www.ffxiah.com Open in urlscan Pro
158.69.250.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ffxiah.com/
Effective URL:
https://www.ffxiah.com/
Submission: On November 13 via api (November 13th 2023, 11:51:02 pm UTC) from US — Scanned from CA

Summary HTTP 120 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 120 HTTP transactions. The main IP is 158.69.250.98, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.ffxiah.com.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.

This is the only time www.ffxiah.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	158.69.250.98 158.69.250.98	16276 (OVH) (OVH)
2	142.251.16.95 142.251.16.95	15169 (GOOGLE) (GOOGLE)
11	172.67.149.27 172.67.149.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1 12	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
16	172.253.62.132 172.253.62.132	15169 (GOOGLE) (GOOGLE)
17	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
3	172.253.62.105 172.253.62.105	15169 (GOOGLE) (GOOGLE)
1	172.253.62.95 172.253.62.95	15169 (GOOGLE) (GOOGLE)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
3	172.253.62.113 172.253.62.113	15169 (GOOGLE) (GOOGLE)
2	142.251.111.139 142.251.111.139	15169 (GOOGLE) (GOOGLE)
2	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
120	14

48 158.69.250.98 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns547292.ip-158-69-250.net

www.ffxiah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ffxiah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.ffxiah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.149.27 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-b2.ffxipro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.253.62.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net

37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f113.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f139.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	ffxiah.com 1 redirects www.ffxiah.com static.ffxiah.com ads.ffxiah.com	933 KB
33	googlesyndication.com 37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	347 KB
11	ffxipro.com cdn-b2.ffxipro.com	41 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	329 KB
8	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	169 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	183 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	90 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
120	9

	Domain	Requested by
42	static.ffxiah.com	www.ffxiah.com static.ffxiah.com
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.ffxiah.com www.googletagservices.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com pagead2.googlesyndication.com
11	cdn-b2.ffxipro.com	www.ffxiah.com
8	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net www.ffxiah.com
4	www.googletagservices.com	ads.ffxiah.com securepubads.g.doubleclick.net f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
4	www.ffxiah.com	1 redirects www.ffxiah.com
3	encrypted-tbn0.gstatic.com	f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
3	www.google.com	tpc.googlesyndication.com
2	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn1.gstatic.com	f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.ffxiah.com	www.ffxiah.com
2	ajax.googleapis.com	www.ffxiah.com
1	www.gstatic.com	f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
1	fonts.googleapis.com	f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
1	37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
120	19

This site contains links to these domains. Also see Links.

Domain
discordapp.com
www.bg-wiki.com
www.discordapp.com
www.ffxidb.com
www.ffxivpro.com
www.guildwork.com
www.windower.net
jp.ffxiah.com
de.ffxiah.com
fr.ffxiah.com
www.playonline.com
sqex.to
forum.square-enix.com

Subject Issuer	Validity	Valid
*.ffxiah.com R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ffxipro.com E1	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.ffxiah.com/
Frame ID: 6EBD82AAECCEA595F3796EB85C813BAC
Requests: 59 HTTP requests in this frame

Frame: https://ads.ffxiah.com/ffxiah.com/gAd_728x90.html
Frame ID: 20CAFDA31F62658653293003820D0E7B
Requests: 7 HTTP requests in this frame

Frame: https://ads.ffxiah.com/ffxiah.com/gAd_160x600.html
Frame ID: 598BF1C6452D930A8B7306664767549F
Requests: 7 HTTP requests in this frame

Frame: https://37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F1423207376A385F8CE3AF0E8BDB8C63
Requests: 1 HTTP requests in this frame

Frame: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 52F9D06954951497A9A92AF61C50849B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOiWDp8BtdG8Ep10-pxaGE6CsRAln57oFWy9PHK9INxVhUx6v2Ma8zC9lNXNKyiCRaZaYEYBp8Nq4bl9XTFGD_IbrXBkqYv-dYKaMbuJYoB9rEPWNA1olQBEy3HFAGTlbHXVKSZ91RQAfaGBQW5dvLds5fUmdQgRhN3efo2x2-sFOo6ceCNXyFYuXwXxGIzuVCUKgFg5DNjEk6zQDAwnCAkbDOJH8MK2wiOnHdfy9_hu_dYXIr6vbzvedKrIHMEPI28zNC-gsEB4wwLR1Rn9x3GR3OKG1jntwzQfn3-mPo8w6dxX84KIQ0M47baYrfuiQlIyPp2IC8wq1QvdWhWGHEQAjHJ6Rrh8OjUxBwIk3tCiA&sai=AMfl-YR5IRraDMsldTQXk8b8W3hA85ED8mJ9_dSclF7vvmpku9S22ra80804c8Wxh9wa1EugdFNqkTb2cmrGLqeicYq4sa60Ysi4hLPuyBPWJ20PCRCElxRXzhDecwY5KUKxJ0KxCtFBEVL4SseduRuXYPUX&sig=Cg0ArKJSzNXe2mmFrxHiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 17A6E83CB0C1F6E93998F94D86EB66E8
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7BF0916ACD9363981993DE948162E607
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60185FEF744B7381AE32249C1C7CB179
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB5A3877DF694519EC9ABBEE25D9C149
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0E6FBEB1B06431E82BA8BD320D9F8C5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: FA5AE3DBFC5BCA606AE6286C5BAA35D7
Requests: 1 HTTP requests in this frame

Frame: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 249E75210652D9AF10C6E563523DDF1B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0209765201661192&output=html&h=90&slotname=7268890205&adk=29905378&adf=4198862039&pi=t.ma~as.7268890205&w=728&lmt=1699919457&format=728x90&url=https%3A%2F%2Fads.ffxiah.com%2Fffxiah.com%2FgAd_728x90.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699919457721&bpp=3&bdt=218&idt=230&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&cookie=ID%3Dbb97695315137d7d%3AT%3D1699919457%3ART%3D1699919457%3AS%3DALNI_MYA7rV5WUuike9oEYywcvZ34levhQ&gpic=UID%3D00000da1a897f81c%3AT%3D1699919457%3ART%3D1699919457%3AS%3DALNI_MZ4A_Xoq15oroaKLrqmfQFFkOXqLg&correlator=191942804375&frm=24&ife=4&pv=2&ga_vid=380173714.1699919458&ga_sid=1699919458&ga_hid=1538411653&ga_fc=0&nhd=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3078452370&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C31079605%2C42531705%2C44807460%2C31078297%2C44807405%2C44806139%2C44807763%2C44808148%2C44808284&oid=2&pvsid=2674194772525742&tmod=1718423315&uas=0&nvt=1&top=https%3A%2F%2Fwww.ffxiah.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rm3i0fhrkb1f&fsb=1&dtd=243
Frame ID: 95D62BF783DADBDCA827118610EB9E11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: F9788D5E3410CEA5525174DD75DABCAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 157A365EC2C0A79250CB10B3AA05C345
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A7A04A8A9F847842302120FEA774037
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FFXIAH.com

Page URL History Show full URLs

http://www.ffxiah.com/ HTTP 302
https://www.ffxiah.com/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

120
Requests

99 %
HTTPS

0 %
IPv6

9
Domains

19
Subdomains

14
IPs

2
Countries

2094 kB
Transfer

4071 kB
Size

6
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://discordapp.com/invite/0bUAApcl86UNdbI7?username=
Title: Chat

Search URL Search Domain Scan URL

URL: http://www.bg-wiki.com/
Title: BG Wiki

Search URL Search Domain Scan URL

URL: https://www.discordapp.com/
Title: Discord

Search URL Search Domain Scan URL

URL: http://www.ffxidb.com/
Title: FFXIDB

Search URL Search Domain Scan URL

URL: https://www.ffxivpro.com/
Title: FFXIVPro

Search URL Search Domain Scan URL

URL: http://www.guildwork.com/
Title: Guildwork

Search URL Search Domain Scan URL

URL: http://www.windower.net/
Title: Windower

Search URL Search Domain Scan URL

URL: https://jp.ffxiah.com/
Title: JP

Search URL Search Domain Scan URL

URL: https://de.ffxiah.com/
Title: DE

Search URL Search Domain Scan URL

URL: https://fr.ffxiah.com/
Title: FR

Search URL Search Domain Scan URL

URL: http://www.playonline.com/pcd/topics/ff11us/detail/20964/detail.html

Search URL Search Domain Scan URL

URL: http://www.playonline.com/ff11us/campaign/login/login125.html
Title: Read on

