urlscan.io logo urlscan.io
SecurityTrails logo

ff14card.gudalog.com Open in urlscan Pro
157.112.183.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ff14card.gudalog.com/
Effective URL: https://ff14card.gudalog.com/
Submission: On March 17 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 157.112.183.121, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ff14card.gudalog.com.
TLS certificate: Issued by R3 on January 21st 2024. Valid for: 3 months.
This is the only time ff14card.gudalog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    157.112.183.121 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv5280.xserver.jp
ff14card.gudalog.com
2    2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2404:6800:4004:80c::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3110::6812:352c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.polyfill.io
1    2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2404:6800:4004:81e::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4004:81e::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
14 gudalog.com
ff14card.gudalog.com
1 MB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
www.google.com — Cisco Umbrella Rank: 2
72 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
277 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
ajax.googleapis.com — Cisco Umbrella Rank: 390
72 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
5 KB
1 gstatic.com
fonts.gstatic.com
126 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3148
383 B
41 7
Domain Requested by
14 ff14card.gudalog.com 1 redirects ff14card.gudalog.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 pagead2.googlesyndication.com ff14card.gudalog.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fonts.googleapis.com ff14card.gudalog.com
1 www.google.com tpc.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.polyfill.io ff14card.gudalog.com
1 ajax.googleapis.com ff14card.gudalog.com
41 10

This site contains links to these domains. Also see Links.

Domain
jp.finalfantasyxiv.com
gudalog.com
Subject Issuer Validity Valid
ff14card.gudalog.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://ff14card.gudalog.com/
Frame ID: 7A08E4094BB96D667A6FBB1BFDF34823
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3658196066775365&output=html&adk=1812271804&adf=3025194257&lmt=1638464580&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x810_l%7C404x810_r&format=0x0&url=https%3A%2F%2Fff14card.gudalog.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710677608258&bpp=2&bdt=173&idt=169&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7943216876409&frm=20&pv=2&ga_vid=1574853002.1710677608&ga_sid=1710677608&ga_hid=737034523&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C95327951%2C95327955%2C95322184%2C95325785&oid=2&pvsid=4087460565206691&tmod=1881224983&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183
Frame ID: 2ADA2525D488E52A9FF10459EFB3B961
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C282676C24EC2785B7BB5196E98C4BAC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0301C60BB10D3D81C1B24E710F71BB59
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Character Card Generate Tool for Final Fantasy XIV

Page URL History Show full URLs

  1. http://ff14card.gudalog.com/ HTTP 301
    https://ff14card.gudalog.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

2008 kB
Transfer

2981 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ff14card.gudalog.com/ HTTP 301
    https://ff14card.gudalog.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ff14card.gudalog.com/
Redirect Chain
  • http://ff14card.gudalog.com/
  • https://ff14card.gudalog.com/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
08d54237c9b479000dfe3b01309205b5ca9f3839504286bd01ad9fce7b1d9d20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Sun, 17 Mar 2024 12:13:28 GMT
etag
W/"2260-5d22cc3449900"
last-modified
Thu, 02 Dec 2021 17:03:00 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 17 Mar 2024 12:13:28 GMT
Location
https://ff14card.gudalog.com/
Server
nginx
normalize.css
ff14card.gudalog.com/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/assets/normalize.css
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2019 09:37:00 GMT
server
nginx
etag
W/"17fa-58a9056d0c700"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		145 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+HK|Open+Sans+Condensed:300|Oswald&display=swap
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8392e06603883c95e4b7c65e362c902962af79b205a53acc8a7d7a5b22e5f9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 12:13:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Mar 2024 12:13:28 GMT
style.css
ff14card.gudalog.com/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/assets/style.css
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
3a2d70d07c588442364d853f11250df9e77dc09f3e5e6abcbd1c166249e943f7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 17:10:00 GMT
server
nginx
etag
W/"2107-5d22cdc4d4a00"
vary
Accept-Encoding
content-type
text/css
rcrop.min.css
ff14card.gudalog.com/assets/ 		3 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/assets/rcrop.min.css
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
ba35ebc941ece6365960f7e775506b43287f6e43c242f1e711d4cace4e01d330

