd49d72c22-FRA

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/ 61 KB
15 KB 21ms
21ms Fetch
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5015a9d4b5c5f025e2a826f1489c250c23fd70a63bb019a75cfc9e9a3025079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Mar 2021 08:40:41 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: k1DLcGqIpyZFonby6h4eWQ==
age: 2736
content-length: 14893
cf-request-id: 08eb3dea4b00002c221a05a000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Oct 2020 18:26:23 GMT
server: cloudflare
etag: 0x8D875EED09AECB4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 180f2cfa-a01e-0009-1773-1c3e15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 632565bd49da2c22-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 top_bg-min.jpg
freetrial.finalfantasyxiv.com/de/img/ 395 KB
395 KB 112ms
111ms Image
image/jpeg 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/top_bg-min.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

79789d8dea659184527b173f3970f328f17d55fba7d65682a2998d0f4009da07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:41 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "62a0c-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-174447735-174422510 2VNN RT(1616143241773 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=14993, public
content-length: 403980
expires: Fri, 19 Mar 2021 12:50:34 GMT

GET
H2 200 story_bg-min.jpg
freetrial.finalfantasyxiv.com/de/img/ 216 KB
216 KB 825ms
824ms Image
image/jpeg 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/story_bg-min.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6d78920ce507977d973cad83ce8615f40ddbfb0d6c1bdcc8a207e9185805c5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:42 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "35f51-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-174447736-174426793 2VNN RT(1616143241775 0) q(0 0 0 -1) r(8 8)
cache-control: max-age=6750, public
content-length: 220991
expires: Fri, 19 Mar 2021 10:33:12 GMT

GET
H2 200 live_de.png
freetrial.finalfantasyxiv.com/img/ 34 KB
34 KB 2066ms
2066ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/live_de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13e3513ee329732dd42847984c2de2c6ba1604bb807f813ea27cfa04c47c7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TIaltZA2q8&_autaclid=6941282361461507283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:40:43 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "8857-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-174447737-174438291 2VNN RT(1616143241779 0) q(0 1 1 -1) r(21 21)
cache-control: max-age=12124, public
content-length: 34903
expires: Fri, 19 Mar 2021 12:02:47 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 462ms
108ms Preflight
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://freetrial.finalfantasyxiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://freetrial.finalfantasyxiv.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Fri, 19 Mar 2021 08:40:44 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
255 B 109ms
109ms XHR
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17026340012/s/square_enix_master.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://freetrial.finalfantasyxiv.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 19 Mar 2021 08:40:44 GMT
Content-Type: text/plain

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
44 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5B85TLL&cv=50&v=3&t=t&pid=1001097440&rv=3a0&es=1&e=gtm.elementVisibility&eid=208&u=C&ut=C&tc=49&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 08:40:44 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5B85TLL&cv=50&v=3&t=t&pid=1001097440&rv=3a0&es=1&e=gtm.load&eid=270&u=C&ut=C&tc=49&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 08:40:44 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finalfantasyxiv.com/	1970-01-20 01:41:19	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Mar+19+2021+09%3A40%3A41+GMT%2B0100+(Central+European+Standard+Time)&version=6.8.0&hosts=&consentId=4dc121e8-360d-4deb-acdc-9e4b13bcd861&interactionCount=0&landingPath=https%3A%2F%2Ffreetrial.finalfantasyxiv.com%2Fde%2F%3Futm_source%3Dcityads%26utm_medium%3Dcpa%26utm_campaign%3Dffxiv_performanceq12021gas_add2%26click_id%3D8DVZ1TIaltZA2q8%26_autaclid%3D6941282361461507283&groups=C0002%3A0%2CC0001%3A1%2CC0003%3A0%2CC0004%3A0
.finalfantasyxiv.com/	1969-12-31 23:59:59	Name: incap_ses_878_1837129 Value: pbOtbwuk8GddHDIApkgvDIhjVGAAAAAAkxBq64XpA1CymHj9YCbhsg==
.finalfantasyxiv.com/	1970-01-20 01:40:39	Name: visid_incap_1837129 Value: Fm7aq6UyQvCAHPmu1zh5/IhjVGAAAAAAQUIPAAAAAACgOJduHzrtErGIf0OsbM6j