Search URL Search Domain Scan URL

URL: https://sqex.to/M5Xhv

Search URL Search Domain Scan URL

URL: https://forum.square-enix.com/ffxi/threads/61239

Search URL Search Domain Scan URL

URL: https://sqex.to/LBG

Search URL Search Domain Scan URL

URL: https://sqex.to/dyuKQ
Title: official rules

Search URL Search Domain Scan URL

URL: https://forum.square-enix.com/ffxi/threads/61225

Search URL Search Domain Scan URL

URL: http://www.playonline.com/pcd/topics/ff11us/detail/20910/detail.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ffxiah.com/ HTTP 302
https://www.ffxiah.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5IIGYbZSZfmxGdbkvPIP2sif0ASf7e6MdODU-J6sEmQQASDQ15MEYP3oooHwA6ABkq3NgwPIAQngAgCoAwHIA8sEqgShAk_Q58RSc9i_zuAY5amnZrfbZihzpwMNZe9lPJYGxquAwheLNI1P4EuKhh_rGRW8klxyp2JBeyHXdutI8JH6v7cijealnWDFQp5eqt7qQVswoZ8kV5i4EvNFkuuHyF0fIoWDImlzOwfQDsYb5pZb4zjcKLDV4yLpvyKVFGjL0DgqFxzsyJmaydPjhA2e5_7gu7QSQP9Y2b3ZprcfGZNyneW7wkhWwR_pe5h9RCbkNYABjeI5OPPNAY3_dsF9pljeDTt-fUWfRDttH_HZq_L47giUoCbKsfpe0sFpRpq35HLKJ2VoAchZl_QZRhuzVuAPqzTrMPJlIanwL_YlvLrFkD97Z23nIgSt5vmwtmU5gCa9VzlNlUsnr4d6voga9_DVwpvABP-a6PvOBOAEAYgF1-yhiEySBQQIBBgBkgUECAUYBKAGLoAH3oWsqwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQz84J0ggUCIBhEAEYHTICigI6AoBASL39wTqaCRdodHRwczovL3NoYXBlcm1pbnQuY29tL4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQwKahpuecq_OHARICAQPiDRMI7-ieu5XCggMVVjJPCB1a5AdK2BML0BUBgBcBshceChwIABIUcHViLTAyMDk3NjUyMDE2NjExOTIY5LYH&sigh=BTbwFE8OfEw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNDk35Q947X-GXxKT20tayTHw97qeMoico2zycp3XmLSpacN3RtMHk3Pq8N8YvGdk19R1ZObxuQmd8FbqTKc5FxC_1BI1tnc845hYYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5dbc59cc4dbc30a90000000000000000%22,%222%22:%220x3a5b057b9fd9503f0000000000000000%22,%223%22:%220x499503f78dc5ad120000000000000000%22,%224%22:%220x2e529b53900a5970000000000000000%22,%225%22:%220xf203b709ee275ab80000000000000000%22},%22debug_key%22:%225663448854433013260%22,%22debug_reporting%22:true,%22destination%22:%22https://shapermint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812865170%22],%224%22:[%2211-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223881232264272802801%22}&andc=true

120 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.ffxiah.com/
Redirect Chain

http://www.ffxiah.com/
https://www.ffxiah.com/

83 KB
14 KB

137ms
97ms

Document
text/html

158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 78561254199355191524f611622b7e9a8f3e1648ef819c74a85a2362efb61005

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Nov 2023 23:50:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-No-Cache: Y

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Nov 2023 23:50:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://www.ffxiah.com/
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-No-Cache: Y

GET
H/1.1 200
OK main-bundle.v1665767188.css
static.ffxiah.com/css/ 220 KB
221 KB 67ms
23ms Stylesheet
text/css 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ffxiah.com/css/main-bundle.v1665767188.css
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b4931eddbb10292330d2d8b29833a4e56f86475bbea197e0f5256089c75adaba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Fri, 14 Oct 2022 17:06:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63499714-371e1"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 225761
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK index.v1608652921.css
static.ffxiah.com/css/ffxi/app/ 1 KB
2 KB 61ms
18ms Stylesheet
text/css 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ffxiah.com/css/ffxi/app/index.v1608652921.css
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c30acbe09855d6826349bcae54ae027698a7d08e19bd4348ec914d4b9bfffceb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Fri, 14 Oct 2022 17:06:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63499708-595"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1429
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 81 KB
29 KB 97ms
32ms Script
text/javascript 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js

Requested by

Host: www.ffxiah.com
URL: https://www.ffxiah.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

sffe /

Resource Hash

d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29195
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:19:14 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 117ms
53ms Script
text/javascript 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: www.ffxiah.com
URL: https://www.ffxiah.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 05:31:34 GMT

GET
H/1.1 200
OK sockjs-0.3.min.js Show response
www.ffxiah.com/js/vendor/ 32 KB
32 KB 26ms
25ms Script
application/javascript 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ffxiah.com/js/vendor/sockjs-0.3.min.js
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 328f0490c1cb33e8591121a3137010d723185c7cb296d6e31972a53eecc2ad8b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Fri, 14 Oct 2022 17:05:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "634996f5-7e95"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32405
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK main-bundle.v1665767188.js Show response
static.ffxiah.com/js/ 226 KB
227 KB 77ms
33ms Script
application/javascript 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ffxiah.com/js/main-bundle.v1665767188.js
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a68e054693be4a1d12da204ae67abab74a0c5fe24d97345cb9dfa9da4fcfb26d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Fri, 14 Oct 2022 17:06:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63499714-388c6"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231622
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK AH.v1608652921.js Show response
static.ffxiah.com/js/lib/ 13 KB
13 KB 65ms
22ms Script
application/javascript 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ffxiah.com/js/lib/AH.v1608652921.js
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b83a14fe83bbf97fa965c43c7014232f9441aa51b16d5a87a41c8677f1b6ddf0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Fri, 14 Oct 2022 17:06:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63499702-333b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13115
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK index.v1608652921.js Show response
static.ffxiah.com/js/ffxi/app/ 2 KB
2 KB 61ms
18ms Script
application/javascript 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ffxiah.com/js/ffxi/app/index.v1608652921.js
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 392810e795ba3482d649e3f16a116a5082de8f869167ab5f1802cf03a2014bd1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Fri, 14 Oct 2022 17:05:42 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "634996e6-880"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2176
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK FFXIAH_top_2.jpg
static.ffxiah.com/images/ffxiah/ 33 KB
34 KB 78ms
35ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/ffxiah/FFXIAH_top_2.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a98fe4d4e958523b23c2e683d10cc5f9f011ecf00f8e8cd2f5aa252d00d2850

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 01 Jan 2020 23:45:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5e0d2f09-84f6"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34038
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK ffxivprobox.jpg
static.ffxiah.com/images/ 2 KB
2 KB 18ms
18ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/ffxivprobox.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 77a8904df780875e356b196bb3c8b55067185b8b42a2b6363875b5ce7eded29e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 01 Jan 2020 23:45:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5e0d2f34-84c"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2124
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK guildwork-logo-120.png
static.ffxiah.com/images/ 6 KB
6 KB 20ms
19ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/guildwork-logo-120.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b4b1f3c5233a55d42fda178b57bd8f10492a77bd93daf35054e144d99b9b7761

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 01 Jan 2020 23:45:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5e0d2f34-1789"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6025
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20964.jpg
static.ffxiah.com/images/polnews/ 40 KB
40 KB 23ms
23ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20964.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a9027b40f692e2db0c712a6c7a94e83e76e90ef01438b1f1627ba37695849f91

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62b-a000"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40960
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK spacer.gif
static.ffxiah.com/images/polnews/ 43 B
361 B 18ms
18ms Image
image/gif 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/spacer.gif
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b63b-2b"
Content-Type: image/gif
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20949.jpg
static.ffxiah.com/images/polnews/ 30 KB
30 KB 24ms
24ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20949.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a2198d66fa644d6fa9958bec0e99792366bd06afa074594b788e76cd27a6f042

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62c-7800"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30720
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20951.jpg
static.ffxiah.com/images/polnews/ 75 KB
75 KB 19ms
18ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20951.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5190177518baa8261d3dfe414359909403696a1a7f50d3dbf7e63840030adeb9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62c-12c00"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76800
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20946.jpg
static.ffxiah.com/images/polnews/ 24 KB
24 KB 20ms
20ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20946.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43bef3a32b943fef4cd3f077b6fa0cdde39d43bad337ae248166de1ae2d05d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62c-6000"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24576
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20932.jpg
static.ffxiah.com/images/polnews/ 75 KB
75 KB 24ms
18ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20932.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5190177518baa8261d3dfe414359909403696a1a7f50d3dbf7e63840030adeb9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62d-12c00"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76800
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 39bcbe4ed7c695edeb78689862303666.jpg
static.ffxiah.com/images/polnews/ 0
317 B 23ms
18ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/39bcbe4ed7c695edeb78689862303666.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62d-0"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20929.jpg
static.ffxiah.com/images/polnews/ 24 KB
24 KB 26ms
21ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20929.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43bef3a32b943fef4cd3f077b6fa0cdde39d43bad337ae248166de1ae2d05d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Thu, 09 Nov 2023 05:30:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "654c6e5b-6000"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24576
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20926.jpg
static.ffxiah.com/images/polnews/ 30 KB
30 KB 29ms
25ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20926.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a2198d66fa644d6fa9958bec0e99792366bd06afa074594b788e76cd27a6f042

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Thu, 09 Nov 2023 15:00:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "654cf3f6-7800"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30720
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 20910.jpg
static.ffxiah.com/images/polnews/ 34 KB
34 KB 30ms
25ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/polnews/20910.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89c9f51f29a67d443a77ca42c8683cf49b9f90bced1587be53791529cc8a154d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Mon, 13 Nov 2023 23:50:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6552b62d-8800"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34816
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 2488.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 18ms
17ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/2488.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f27a3de45c93a746283c29d651bd08d927e0a21f9b13d0a29ca11bd7dea1c6c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a1-523"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1315
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 26359.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 20ms
19ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/26359.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9ce649755ae3d29428d4c1bbe31f7827a90adfbe3bf835953de981ac9b44b147

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-581"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1409
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 9875.png
static.ffxiah.com/images/mini-icons/ 1 KB
1 KB 18ms
17ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/9875.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a13573a1b2c472ee5d48e92d169e4bd34e116e9171a4e0085f531f6b8dca598

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a3-4b9"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1209
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 3509.png
static.ffxiah.com/images/mini-icons/ 1 KB
1 KB 18ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/3509.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65b4e02ee5f344762605747ba70399c918cabf5d00a87c4750d1211e947ec250

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-423"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1059
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 17440.png
static.ffxiah.com/images/mini-icons/ 907 B
1 KB 19ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/17440.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 39a3c7d6b04b4831a00b92c85004e2d2f17db8e5579a761244385e80e61d3663