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
last-modified
Sun, 02 Jun 2019 09:28:00 GMT
server
nginx
etag
W/"bcc-58a53dd1ae800"
vary
Accept-Encoding
content-type
text/css
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 12:13:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Mar 2024 12:13:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f28af7be678c8b1fabdd163f91258f3f6e0c5ab60ad097df8445779b5d9ed76f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50759
x-xss-protection
0
server
cafe
etag
5945371497083042015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 17 Mar 2024 12:13:28 GMT
title.png
ff14card.gudalog.com/img/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ff14card.gudalog.com/img/title.png
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
ec8abe7abb03dd82dc4a491ade7a44c56d9475b139b5bb99d4ee02f430d9644a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
last-modified
Fri, 07 Jun 2019 02:32:00 GMT
server
nginx
accept-ranges
bytes
etag
"1bbf0-58ab2a2946800"
content-length
113648
content-type
image/png
system_bg_button.png
ff14card.gudalog.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ff14card.gudalog.com/img/system_bg_button.png
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
8868d70dcdc43f24e41a5520524110d4085edd131871cfb3442d35901f6754aa

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
last-modified
Fri, 21 Jun 2019 00:19:00 GMT
server
nginx
accept-ranges
bytes
etag
"148c-58bca68b68500"
content-length
5260
content-type
image/png
quest_bg_button.png
ff14card.gudalog.com/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ff14card.gudalog.com/img/quest_bg_button.png
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
37ca3e811d269e4369f3c4d0697f9b831451cb5eebc06158e955ed9276bf2b41

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
last-modified
Fri, 21 Jun 2019 00:18:00 GMT
server
nginx
accept-ranges
bytes
etag
"bc26-58bca6522fe00"
content-length
48166
content-type
image/png
loader.gif
ff14card.gudalog.com/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ff14card.gudalog.com/img/loader.gif
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
4d7ca327dd602d7942332b43b7d83b0b52326e55b42f85038d9119c1666d7134

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
last-modified
Thu, 13 Jun 2019 09:35:00 GMT
server
nginx
accept-ranges
bytes
etag
"612e-58b313e64b900"
content-length
24878
content-type
image/gif
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Mar 2025 14:44:15 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:352c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2024 12:35:47 GMT
server
cloudflare
age
257861
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
865ce5aabb0ef655-NRT
expires
Sun, 17 Mar 2024 16:13:28 GMT
rcrop.min.js
ff14card.gudalog.com/assets/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/assets/rcrop.min.js
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
040bf8dbb920ffee8c6e31feeccc00ca9d38e0b66a1a7c19415c1279f91abc44

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
last-modified
Sun, 02 Jun 2019 09:28:00 GMT
server
nginx
etag
W/"aaff-58a53dd1ae800"
vary
Accept-Encoding
content-type
application/javascript
html2canvas.min.js
ff14card.gudalog.com/assets/ 		160 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/assets/html2canvas.min.js
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
c695e45c728c4f6b876b8b877dab01c9557cb24bef5cfb96c48b9436cb197271