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad1.adfarm1.adition.com
ajax.googleapis.com
cdn-ukwest.onetrust.com
cdn.optimizely.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
freetrial.finalfantasyxiv.com
geolocation.onetrust.com
img.finalfantasyxiv.com
stvkr.com
use.fontawesome.com
www.googletagmanager.com
104.109.56.146
212.32.251.44
217.79.188.2
23.111.9.35
2606:4700:10::6814:b844
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a02:26f0:7100:19a::13b8
2a02:e980:f3::86
52.72.27.138
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
016f5a75d106512e33a4035bdf49f2d27b3d2fea424a653c1051ab87528f8908
040819139b0962a8afaa43e06589bbb66d492fab9ced8b80d8e21f516f40dae1
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0977fd57728130160687936aeea6f3628f0238e54f3860aaeff9add19e1e77c1
0bf8e25ba6f447f090d680615920b90c4bc4b5cfab51459c3eb0c148c75e0996
13e3513ee329732dd42847984c2de2c6ba1604bb807f813ea27cfa04c47c7397
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
2bd99ad0719c1d65cf7c002f78f3d99f6bba69c1db42bf073e8af4c7f387487f
3c233fb324049a238c47dcf9b6f7fd9d40b8d0320b2f3e7755ad0350f9f60229
44361d524e926d76b90fe63dff91eb0c20876c3605a1a9249c15c59340b3e3a8
46a653ab800ab04ac53d71793a6a8ea3b502996feb7ac4b20b4b00c54bbcecd1
4ae2cd96faa1722227404edadc317c60b3fb91828c20cd34612be06c4ee9832a
4c2c12169c872494a894c867ae35b3a3ff9c1f4b7194898e4243755d0256ec63
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
51f3adfbc7bedbafbbcbfc13345609bc801f1e7fd31ba236495f71d3c921c730
53bd01e7928926a22b252f5c1c3b8b906c04c4af623545923b4ef721f1882e59
6a782704f3577d0311dccf36faecaed57292c05b0eafb71add4aa8a10e6e6e8f
6d78920ce507977d973cad83ce8615f40ddbfb0d6c1bdcc8a207e9185805c5df
7225f5d3972026c82f80f92aa201965ade55bf89420214bb793355c7e5be022e
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7631a00da585a8e78006a64d414031d9a085b16568665f26d9fd8e06337ad04e
79789d8dea659184527b173f3970f328f17d55fba7d65682a2998d0f4009da07
80456479b829f440dcd77ab55977916d0e60305dcda8fbbdc61083f3a1d986cc
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
8b8127d4977cf08d4398f053bf2d2b707e9476013ba4350f5cadec40d3aece27
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dde5e52dd0b9ab595cce1193b55605b0d99f7ddc75d620c3bb32a3b9585e36e
9ecf34a36adae191eec78076b8dff7a01c5553fcc5b7943da6cd1fca6f349870
a17757969607f832887baa3b470ee7c212b0c50d32b3f24744e6d302eea077d7
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a
ad5ff485bf20446d77d6f294b4ad64ac9c9249ceaed167c69af9121800b1b413
b292f57cd23308285807705c4935f8b18c20545e2defffedf042a27b6473e916
b544afbbadefc11703dc5fc3a7529bc0ce3c72cff5779ad9e32be34cd75b60a6
b6f5f3d7368f5d771da3813a5bda537f7c2c5e043a8be11c5369aaeceeb0c4ba
bc6af5e18ad8424b5b542b46cf0f1dac26c0000a0be60a6aaab15cbdd44b40a5
c5015a9d4b5c5f025e2a826f1489c250c23fd70a63bb019a75cfc9e9a3025079
d19ff040def0bc446a5a021537df9ccefc2e45d3a3dec4d276458731c59fd079
d234c5c6dc2e8d7d715f6609473662137d4649ba5a181d5e7b45791526e40936
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
df3b2de7cdf3a9946ca62153860b83e6149250c9b7ef56c91785cb80dd3130c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bf85be8cd30879bf2d9152b0f1e97f9eaff33dfb8a3489bfcda8499e6a7f61
ed6dff0c74d4c8896ac19d1d31c552e08ee4e08af39876a1c088beecddb80371
eea135aab15daf40e93e5bdb637114246ba8cf7ce4865da00ce462014e30b00a
f1a1d3f735125105a795f8c3846a89be5e3353fac881b48fe222255a94b0aff2
f207da37604dca41f0e6531067a0bb90efa292ad98f0114cb763c871922f5328
f73e4ecaf55919fa0a36d1ec1eecd35bf88c09850f7807014cd6e264640c9f0d
fdb61b2c4860d3d163709b51ce5f24a06c3d83bd85394a9f1d9764ff26d4252c

freetrial.finalfantasyxiv.com Open in urlscan Pro 2a02:e980:f3::86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

58 %IPv6

9 Domains

13 Subdomains

12 IPs

3 Countries

1769 kBTransfer

3883 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freetrial.finalfantasyxiv.com Open in urlscan Pro
2a02:e980:f3::86 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

1769 kB
Transfer

3883 kB
Size

3
Cookies

56 HTTP transactions
1 data transactions