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a1-38b"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 907
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 8798.png
static.ffxiah.com/images/mini-icons/ 1 KB
1 KB 18ms
17ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/8798.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cff2f88fb91e98375fb31702a21673b5fd6e6713215ab7602609c839c270b0b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a3-4b8"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1208
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 4060.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 18ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/4060.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6282db7dcb04dec66f5b2d0d20ec9f67600ffe524d2fa130fa994762f9bdf2eb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-524"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1316
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 4061.png
static.ffxiah.com/images/mini-icons/ 1 KB
1 KB 18ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/4061.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 84822498a486d6aeaf029ffc01181e5c249905b26f4e8299cdc06bd6a237d6c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-4bc"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1212
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 26214.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 18ms
17ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/26214.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8d2732434196037afa3ddcc0497ab1ca688331c8ab3e54f3c3eb08fd257fd2a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-55b"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1371
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 26221.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 18ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/26221.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 860c11bbc5156902ec680d9fbfd22c0efeddd92a3702e4b282a04a2e74d7d8d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-564"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1380
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 3498.png
static.ffxiah.com/images/mini-icons/ 1 KB
1 KB 33ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/3498.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7311f00e9cc4ab639f9a91936d4946cf4dfb02bc9afc4a42cc95f66521eacc1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-489"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1161
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 12748.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 43ms
17ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/12748.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e42fd76275c115e6ee5bd6b88638c4131db98509ed746f5712c2478bf2101331

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a0-4f7"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1271
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 28383.png
static.ffxiah.com/images/mini-icons/ 2 KB
2 KB 50ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/28383.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2bc30a20158eab355c0c9e07c206250b071b1c9df09ad904044c7620cd5f6c61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-604"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1540
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 26182.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 21ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/26182.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bf26252c65e298567c305a70dcbeb175cf4a2365719efa08771825f1533afa2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-510"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1296
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 25987.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 32ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/25987.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3fbb25ace81b6a3408e075f931adf7aec7dc6a4655a234a861146ae935e57fae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-4d8"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1240
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 4059.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 55ms
17ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/4059.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 982cb597efd3459628548f6b4c867cf0f4f2735e92dae36a73834209b65f60b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-549"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1353
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 26118.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 51ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/26118.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6219658eefd4d5277fe3833fde16f25bae4caab07595c416f33c0042d8896b32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-51f"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1311
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 9541.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 32ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/9541.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8f65a4f441ed0a18b9074dc228e02724a11c0b6bb1fe277ed6a6dd751257bdd1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a3-53e"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1342
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 26528.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 51ms
19ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/26528.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ce1a3de1571376cb4acb66e2a8298d05fe797876051e0d7525778faae4806099

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a2-517"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1303
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 1450.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 50ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/1450.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f03639ff553a6465d4e50348b632f3d169a81f851e38092e8dd88d436ef088d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a0-4ee"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1262
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 9543.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 38ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/9543.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83b4948264e784579eeac8d462a2ef2049f6c7f7ea9b9466368853b59cb3ea6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a3-541"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1345
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK 9256.png
static.ffxiah.com/images/mini-icons/ 1 KB
2 KB 31ms
18ms Image
image/png 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/mini-icons/9256.png
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b4a13e86a3f67093c8cf4e2212e4e1a8f324731648cd6258d1abeb61cf75eafe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 12 Jul 2023 14:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64aeb9a3-547"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1351
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H2 200 1518bdc33e116a25ee48b9d0a56ab9c7.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 3 KB
4 KB 125ms
54ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/1518bdc33e116a25ee48b9d0a56ab9c7.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20381716ab6965b04f4f00715ed3a59f4ddc1b033d5ca9e20327bf88e6de45e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f1005dee8e6f20f32_d20231110_m073857_c000_v0001088_t0011_u01699601937389
age: 303965
x-bz-content-sha1: unverified:c730ab8c97a07fd905a262d65c1e58b5098b04ed
x-bz-file-name: images/ss/sqtn/1518bdc33e116a25ee48b9d0a56ab9c7.jpg
alt-svc: h3=":443"; ma=86400
content-length: 3346
x-bz-upload-timestamp: 1699601937389
last-modified: Fri, 10 Nov 2023 07:38:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tgxd2QWIQgoDtWgxFg7PcLPn31CA5lbwxO%2F51Jz9MPf%2BtCUytk3v6pqUfBLSaG%2BPV4Qwaf6qZuoC828DHTrnV79TTfizIGNvAYh988XkpF9TOzJw5crrxnhwfkwwv%2BnCf5SuT7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df91139db-YYZ

GET
H2 200 e2d1ff584541f9916cf17e34da99697a.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 2 KB
3 KB 126ms
55ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/e2d1ff584541f9916cf17e34da99697a.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5dd63f7c69eb1e1a521f7eb9d40265c948eeccbc922b1b4a8d7a5f0c26309cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f114267e5c6ccd915_d20231107_m195652_c000_v0001074_t0052_u01699387012077
age: 523024
x-bz-content-sha1: unverified:6d5881f4b989c9ea2287f2b3b7f94150a3906706
x-bz-file-name: images/ss/sqtn/e2d1ff584541f9916cf17e34da99697a.jpg
alt-svc: h3=":443"; ma=86400
content-length: 2102
x-bz-upload-timestamp: 1699387012077
last-modified: Tue, 07 Nov 2023 19:56:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVUDnGB4MRAq0Jj54wQXWvfGjgQBmAW34Dx6uIpAYW6%2Fc8mmD72RQd2NagmR89R2oFERcL2PHsYsrh64%2F5TCnojip8jS0bks0SdKCtc0UKpTUnpGrDFlfdRxsAr%2FTFMmmodQPpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df91439db-YYZ

GET
H2 200 f0ae79edeed14cf45fe00bbb463ad1b7.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 3 KB
3 KB 110ms
39ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/f0ae79edeed14cf45fe00bbb463ad1b7.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15d2ac4db3f019a45835d2f8fcf5a3644779185181f7fe0b6080568ee63906e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f1102327508401849_d20231105_m184216_c000_v0001059_t0042_u01699209735999
age: 84548
x-bz-content-sha1: unverified:c331d632e14bfd1ae9054033af3bff094704f94c
x-bz-file-name: images/ss/sqtn/f0ae79edeed14cf45fe00bbb463ad1b7.jpg
alt-svc: h3=":443"; ma=86400
content-length: 3027
x-bz-upload-timestamp: 1699209735999
last-modified: Sat, 11 Nov 2023 15:49:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2e1BQE6teX9rxhEnTM0XuWgghzeYytv4Yh5GuUjEyJ7bJaxOJAnpiL71520r%2FynPFNpeydskLkphiU92NurUAEjL6Lyfg0k7kgidTjW3UvYbXNWJPlkOn3GrmzO3Uqjv2Oq9UE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df91339db-YYZ

GET
H2 200 ca440a0e638aeed3959b0d95fb25631e.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 4 KB
4 KB 122ms
52ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ca440a0e638aeed3959b0d95fb25631e.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a0466388eb44d3be3f3ad7853bae037a0fa2d52bbf07ee02c8c41127aee0124

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f111f4582bfaab86e_d20231105_m012455_c000_v0001075_t0028_u01699147495468
age: 395813
x-bz-content-sha1: unverified:30d41f3930b960c45f68a3cd9fe4b42b2fa758c1
x-bz-file-name: images/ss/sqtn/ca440a0e638aeed3959b0d95fb25631e.jpg
alt-svc: h3=":443"; ma=86400
content-length: 4095
x-bz-upload-timestamp: 1699147495468
last-modified: Sun, 05 Nov 2023 01:24:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYCT0dVGepoeOA6aTllhwz%2BKoZFu1IZ729m2pT1ods5Z30QywBMt%2FE%2FhS6pxwBSyxU5O6Fm4W4R69i3Z4moXzthCo0plgh0hgxbeUpHh3Efc%2BnCPewpLTlpWX5Gzgb5ASlFCxCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df91539db-YYZ

GET
H2 200 a3907793f015c545d4f6da4de41cdbfe.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 6 KB
6 KB 84ms
58ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/a3907793f015c545d4f6da4de41cdbfe.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2322829258c6cd7abadb484fb0460676b79f0a84cde8262f04b278cb685a26f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f111993d5496c0e60_d20231103_m233413_c000_v0001078_t0012_u01699054453017
age: 407626
x-bz-content-sha1: unverified:3dd2e067688052ba07fb1bb7dff201e794067177
x-bz-file-name: images/ss/sqtn/a3907793f015c545d4f6da4de41cdbfe.jpg
alt-svc: h3=":443"; ma=86400
content-length: 5679
x-bz-upload-timestamp: 1699054453017
last-modified: Fri, 03 Nov 2023 23:34:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j%2Fe8pGZqw9Sbxsv3SR0dG79%2FZ6fQUNQbR6qMP4XemRMCMSZRU2npmcvOBCxSnUoER6pRCPZYZo0qr1uHA9586d4qU2aFkkwgCouYDpIe%2BXyumiumFnbZ%2BWJoqbOgKbzy%2B7%2Bl9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7e093339db-YYZ

GET
H2 200 3306b5bce841ff745d1b7ec1c613ad80.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 2 KB
3 KB 60ms
34ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/3306b5bce841ff745d1b7ec1c613ad80.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1234d25b9f9921cbf0a7dadb25d8ba39f9525b6d95994a0ac6fe5a8c2f6bff3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f11525e532a5e5f1e_d20231103_m072647_c000_v0001089_t0023_u01698996407414
age: 396908
x-bz-content-sha1: unverified:dd78bfd0cc277973f8a46c9f3d5381ca3e35861e
x-bz-file-name: images/ss/sqtn/3306b5bce841ff745d1b7ec1c613ad80.jpg
alt-svc: h3=":443"; ma=86400
content-length: 2440
x-bz-upload-timestamp: 1698996407414
last-modified: Sun, 05 Nov 2023 19:42:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77d8DwQHIYgkzZWuVvnCXdtQ14ug%2FLWOs34Zf3%2BJqbua807c1%2BNlFD4VxTymMJFCWA1yz%2FrJgwQOgQezZ6lCDOBmgJq7YCvkHzlTMfN0DO6CP4szuuenuLU9T8giIeZzdaNALLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df90e39db-YYZ