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
last-modified
Tue, 04 Jun 2019 10:07:00 GMT
server
nginx
etag
W/"2812e-58a7ca4433900"
vary
Accept-Encoding
content-type
application/javascript
script.js
ff14card.gudalog.com/assets/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ff14card.gudalog.com/assets/script.js
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
3cd9ab77e5791e0156b4215632f71a62a340d0a7463080c270bf242581d3b2b8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 15:49:00 GMT
server
nginx
etag
W/"22ce-5d22bba9f9300"
vary
Accept-Encoding
content-type
application/javascript
title_bg_01.jpg
ff14card.gudalog.com/img/ 		720 KB
721 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ff14card.gudalog.com/img/title_bg_01.jpg
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
c18f3b8f5c44a35fd17bed01e26a223f65e68c397cbc38b67b0ae6d86ab700cc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
last-modified
Fri, 07 Jun 2019 00:57:00 GMT
server
nginx
accept-ranges
bytes
etag
"b3fb4-58ab14ed54f00"
content-length
737204
content-type
image/jpeg
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v141/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ff14card.gudalog.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:07:36 GMT
x-content-type-options
nosniff
age
252352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:11:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Mar 2025 14:07:36 GMT
title_bg_04.jpg
ff14card.gudalog.com/img/ 		482 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ff14card.gudalog.com/img/title_bg_04.jpg
Requested by
Host: ff14card.gudalog.com
URL: https://ff14card.gudalog.com/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.183.121 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv5280.xserver.jp
Software
nginx /
Resource Hash
758e8f6f4a03eb87ca4243f1813732a4a0f26a07378cc2b79fbeabf8026081fc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
last-modified
Mon, 10 Jun 2019 00:44:00 GMT
server
nginx
accept-ranges
bytes
etag
"7877c-58aed79dd9400"
content-length
493436
content-type
image/jpeg
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
105e9c76328065e61de854d97a96effd6e2db3fc0975c8b91591da58bf3aff32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140966
x-xss-protection
0
server
cafe
etag
2904058265787044644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 12:13:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2ADA 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3658196066775365&output=html&adk=1812271804&adf=3025194257&lmt=1638464580&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x810_l%7C404x810_r&format=0x0&url=https%3A%2F%2Fff14card.gudalog.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710677608258&bpp=2&bdt=173&idt=169&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7943216876409&frm=20&pv=2&ga_vid=1574853002.1710677608&ga_sid=1710677608&ga_hid=737034523&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C95327951%2C95327955%2C95322184%2C95325785&oid=2&pvsid=4087460565206691&tmod=1881224983&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d479201751cee6667e796bcc6f8d5967dda7591819f1981127de721355c64ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4584
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Mar 2024 12:13:29 GMT
expires
Sun, 17 Mar 2024 12:13:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-3658196066775365
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3658196066775365?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ba22c88adbdd3838c00b1d40ac5f560ea17c37898b52e273f846d8e88444dd3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-79UvPvdhy_Na8lEzZzq7Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-79UvPvdhy_Na8lEzZzq7Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQCzEzfFyz-31bAI3ThxNAQDzwTaE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUtZ60cvR_2e0JWeYsOvB1-Vx5C6r-zleoHdacVFPIhlrM8JwKrgLphOL2jGxe9iFVbev4tdYTNJJYVqTu5urEKMb15ENvxX2w3BgM1ZHlyqFrh6fyYEPwhkEdbVb5I982-RggbBw==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUtZ60cvR_2e0JWeYsOvB1-Vx5C6r-zleoHdacVFPIhlrM8JwKrgLphOL2jGxe9iFVbev4tdYTNJJYVqTu5urEKMb15ENvxX2w3BgM1ZHlyqFrh6fyYEPwhkEdbVb5I982-RggbBw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjc3NjA5LDMxMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mZjE0Y2FyZC5ndWRhbG9nLmNvbS8iLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7b37810052f31d32754b1c2d7037f66c1c4c01c77e2622f0d4c2bf90a01c7e5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0R4WCfm9Dg8JadswkpzkSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0R4WCfm9Dg8JadswkpzkSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTD8XLP7fVsAg2d31YwAgDXIDFS"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_4owkJxqdyVtXHIYG9IiiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_4owkJxqdyVtXHIYG9IiiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1gDgFiIh-Plntvr2QRmLD13mxEAyJ0MtA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ff14card.gudalog.