GET
H2 200 70b17cac37d88b210f1fc6b7f9e71874.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 4 KB
5 KB 60ms
34ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/70b17cac37d88b210f1fc6b7f9e71874.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12e2b54e646b8aaa809adc2022cf17c2c16874b9a60b4e412cd572cd38e5cc2d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f106658cba760ec28_d20231103_m041258_c000_v0001081_t0016_u01698984778553
age: 84519
x-bz-content-sha1: unverified:f255d3be8edcb2dff12f1b91a03ad968b914f7bb
x-bz-file-name: images/ss/sqtn/70b17cac37d88b210f1fc6b7f9e71874.jpg
alt-svc: h3=":443"; ma=86400
content-length: 4038
x-bz-upload-timestamp: 1698984778553
last-modified: Thu, 09 Nov 2023 12:40:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2PUi0ctZDcwuaBceZRGXdqxToTFTealJFUm%2BUNY33lPb1y0BSRpE1W7qZuvdKM3W8ZymNAXQzJEjBjDMQ5EG3pDDKK%2Bmj0wsdqNOxsl%2FfD%2BUU6%2FQyfmBPFzPCsK5ieh9i5hFLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df90939db-YYZ

GET
H2 200 3bb21100e545c2bb1831890289ebd9fa.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 1 KB
2 KB 85ms
61ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/3bb21100e545c2bb1831890289ebd9fa.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 431ea1374d2082060185a3a560ed36653036ab9abf175c5c1d4beb802aeae491

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f108c290b46261199_d20231031_m145401_c000_v0001056_t0017_u01698764041250
age: 84475
x-bz-content-sha1: unverified:90c283ebce684dd04f534a460952bf2598d888c4
x-bz-file-name: images/ss/sqtn/3bb21100e545c2bb1831890289ebd9fa.jpg
alt-svc: h3=":443"; ma=86400
content-length: 1453
x-bz-upload-timestamp: 1698764041250
last-modified: Tue, 07 Nov 2023 15:16:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuCfxhVVDFY65lyNkXN5wHAOewuZsSgpTZpgPUtrLp1h6jOJmDgzt63cmC6T9xhhHORgB8AzjntLA9ojMQ0BSphxlyt%2B62nNyCKrs08oHbYu4mmAwbhgfuNFJoof%2Fhu3KGE%2F99s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7e093639db-YYZ

GET
H2 200 0f6a154f7d7cc16889999108efb50a75.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 4 KB
5 KB 81ms
56ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/0f6a154f7d7cc16889999108efb50a75.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddea83a04b1952be2d9a3639abd04b3a6c7c033ef4abf5e4cfe8819281deb8b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f113017613fbad928_d20231031_m041357_c000_v0001088_t0001_u01698725637447
age: 396908
x-bz-content-sha1: unverified:4cd42a3fe820104be314aca1db6ec6490e299b5f
x-bz-file-name: images/ss/sqtn/0f6a154f7d7cc16889999108efb50a75.jpg
alt-svc: h3=":443"; ma=86400
content-length: 4158
x-bz-upload-timestamp: 1698725637447
last-modified: Sun, 05 Nov 2023 19:42:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URQ0Sf79GBpgIHByy0DaLKemGaA37eSewDIbD75bpuDIDX45M8jwHU29YqX8NIXIvOnmrLy9IrQxhf62fC1%2BNrf5jYYxD3nwSPhD98zwii8i3klcwmiNts8Mt4xlM9TUOqtGAZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7e093439db-YYZ

GET
H2 200 844652a4d86bba0702fe3cece4d12fe7.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 2 KB
3 KB 61ms
35ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/844652a4d86bba0702fe3cece4d12fe7.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88637c3d280615becb8b6fdf447de9965619214c2f9ffc5245318b9b6996255f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f11889d7c0854000a_d20231027_m223045_c000_v0001082_t0005_u01698445845465
age: 278983
x-bz-content-sha1: unverified:57f31e7e27eea6daa8caeb2baab774f3e15821b4
x-bz-file-name: images/ss/sqtn/844652a4d86bba0702fe3cece4d12fe7.jpg
alt-svc: h3=":443"; ma=86400
content-length: 2429
x-bz-upload-timestamp: 1698445845465
last-modified: Sun, 05 Nov 2023 14:02:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNsUvOBqi%2FlahYve8z%2BGjz%2BdPivT%2FgyMJPEJbYsmtjvO%2FqyIkU6x4%2FDVx%2B5omNGLB4jEIF7F74plGrtbv8DbRU68xUM3%2BJJWsuLGfQn8MVdVd4IWlFq7gOTEO2F0PLjDVeDn2LE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df90c39db-YYZ

GET
H2 200 1a745700b5b64b8b813cc0ab16f2d623.jpg
cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/ 3 KB
4 KB 76ms
50ms Image
image/jpeg 172.67.149.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-b2.ffxipro.com/file/ffxiah/images/ss/sqtn/1a745700b5b64b8b813cc0ab16f2d623.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.149.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20cff169d7ea63a0e881721ea4328eb816e9b28108579b3511ad2e90ba25713

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zba25c1481093079c722d0f15_f1195ad9636b95d24_d20231021_m235818_c000_v0001401_t0051_u01697932698947
age: 82774
x-bz-content-sha1: unverified:bcfc5ff526fdc6b6f5aae3e9146e5969aa2395ef
x-bz-file-name: images/ss/sqtn/1a745700b5b64b8b813cc0ab16f2d623.jpg
alt-svc: h3=":443"; ma=86400
content-length: 3413
x-bz-upload-timestamp: 1697932698947
last-modified: Fri, 10 Nov 2023 11:51:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHIGvAw9ZkJzOPon8lsav%2FUfi1RzZnQ9GLHMgPaejyxC8G%2Ba2Akp%2FYB5Wkj1d23VnJKFiq4w8u4Zmxyqh%2BXGamrHEOPDxPjvqWTRah1TfXlOSEGdIYsxbNJ%2BzafMDvxeEXARHqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 825aeb7df90f39db-YYZ

GET
H/1.1 200
OK mini-noavatar.jpg
www.ffxiah.com/images/ 649 B
970 B 19ms
18ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ffxiah.com/images/mini-noavatar.jpg
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: afecc80369c60a81fb5ef1dc95125f8f602e5a571fea2b2b67ac5df53ac8dc16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 01 Jan 2020 23:48:52 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5e0d2fe4-289"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 649
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H/1.1 200
OK gAd_728x90.html Show response
ads.ffxiah.com/ffxiah.com/ Frame 20CA 875 B
752 B 62ms
18ms Document
text/html 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ffxiah.com/ffxiah.com/gAd_728x90.html
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2e6550ca6c5ca20106cda53ee4781dabfec2750dab8b11211e7259d9cdd3910b

Request headers

Referer: https://www.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 13 Nov 2023 23:50:56 GMT
ETag: W/"5de5cac8-36b"
Last-Modified: Tue, 03 Dec 2019 02:39:04 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
DATA 200
OK truncated
/ 539 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de9238a6076601f98a67bf7c628a8847a4856991edb81bbb23d3c0016241a059

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK gAd_160x600.html Show response
ads.ffxiah.com/ffxiah.com/ Frame 598B 877 B
749 B 56ms
18ms Document
text/html 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ffxiah.com/ffxiah.com/gAd_160x600.html
Requested by: Host: www.ffxiah.com
URL: https://www.ffxiah.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 820082abc59342f47489e47ede1b727d4ea2a258af6752d96d88fd84f2dfe35c

Request headers

Referer: https://www.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 13 Nov 2023 23:50:56 GMT
ETag: W/"5de5cac8-36d"
Last-Modified: Tue, 03 Dec 2019 02:39:04 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK rss_icon.jpg
static.ffxiah.com/images/ 4 KB
4 KB 24ms
19ms Image
image/jpeg 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffxiah.com/images/rss_icon.jpg
Requested by: Host: static.ffxiah.com
URL: https://static.ffxiah.com/css/ffxi/app/index.v1608652921.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a6e3909fb7002fb69091cb9acab3ea585a5436c11d46ac166f0bda1880d377a1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.ffxiah.com/css/ffxi/app/index.v1608652921.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:56 GMT
Last-Modified: Wed, 01 Jan 2020 23:49:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5e0d2fef-f32"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3890
Expires: Thu, 07 Nov 2024 23:50:56 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 20CA 101 KB
31 KB 148ms
81ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ffxiah.com
URL: https://ads.ffxiah.com/ffxiah.com/gAd_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

77ef67e3f2b81920d100cb4dbe39fffebe4a9c2350da12ca88d836fed815ba95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31475
x-xss-protection: 0
server: cafe
etag: 412 / 19674 / m202311090101 / config-hash: 2459397958677358047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 598B 101 KB
31 KB 179ms
113ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ffxiah.com
URL: https://ads.ffxiah.com/ffxiah.com/gAd_160x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

07b09e208ec7b502d203df5f6425da1bf89f1c1a22e089677e3752613609e804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31467
x-xss-protection: 0
server: cafe
etag: 94 / 19674 / m202311090101 / config-hash: 2459397958677358047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 20CA 429 KB
135 KB 97ms
30ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33858
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Nov 2024 14:26:39 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 598B 429 KB
134 KB 130ms
82ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33858
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Nov 2024 14:26:39 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 20CA 29 KB
13 KB 138ms
137ms Fetch
text/plain 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2127169662695424&correlator=3062710763620530&eid=31079444%2C31079520%2C31079380&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1031700%2CMidBottomLeaderboard_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&cdm=ads.ffxiah.com&abxe=1&dt=1699919457340&lmt=1575340744&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=728&ish=90&scr_x=-12245933&scr_y=-12245933&ucis=ws83xtthi94n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fads.ffxiah.com%2Fffxiah.com%2FgAd_728x90.html&ref=https%3A%2F%2Fwww.ffxiah.com%2F&top=https%3A%2F%2Fwww.ffxiah.com%2F&vis=1&psz=728x90&msz=728x-1&fws=256&ohw=0&ea=0&ga_vid=1849596560.1699919457&ga_sid=1699919457&ga_hid=1794295715&ga_fc=false&dlt=1699919456966&idt=349&adks=1741596969&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

c6e0c74227064a93b0d91c7d52d2095114907cadfd67a6b0e72363628062e77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12523
x-xss-protection: 0
google-lineitem-id: 2742260
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 7126206140
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ads.ffxiah.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F142 6 KB
3 KB 104ms
33ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:57 GMT
expires: Tue, 12 Nov 2024 23:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 598B 145 KB
43 KB 411ms
411ms Fetch
text/plain 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3023824374262334&correlator=2590046422593207&eid=31079444%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1031700%2CRight_BigSkyScraper_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&cdm=ads.ffxiah.com&abxe=1&dt=1699919457374&lmt=1575340744&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=160&ish=600&scr_x=-12245933&scr_y=-12245933&ucis=uki1efcltqq7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fads.ffxiah.com%2Fffxiah.com%2FgAd_160x600.html&ref=https%3A%2F%2Fwww.ffxiah.com%2F&top=https%3A%2F%2Fwww.ffxiah.com%2F&vis=1&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=1303729513.1699919457&ga_sid=1699919457&ga_hid=784821989&ga_fc=false&dlt=1699919456968&idt=396&adks=4037978123&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

5502b0cad6c21b65213e04284b8d9c67bc2c0089796f10e79208e261ceebe8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43986
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ads.ffxiah.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52F9 6 KB
3 KB 101ms
33ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:57 GMT
expires: Tue, 12 Nov 2024 23:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 20CA 16 KB
12 KB 116ms
52ms XHR
application/json 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

4650aa9eadf2e262aa493906b0df19680b46e8ef4e59e686eb49ace530432985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12300
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 598B 16 KB
12 KB 100ms
57ms XHR
application/json 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

22b31561bb8fa5b2319b4a7aa65e1a57edd26fad4f9e235d6d74f6ee19a05a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12396
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17A6 0
0 59ms
59ms Fetch
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOiWDp8BtdG8Ep10-pxaGE6CsRAln57oFWy9PHK9INxVhUx6v2Ma8zC9lNXNKyiCRaZaYEYBp8Nq4bl9XTFGD_IbrXBkqYv-dYKaMbuJYoB9rEPWNA1olQBEy3HFAGTlbHXVKSZ91RQAfaGBQW5dvLds5fUmdQgRhN3efo2x2-sFOo6ceCNXyFYuXwXxGIzuVCUKgFg5DNjEk6zQDAwnCAkbDOJH8MK2wiOnHdfy9_hu_dYXIr6vbzvedKrIHMEPI28zNC-gsEB4wwLR1Rn9x3GR3OKG1jntwzQfn3-mPo8w6dxX84KIQ0M47baYrfuiQlIyPp2IC8wq1QvdWhWGHEQAjHJ6Rrh8OjUxBwIk3tCiA&sai=AMfl-YR5IRraDMsldTQXk8b8W3hA85ED8mJ9_dSclF7vvmpku9S22ra80804c8Wxh9wa1EugdFNqkTb2cmrGLqeicYq4sa60Ysi4hLPuyBPWJ20PCRCElxRXzhDecwY5KUKxJ0KxCtFBEVL4SseduRuXYPUX&sig=Cg0ArKJSzNXe2mmFrxHiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ffxiah.com
URL: https://www.ffxiah.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 17A6 150 KB
52 KB 161ms
99ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

861b9f741e5250f2b6e4f3cb044d7a4fa47fdd00e18339914f554afd3f734f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52733
x-xss-protection: 0
server: cafe
etag: 16680373067619011080
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17A6 192 KB
61 KB 177ms
177ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H/1.1 200
OK syndicate.v20190214.css
static.ffxiah.com/css/shared/ 3 KB
3 KB 18ms
18ms Stylesheet
text/css 158.69.250.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ffxiah.com/css/shared/syndicate.v20190214.css
Requested by: Host: static.ffxiah.com
URL: https://static.ffxiah.com/js/lib/AH.v1608652921.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 158.69.250.98 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns547292.ip-158-69-250.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2953f313f04d1977820ca1a332c2bb7c76aa4c0313c16d0dec37cfd73ae832f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 23:50:57 GMT
Last-Modified: Fri, 14 Oct 2022 17:06:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6349970e-b5e"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2910
Expires: Thu, 07 Nov 2024 23:50:57 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 20CA 17 KB
6 KB 40ms
39ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 598B 17 KB
7 KB 36ms
36ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7BF0 13 KB
5 KB 32ms
32ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 93447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Nov 2023 21:53:30 GMT
expires: Mon, 11 Nov 2024 21:53:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6018 829 B
771 B 116ms
52ms Document
text/html 172.253.62.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f105.1e100.net

Software

GSE /

Resource Hash

259d88a3683ee1606011bd2977b49d36abc498386153f8483cf13111f09f2ab9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xMVe16cQX-Y-VqslWGXBLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xMVe16cQX-Y-VqslWGXBLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:57 GMT
expires: Mon, 13 Nov 2023 23:50:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB5A 13 KB
5 KB 31ms
31ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 93447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Nov 2023 21:53:30 GMT
expires: Mon, 11 Nov 2024 21:53:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0E6 829 B
1 KB 97ms
48ms Document
text/html 172.253.62.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f105.1e100.net

Software

GSE /

Resource Hash

125bebd7164e3372081916c64d898174f4c6e5e7b213f11f9c8d87aa85f565ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CF4s2-IoUrblL2FC0R-QOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CF4s2-IoUrblL2FC0R-QOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:57 GMT
expires: Mon, 13 Nov 2023 23:50:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ Frame 17A6 400 KB
136 KB 94ms
94ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

29d31e3b1846221513acdcb0b0bdf13441d851be6becad066bce566b5476b16e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138660
x-xss-protection: 0
server: cafe
etag: 11214679464792214149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame FA5A 9 KB
4 KB 35ms
33ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 51042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 09:40:15 GMT
etag: 16674218716276178799
expires: Mon, 27 Nov 2023 09:40:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BF0 39 KB
15 KB 36ms
35ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 12:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 12:57:28 GMT

GET
DATA 200
OK truncated
/ Frame 17A6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f5e1cbeb496701ac976cb8bdd03ae3e17f3cbb6fa15c14aadcb12457a5632b8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 249E 6 KB
3 KB 33ms
32ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:57 GMT
expires: Tue, 12 Nov 2024 23:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0E6 0
0 56ms
56ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2127169662695424&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6018 0
0 57ms
56ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3023824374262334&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 249E 17 KB
2 KB 103ms
41ms Stylesheet
text/css 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

ESF /

Resource Hash

d5e399feb2a8a7f2992276d740f7966519f5e46194f83d82a0a6a77c45dcea11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 23:44:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 249E 2 KB
822 B 32ms
32ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:26:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 249E 23 KB
9 KB 33ms
33ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:55:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 249E 3 KB
1 KB 32ms
32ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:55:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 249E 20 KB
8 KB 34ms
34ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:55:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 249E 192 KB
60 KB 34ms
34ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 23:50:57 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 249E 37 KB
16 KB 101ms
32ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 22:56:01 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BB5A 39 KB
15 KB 32ms
32ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 12:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 12:57:28 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 249E 21 KB
21 KB 98ms
31ms Image
image/jpeg 172.253.62.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTIAE7-P2Gh48aYNvd6iCrdU7prh2c8_R9K6JUd-AI1MRV8DW_2XS-aFMfb7g&usqp=CAI

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f113.1e100.net

Software

sffe /

Resource Hash

fe8df266cdbe82d3986bbedd8d5cf6f462a3003d1b54e6dbca6453247a6ca111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:28:55 GMT
x-content-type-options: nosniff
age: 1323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21328
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:23:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 12 Nov 2024 23:28:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 249E 25 KB
25 KB 115ms
48ms Image
image/jpeg 142.251.111.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSZEigGzny6zjYH_INqdy_cCmB9YBU7xqeiseY0dPrgdpM8JzGhEylPYHtqSA&usqp=CAI

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f139.1e100.net

Software

sffe /

Resource Hash

8a395af8baa78f38151ffff8c8b758524315ff21e07129efa01fcd6ce58f43f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:59:45 GMT
x-content-type-options: nosniff
age: 17473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25973
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 04:26:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 12 Nov 2024 18:59:45 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 249E 20 KB
20 KB 115ms
49ms Image
image/jpeg 172.253.62.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ3XPKJbR-RLLiFjDGcTQTCQ1k-gbhzDZyg4doPJdD5oF0T03ag3Uzxh-9lgg&usqp=CAI

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f113.1e100.net

Software

sffe /

Resource Hash

0c4e22e84de3bd4dab68352237c22a9f0d31b1a9587b74dbae94247646a817f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:38:30 GMT
x-content-type-options: nosniff
age: 748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20586
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 04:24:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 12 Nov 2024 23:38:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 249E 15 KB
15 KB 124ms
57ms Image
image/jpeg 172.253.62.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSfSbpGt69plTFye5lQBTqe4Gga8wNmYcGnRy3U2AQhTaBvDC9BOMfWFxRrdzk&usqp=CAI

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f113.1e100.net

Software

sffe /

Resource Hash

cb3a8be140005312f5c55f591232c519b0c63759047720d94499efd3420123e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 03:07:43 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15608
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 12 Nov 2024 23:50:58 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 249E 15 KB
16 KB 98ms
32ms Image
image/png 142.251.111.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSDObUpUI_0HzE4vm2oF9z3ses16WhU3b4d9Skan3N8MUUJQoA&usqp=CAI

Requested by

Host: f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
URL: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f139.1e100.net

Software

sffe /

Resource Hash

7073bf4118076d5aa499e11e0b7d5149022465430e1267fb0f8a358fd37635f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:41:14 GMT
x-content-type-options: nosniff
age: 223784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15737
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 04:27:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 10 Nov 2024 09:41:14 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95D6 436 B
233 B 161ms
160ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0209765201661192&output=html&h=90&slotname=7268890205&adk=29905378&adf=4198862039&pi=t.ma~as.7268890205&w=728&lmt=1699919457&format=728x90&url=https%3A%2F%2Fads.ffxiah.com%2Fffxiah.com%2FgAd_728x90.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699919457721&bpp=3&bdt=218&idt=230&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&cookie=ID%3Dbb97695315137d7d%3AT%3D1699919457%3ART%3D1699919457%3AS%3DALNI_MYA7rV5WUuike9oEYywcvZ34levhQ&gpic=UID%3D00000da1a897f81c%3AT%3D1699919457%3ART%3D1699919457%3AS%3DALNI_MZ4A_Xoq15oroaKLrqmfQFFkOXqLg&correlator=191942804375&frm=24&ife=4&pv=2&ga_vid=380173714.1699919458&ga_sid=1699919458&ga_hid=1538411653&ga_fc=0&nhd=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3078452370&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C31079605%2C42531705%2C44807460%2C31078297%2C44807405%2C44806139%2C44807763%2C44808148%2C44808284&oid=2&pvsid=2674194772525742&tmod=1718423315&uas=0&nvt=1&top=https%3A%2F%2Fwww.ffxiah.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rm3i0fhrkb1f&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

8b18da6804b989d1399c5e8fe9ab2580d55d8c87957ef5ac932c850a5e9311bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 249E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca91f91b375c0cc13407399800a79b2a66471352299c19cfe22ab33451035a08

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7BF0 0
10 B 32ms
31ms Image
text/plain 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bk45ew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 249E 21 KB
21 KB 101ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:52:50 GMT
x-content-type-options: nosniff
age: 485888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 08:52:50 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 249E 33 KB
33 KB 118ms
54ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:06:39 GMT
x-content-type-options: nosniff
age: 488659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 08:06:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BB5A 0
10 B 31ms
31ms Image
text/plain 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?trHEWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17A6 0
0 119ms
57ms Fetch
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9WB3okeVp0xLY0adIBZxkb4E5FZe_m8mShQv3u1NT4sEBel5YdzD8zekAhRnVu9KLq8jA1UN7RSmsgf1kIanRBBD8X55JYX1wKUiewbJD9F5Q131ZkPVN3VskncKAkIWXyRsfy7mMqys1acveqHhO-Bh-3L6h6lH0oCJfSY2E75xeD6ytFjiBGaeuZERYe2brH1ErACkZB0LEvodztm5vld5HYSXZMmkODVWfH91qpNWRVShZM6gPTAed-_-8_3ZFedkdyjeGq5HI0Fk1JTjtWQsDEGIW1P683gUD9waH5NBr1zvAkVX_cRtwK2waJc3GeYNXZ4YEa2oa_eq5eRorC5xR7eZ-eFC6xPsT-eE76lzESA&sai=AMfl-YR7qN1stqdGiq_EVwY-cH5Rl38AXlJBEmgk1ZOlXC1DDGd3X8iSMBZ8s3lmcqD8vmTq3Sd55p85nrYCXi95D6vm0vVJpUC0aoefZ8Qp1mEiZujlbGgoZxWFPh3fl6Aa7i4qRtfGeR41_CKcjKV6a9iL&sig=Cg0ArKJSzH7SZekU8NWlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Nov 2023 23:50:58 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 17A6 16 KB
12 KB 52ms
51ms XHR
application/json 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

51d1bca97cf5279414ed4d9115576a30809f8338bda879cff93de8e9dcc68fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12459
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 81ms
56ms Preflight
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5IIGYbZSZfmxGdbkvPIP2sif0ASf7e6MdODU-J6sEmQQASDQ15MEYP3oooHwA6ABkq3NgwPIAQngAgCoAwHIA8sEqgShAk_Q58RSc9i_zuAY5amnZrfbZihzpwMNZe9lPJYGxquAwheLNI1P4EuKhh_rGRW8klxyp2JBeyHXdutI8JH6v7cijealnWDFQp5eqt7qQVswoZ8kV5i4EvNFkuuHyF0fIoWDImlzOwfQDsYb5pZb4zjcKLDV4yLpvyKVFGjL0DgqFxzsyJmaydPjhA2e5_7gu7QSQP9Y2b3ZprcfGZNyneW7wkhWwR_pe5h9RCbkNYABjeI5OPPNAY3_dsF9pljeDTt-fUWfRDttH_HZq_L47giUoCbKsfpe0sFpRpq35HLKJ2VoAchZl_QZRhuzVuAPqzTrMPJlIanwL_YlvLrFkD97Z23nIgSt5vmwtmU5gCa9VzlNlUsnr4d6voga9_DVwpvABP-a6PvOBOAEAYgF1-yhiEySBQQIBBgBkgUECAUYBKAGLoAH3oWsqwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQz84J0ggUCIBhEAEYHTICigI6AoBASL39wTqaCRdodHRwczovL3NoYXBlcm1pbnQuY29tL4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQwKahpuecq_OHARICAQPiDRMI7-ieu5XCggMVVjJPCB1a5AdK2BML0BUBgBcBshceChwIABIUcHViLTAyMDk3NjUyMDE2NjExOTIY5LYH&sigh=BTbwFE8OfEw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNDk35Q947X-GXxKT20tayTHw97qeMoico2zycp3XmLSpacN3RtMHk3Pq8N8YvGdk19R1ZObxuQmd8FbqTKc5FxC_1BI1tnc845hYYAQ&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 13 Nov 2023 23:50:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 249E
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5IIGYbZSZfmxGdbkvPIP2sif0ASf7e6MdODU-J6sEmQQASDQ15MEYP3oooHwA6ABkq3NgwPIAQngAgCoAwHIA8sEqgShAk_Q58RSc9i_zuAY5amnZrfbZihzpwMNZe9lPJYGxquAwheL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5dbc59cc4dbc30a90000000000000000%22,%222%22:%220x3a5b057b9fd9503f0000000000000000%22,%223%22:%220x499503...

0
0

58ms
58ms

Fetch
text/css

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5dbc59cc4dbc30a90000000000000000%22,%222%22:%220x3a5b057b9fd9503f0000000000000000%22,%223%22:%220x499503f78dc5ad120000000000000000%22,%224%22:%220x2e529b53900a5970000000000000000%22,%225%22:%220xf203b709ee275ab80000000000000000%22},%22debug_key%22:%225663448854433013260%22,%22debug_reporting%22:true,%22destination%22:%22https://shapermint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812865170%22],%224%22:[%2211-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223881232264272802801%22}&andc=true

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5dbc59cc4dbc30a90000000000000000","2":"0x3a5b057b9fd9503f0000000000000000","3":"0x499503f78dc5ad120000000000000000","4":"0x2e529b53900a5970000000000000000","5":"0xf203b709ee275ab80000000000000000"},"debug_key":"5663448854433013260","debug_reporting":true,"destination":"https://shapermint.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["812865170"],"4":["11-13"],"6":["true"]},"priority":"500","source_event_id":"3881232264272802801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Nov 2023 23:50:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Nov 2023 23:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5dbc59cc4dbc30a90000000000000000","2":"0x3a5b057b9fd9503f0000000000000000","3":"0x499503f78dc5ad120000000000000000","4":"0x2e529b53900a5970000000000000000","5":"0xf203b709ee275ab80000000000000000"},"debug_key":"5663448854433013260","debug_reporting":true,"destination":"https://shapermint.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["812865170"],"4":["11-13"],"6":["true"]},"priority":"500","source_event_id":"3881232264272802801"}&andc=true
access-control-allow-origin: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame F978 39 KB
15 KB 31ms
31ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: www.ffxiah.com
URL: https://www.ffxiah.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 05:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 411860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 05:26:38 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 17A6 17 KB
6 KB 32ms
32ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 23:50:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 157A 13 KB
5 KB 33ms
31ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 93448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Nov 2023 21:53:30 GMT
expires: Mon, 11 Nov 2024 21:53:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A7A 829 B
793 B 47ms
47ms Document
text/html 172.253.62.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f105.1e100.net

Software

GSE /

Resource Hash

77713af1779e2006e9592743589c076ae04bc43321afaf209d760ac9a0e047c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T_QShvrKLIYaLg2GpT7KXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.ffxiah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-T_QShvrKLIYaLg2GpT7KXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:50:58 GMT
expires: Mon, 13 Nov 2023 23:50:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 157A 39 KB
15 KB 31ms
31ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 12:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 12:57:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A7A 0
0 55ms
55ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=2674194772525742&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
56ms Preflight
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 13 Nov 2023 23:50:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 157A 0
10 B 30ms
30ms Image
text/plain 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Posrdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:50:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 598B 0
0 58ms
58ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3023824374262334&bg=!jI-lj8DNAAZxrfrxUa07ADQBe5WfODOuyLeyBm8pGIVPgQOQXMlMOmMEYjFJ0-OybDYasjbeBOHz0y3V5Mv8zCteowRbAgAAANxSAAAACmgBB5kC0K9nkA5C_QUpojc8aIzF0V1tE_gTOcRWC8WMTQjZ28S46qYx8q2QOKL0A69ABp91zwdanZnIw2P9Y6hq9VPsWTUqLyA1zC7yyrZ-rVcTvjAzPjzNqWP-IRPVXotsfg0egk1ZMrXBBMrqF4WkkyCOuoGRwZzvSIaHqakfyqS2zr1z56Hz2oWsorbpXE0dhPsKWXGEhWLEkeAUraAS23psu7c34nR_7a-C8pg9-IIBK6Cqp2_vXA3zwKkLHCCds0pefvV5p_uUiU4AkQW59AMSW7f6xDI4zcbHoWEWHil52htihJqU6HRXvYpHH1ENnOslxK5qX841jRBHifc1K3sp6_RKZM00UX30OvFz_PfkhwIF4zklB4w1cqSqHxhM5l0ei33Dg18UEdAdRKirtuZhNL8hgQ6T6BQEm7mQ2xKZql-YXrGxN5lF6A91c_eQUaCquusJ4bvayDNB4D90Rli4AzoAQw1mL2dMs-OrhE8nGOM2DloqOOhG7zzhbnvi0TE09khTh6Z7ArhjgBghb9G0rM5dVLT7_7Nw1rDsjGgot-czJAxSBab2jPqxk7vHOSQJHRTpjgPzPv3wcA5wzbd7PuKHmhqrMY0fVIpW54ABrxarKEItGQS6XWlVRk7az9KdAs1gmPf7UHsrsDdgg3f9mZfbGRsngHDaOMq6I9EgUyWZktYCs47vi54NaLNw-dGBKINTXla1KgiyK1008vskeIrz9ie_LnofhvWsaCkYAqCNnvgpEIa2sCORNzepsJLalQsJ91Tvk9Sx9iIFptnvDzN83on-_BBi4UbQpOerCQivepibKi2Jf0-T5te07llo6iFvr_vw-w4mkh5eoqHD3AwQS5t4FgZGTf4LnI7fOe9X2q4ml-VnTgrMxyiQm9sgyM0dSppzbzM5vHiY49hoQafh3SUvgECWCRBi5CwoO-O552bPKBEob5JU_-neY6herw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 20CA 0
0 58ms
57ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2127169662695424&bg=!S0ilSAfNAAZxrfrxUa07ADQBe5WfONwKbdGjG4pQ4nfKVkhpDPsFCgodF41tipbn-41UvT2luuyJATW3yDij35hN1SZ2AgAAALtSAAAAB2gBBwoAazarxSOTRiXLzoER6fEofq7FBqsiNS9nIvgfzRhCchKVdTHzlS1be_ooiEF26g5NDiMopXiRk5AZndvs2HBNE4hklfowoH1mc8fqZwMxXLsjcfYfS0SFPlJGPIMFojCdVe5BS_gqcbfJkkbKmQK_VlhU8uhUHCu57hvBnqhP1Z0UJfU4Gh8ZlhBhVcfFglJI2xsfirLt7KBI6TpffxqWeLSEbR-zyGuZpS7tclXCUgLDgUXEgp07gc0Gqnej9NlKlKdm3Q1kXNlL8mFf07AIZAn5suOqkL3ixkg0RqFYNBAEvshi9g11pBeNKInNNVzqhcLk5rL1xgjVlIgh6Cdy2B3zfCZFMxzNDhgoG9ilt7iT1z1nDYq7K_-cJh9Id35D2nswrrZFVd8a-XxAgnd3xv79fB37BLAXEi4J794Eb6bmwc7UsJFCAhpgJp74LS_ccSOKMOmUTrZciar-U7gAM9K0Q88nBky3XrHMhl4Ld7hP6m_jRhbMez6hGnVZdGGajFmlyHD1lVi0EO-c2-GwQ8rw46Xp9ScxCTFGMhhA-WcUotktEGxUUTahtKsr4Dp_zRcLNzYGnFHI5CiFvZ6IkU4aWxgq9qUni_lwm7lpQrHvHkOdA88tL7rOZcmsJiPXJeZerrugtZ3LTWGLGHl_B4rtVQutUDM95UiL9IKR4GRvIBG_R3Nx295m4PycEkMd777XnXzpSDlBC0OO0PC5m-4EgEs1HvF_uJIO1lJclz0VnHgYYeC3QKSA9e8N1JFs5N7szRMHGdufpcyUoNuzzZEK_G_LJrIletN1LFQOVghcDakD7scCG7zVapIM6-cIBrsE6AxgyYb6BmnfUcMmh5n7SWtmH4paHjrEo9R6Qs4jYa9Xajq1w4pRDd_fORXrlso7LWVQyx7TqbEwLHio_h1BgBOI_zW7i6j0prfnhxbL_jWYzPDqmco8f4fyssijlYCX-9scF3PR8s-GTyydw_NweTxbd59cPIHf2atmRuuW05KN3M64DqYIXvUKP1QPggboCvMyAf6-uqf_wMh6irvanDyq9IEZK_XjAfxwznYFdYd-J1fTj0fPyeTfjw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17A6 0
0 62ms
62ms Image
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=2674194772525742&bg=!uLulu_TNAAZxrfrxUa07ADQBe5WfOJ0g9O1CtFa9XZO0E212mF6Qtg7Mp3jaa2kDwRYej6YUM1fqnrKOQyEa03AxAW6MAgAAAEFSAAAABGgBB5kC2zVkMKnLQUjtusafZRP1Tk_fNB6MtH1u8qVosZIrBcgUv_EGyNdhatjE37dZLSRgMamWabO3ooiwQc_Sq-0ldjCMr0-DPeOyKe584ddtdDY9DxOLkGzPZo5dRDo0rnhyuEYvybIkwcFyZPcoDTleIGjNi9tbLsBqFXEnjwOf6X3LfDfcXAjRCaLyrP-rCAd9G6xjRptaA0mBjDa60coxRHefogZ5QNDvKKm1TO9GOYN8jkp_Gecrxv-nGCuEo_vMCdGp9a7vlfGap0teIIw1KaXHDnwR5azgIKMF_JywWXIqYGcvy_bZ7wqpvbHuni_Cs7FL5opgR-ayTW2WvbX5MsPQpap5PhfphVMOR7d2Ll3nrVAfoJJeLFZ67rA49WHRoy7yagw9jVdGo5MQt_kcLFVGXZTCyb2vwN8HMXVHan_vQiOZj0nD5-5Mry1LHxg8Zw2b7c-1ZjthZBrDGTIv6vYJrQD4Zx4aKQQC1koiekCtyDbZs6UeJIOp7obAbZ5w9mP3AhNhJJ6JShuON_Ke7xgHMt-fVPMj9ejxp3EEGz9mToCtb9Jnrws7p5FOdXmTboSngIbulQ6zmA1Uy6MtrG7UAaQ7Ievl8Ixw08yLiBjIuDa2OqnCXhJLfsxu4wIOkSQzGAJZnJLUOttcDXioFW-HEpcxCtf2KJLw3Np-VVSp8ScRFZuWjnKtyPy4R_IadqGlMDpnpKMueUgVG6cmL8CPbkqM0toPgzsZJtUztmGd_1ZKJl09c7i2Tk-nM54rC94x20xTtpx_f3jOuRy4zG5Z0LrIprA-5Fy0WXQfOmC2Y95lbW3nZ9ART2bHJF3B2AaL-xGo6oLVuR4NVoVfGu4r9mIC99geGx17ebkP-ShxxWmjWA07PjfJfBUuxRBHLc8t16qi5DgphqMi5tlOODFQ60CqW-jWAv0up396wqQoAJQ1i-MCpnqa7M0rUNVa_HU5S5KlFddKzM2Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17A6 42 B
64 B 57ms
57ms Fetch
image/gif 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjT2OlKCstBnv0fxPEmhoRzHbil556cXDIlgPw1Q3GmMOB0JQz_T8lu8wrrqLCirLsIlTJXSgsmJIH5tdalirWAOTodzS-uUHtNgF8TaPk9vmhkjfZO9UGxjY-6tcv3OvZvveisaHbyw&sig=Cg0ArKJSzMZaEBGKHvj_EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1741596969&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699919457504&rpt=688&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.ffxiah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 23:50:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 249E 42 B
64 B 59ms
59ms Fetch
image/gif 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLJy7xxAnfxioz59oiRWjFf9qq0cwwYWSX5cRPCo02YZZdtG7pWcXnp7GPhlNHuToJIr9aB5jXiggczpPBUoGdtJ3WLCQ-MyrOe0NwSUfK3Q4lkcG2mdQ-FEuPPo3HtjNkEkyet31HNg&sai=AMfl-YRMxcPBW4RbzlK1Mk3fxBjh71WI8kS9Hht1Y_ixxpDtKAShdxu_WvFkhmp-y5lVpvftfIn3TcrGlH0plebwgIlIZnLGK__J4WgU2Pn90HxqkbUf2XXcqOTr-AlJLBcdYOYGvwmbjdeHsicx-Zv2qA&sig=Cg0ArKJSzD5DdqADYKZBEAE&cid=CAQSTwDICaaNDk35Q947X-GXxKT20tayTHw97qeMoico2zycp3XmLSpacN3RtMHk3Pq8N8YvGdk19R1ZObxuQmd8FbqTKc5FxC_1BI1tnc845hYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4037978123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699919457849&rpt=382&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 23:50:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ffxiah.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fse6erp9pi7g3miucnq50vq36p
.doubleclick.net/	1970-01-21 01:47:59	Name: IDE Value: AHWqTUnKvoblrGlWc0epMvpnDj2VV1pryABAhrwwE9qjbXdsAM0mBseyl82a5qzmgXE
.doubleclick.net/	1970-01-20 16:12:00	Name: test_cookie Value: CheckForPermission
.ffxiah.com/	1970-01-21 01:33:35	Name: __gads Value: ID=bb97695315137d7d:T=1699919457:RT=1699919457:S=ALNI_MYA7rV5WUuike9oEYywcvZ34levhQ
.ffxiah.com/	1970-01-21 01:33:35	Name: __gpi Value: UID=00000da1a897f81c:T=1699919457:RT=1699919457:S=ALNI_MZ4A_Xoq15oroaKLrqmfQFFkOXqLg
.googleadservices.com/	1970-01-20 18:21:35	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37a1ae31d18a5de121ad61f104807ae7.safeframe.googlesyndication.com
ads.ffxiah.com
ajax.googleapis.com
cdn-b2.ffxipro.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
f2fe615ab331a09ecfaeb2a59014094f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.ffxiah.com
tpc.googlesyndication.com
www.ffxiah.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.31.155
142.251.111.139
142.251.16.156
142.251.16.95
142.251.163.94
158.69.250.98
172.253.122.94
172.253.62.105
172.253.62.113
172.253.62.132
172.253.62.154
172.253.62.95
172.67.149.27
07b09e208ec7b502d203df5f6425da1bf89f1c1a22e089677e3752613609e804
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c4e22e84de3bd4dab68352237c22a9f0d31b1a9587b74dbae94247646a817f1
125bebd7164e3372081916c64d898174f4c6e5e7b213f11f9c8d87aa85f565ef
12e2b54e646b8aaa809adc2022cf17c2c16874b9a60b4e412cd572cd38e5cc2d
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
22b31561bb8fa5b2319b4a7aa65e1a57edd26fad4f9e235d6d74f6ee19a05a8f
2322829258c6cd7abadb484fb0460676b79f0a84cde8262f04b278cb685a26f6
259d88a3683ee1606011bd2977b49d36abc498386153f8483cf13111f09f2ab9
2953f313f04d1977820ca1a332c2bb7c76aa4c0313c16d0dec37cfd73ae832f0
29d31e3b1846221513acdcb0b0bdf13441d851be6becad066bce566b5476b16e
2bc30a20158eab355c0c9e07c206250b071b1c9df09ad904044c7620cd5f6c61
2e6550ca6c5ca20106cda53ee4781dabfec2750dab8b11211e7259d9cdd3910b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328f0490c1cb33e8591121a3137010d723185c7cb296d6e31972a53eecc2ad8b
392810e795ba3482d649e3f16a116a5082de8f869167ab5f1802cf03a2014bd1
39a3c7d6b04b4831a00b92c85004e2d2f17db8e5579a761244385e80e61d3663
3a13573a1b2c472ee5d48e92d169e4bd34e116e9171a4e0085f531f6b8dca598
3a98fe4d4e958523b23c2e683d10cc5f9f011ecf00f8e8cd2f5aa252d00d2850
3fbb25ace81b6a3408e075f931adf7aec7dc6a4655a234a861146ae935e57fae
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431ea1374d2082060185a3a560ed36653036ab9abf175c5c1d4beb802aeae491
43bef3a32b943fef4cd3f077b6fa0cdde39d43bad337ae248166de1ae2d05d42
4650aa9eadf2e262aa493906b0df19680b46e8ef4e59e686eb49ace530432985
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4f5e1cbeb496701ac976cb8bdd03ae3e17f3cbb6fa15c14aadcb12457a5632b8
5190177518baa8261d3dfe414359909403696a1a7f50d3dbf7e63840030adeb9
51d1bca97cf5279414ed4d9115576a30809f8338bda879cff93de8e9dcc68fce
5502b0cad6c21b65213e04284b8d9c67bc2c0089796f10e79208e261ceebe8c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6219658eefd4d5277fe3833fde16f25bae4caab07595c416f33c0042d8896b32
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6282db7dcb04dec66f5b2d0d20ec9f67600ffe524d2fa130fa994762f9bdf2eb
65b4e02ee5f344762605747ba70399c918cabf5d00a87c4750d1211e947ec250
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
7073bf4118076d5aa499e11e0b7d5149022465430e1267fb0f8a358fd37635f4
7311f00e9cc4ab639f9a91936d4946cf4dfb02bc9afc4a42cc95f66521eacc1e
77713af1779e2006e9592743589c076ae04bc43321afaf209d760ac9a0e047c0
77a8904df780875e356b196bb3c8b55067185b8b42a2b6363875b5ce7eded29e
77ef67e3f2b81920d100cb4dbe39fffebe4a9c2350da12ca88d836fed815ba95
78561254199355191524f611622b7e9a8f3e1648ef819c74a85a2362efb61005
820082abc59342f47489e47ede1b727d4ea2a258af6752d96d88fd84f2dfe35c
83b4948264e784579eeac8d462a2ef2049f6c7f7ea9b9466368853b59cb3ea6d
84822498a486d6aeaf029ffc01181e5c249905b26f4e8299cdc06bd6a237d6c0
860c11bbc5156902ec680d9fbfd22c0efeddd92a3702e4b282a04a2e74d7d8d1
861b9f741e5250f2b6e4f3cb044d7a4fa47fdd00e18339914f554afd3f734f59
88637c3d280615becb8b6fdf447de9965619214c2f9ffc5245318b9b6996255f
89c9f51f29a67d443a77ca42c8683cf49b9f90bced1587be53791529cc8a154d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0466388eb44d3be3f3ad7853bae037a0fa2d52bbf07ee02c8c41127aee0124
8a395af8baa78f38151ffff8c8b758524315ff21e07129efa01fcd6ce58f43f1
8b18da6804b989d1399c5e8fe9ab2580d55d8c87957ef5ac932c850a5e9311bd
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8d2732434196037afa3ddcc0497ab1ca688331c8ab3e54f3c3eb08fd257fd2a4
8f65a4f441ed0a18b9074dc228e02724a11c0b6bb1fe277ed6a6dd751257bdd1
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
982cb597efd3459628548f6b4c867cf0f4f2735e92dae36a73834209b65f60b9
9ce649755ae3d29428d4c1bbe31f7827a90adfbe3bf835953de981ac9b44b147
a2198d66fa644d6fa9958bec0e99792366bd06afa074594b788e76cd27a6f042
a68e054693be4a1d12da204ae67abab74a0c5fe24d97345cb9dfa9da4fcfb26d
a6e3909fb7002fb69091cb9acab3ea585a5436c11d46ac166f0bda1880d377a1
a9027b40f692e2db0c712a6c7a94e83e76e90ef01438b1f1627ba37695849f91
afecc80369c60a81fb5ef1dc95125f8f602e5a571fea2b2b67ac5df53ac8dc16
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b4931eddbb10292330d2d8b29833a4e56f86475bbea197e0f5256089c75adaba
b4a13e86a3f67093c8cf4e2212e4e1a8f324731648cd6258d1abeb61cf75eafe
b4b1f3c5233a55d42fda178b57bd8f10492a77bd93daf35054e144d99b9b7761
b83a14fe83bbf97fa965c43c7014232f9441aa51b16d5a87a41c8677f1b6ddf0
bf26252c65e298567c305a70dcbeb175cf4a2365719efa08771825f1533afa2c
c15d2ac4db3f019a45835d2f8fcf5a3644779185181f7fe0b6080568ee63906e
c30acbe09855d6826349bcae54ae027698a7d08e19bd4348ec914d4b9bfffceb
c6e0c74227064a93b0d91c7d52d2095114907cadfd67a6b0e72363628062e77d
ca91f91b375c0cc13407399800a79b2a66471352299c19cfe22ab33451035a08
cb3a8be140005312f5c55f591232c519b0c63759047720d94499efd3420123e5
ce1a3de1571376cb4acb66e2a8298d05fe797876051e0d7525778faae4806099
cff2f88fb91e98375fb31702a21673b5fd6e6713215ab7602609c839c270b0b9
d1234d25b9f9921cbf0a7dadb25d8ba39f9525b6d95994a0ac6fe5a8c2f6bff3
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d5e399feb2a8a7f2992276d740f7966519f5e46194f83d82a0a6a77c45dcea11
ddea83a04b1952be2d9a3639abd04b3a6c7c033ef4abf5e4cfe8819281deb8b6
de9238a6076601f98a67bf7c628a8847a4856991edb81bbb23d3c0016241a059
e20381716ab6965b04f4f00715ed3a59f4ddc1b033d5ca9e20327bf88e6de45e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42fd76275c115e6ee5bd6b88638c4131db98509ed746f5712c2478bf2101331
e5dd63f7c69eb1e1a521f7eb9d40265c948eeccbc922b1b4a8d7a5f0c26309cf
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03639ff553a6465d4e50348b632f3d169a81f851e38092e8dd88d436ef088d0
f20cff169d7ea63a0e881721ea4328eb816e9b28108579b3511ad2e90ba25713
f27a3de45c93a746283c29d651bd08d927e0a21f9b13d0a29ca11bd7dea1c6c5
fe8df266cdbe82d3986bbedd8d5cf6f462a3003d1b54e6dbca6453247a6ca111

www.ffxiah.com Open in urlscan Pro 158.69.250.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

0 %IPv6

9 Domains

19 Subdomains

14 IPs

2 Countries

2094 kBTransfer

4071 kBSize

6 Cookies

18 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ffxiah.com Open in urlscan Pro
158.69.250.98 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

0 %
IPv6

9
Domains

19
Subdomains

14
IPs

2
Countries

2094 kB
Transfer

4071 kB
Size

6
Cookies

120 HTTP transactions
3 data transactions