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVAJnn8ztULkjHF67RYAyTF-2Tm5zM7G2YMKPBCR-RwSw-6Pksd-AlFi76irFosRmFKlXphWW0p-BZSjySVJOwrLyVa6q5lrk3gz9eBs_JiiEtb5vNghp75HEFWV3RQBSIjLw9nPA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVAJnn8ztULkjHF67RYAyTF-2Tm5zM7G2YMKPBCR-RwSw-6Pksd-AlFi76irFosRmFKlXphWW0p-BZSjySVJOwrLyVa6q5lrk3gz9eBs_JiiEtb5vNghp75HEFWV3RQBSIjLw9nPA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjc3NjA5LDM5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9mZjE0Y2FyZC5ndWRhbG9nLmNvbS8iLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9865d169f32222c0394e0375a6a1165c42ba195fa97d469d7e17359c8d60fffb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nRdYwxUtfpyirP20ZVaV3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-nRdYwxUtfpyirP20ZVaV3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTD8XLP7fVsAjcmTT7HCADZAzF4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
365cbbca25ac5d06c9856d7a56090108cfe33814eb63775232836c5aaf387858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12382
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 12:13:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C282 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
203833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 03:36:16 GMT
expires
Sat, 15 Mar 2025 03:36:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0301 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6bd080de21f757c83469183adf03be440f386397336f94b3d7cc0a17afe57efb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H_xIrrSADaNJz2eKz-MzGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ff14card.gudalog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-H_xIrrSADaNJz2eKz-MzGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Mar 2024 12:13:29 GMT
expires
Sun, 17 Mar 2024 12:13:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame C282 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
252782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 14:00:27 GMT
generate_204
tpc.googlesyndication.com/ Frame C282 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wiJ0KA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0301 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=4087460565206691&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
onesheet-ad-
fundingchoicesmessages.google.com/f/AGSKWxW9-MaYzMPOp4IX6cP4RfAz13CKfsLkRlCNX7KwAoj4ZqJOT37J5zjjz_h-LIXwkqziDays8741TQrjkZ7pokq_vIeQsWvQDB3sNIvZxjZWJhvJvxjTPgxFam5itLPj-dYNVxKJhkOXUsmmDeewzFnoEi-Ck... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW9-MaYzMPOp4IX6cP4RfAz13CKfsLkRlCNX7KwAoj4ZqJOT37J5zjjz_h-LIXwkqziDays8741TQrjkZ7pokq_vIeQsWvQDB3sNIvZxjZWJhvJvxjTPgxFam5itLPj-dYNVxKJhkOXUsmmDeewzFnoEi-CksWYwDwRjJCKF9OmOxLIUVu9sno8uShg/_/adseperator_/topadheader./innerads./adsfinal./onesheet-ad-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_signal_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e9e541589180b9e3e86ba0d3988f913b0ac4e68c16bd0503a7db88212b8083c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3L5hUWzNPdmhOaPXjAV1bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-3L5hUWzNPdmhOaPXjAV1bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQCzEzfFqz-31bAI_DrwwBgD3lzaW"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_signal_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6716ef02d521dcb4e1cc28cc5f1bdf39a3a3cccf12b4d8bd44dbec738d66bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50759
x-xss-protection
0
server
cafe
etag
7792790533259274431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 17 Mar 2024 12:13:30 GMT
AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SctQkzIq5xQKS4WYiELVRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-SctQkzIq5xQKS4WYiELVRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1gDgFiIm-PVntvr2QRuTD5jAAC8ZQw3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ff14card.gudalog.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IkQJ_U5eTymMnjZVWi1uZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IkQJ_U5eTymMnjZVWi1uZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1gDgFiIm-PVntvr2QQa9i31AwC7uQwE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ff14card.gudalog.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8MchCs88TI5uuGFcdOriFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-8MchCs88TI5uuGFcdOriFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1gDgFiIm-PVntvr2QQurPkVDwC94Qyr"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ff14card.gudalog.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzaSPpkTxh1KT5_HDWx1D-PK6K54i-_lSUP4shAMVp41lf2sLIA32iYXWD71qDi6vFjDj7tzUbzdRAsCHkJb1XnFDmcl8jJCkjjg1wd68Es0DnKtVKBKUhmUC_K8sBRYCG-ONO3A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JKyoVdDvBASOi8ENkV3hVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JKyoVdDvBASOi8ENkV3hVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1gDgFiIm-PVntvr2QQ6Fq1JBAC8KgwO"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ff14card.gudalog.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwWCxsY3A9QWvDR8NWbxUQuawlY4JT80sZVxgt17bF4oSVYLzv0xroEV5yYCpbzkTZ7L8VXV9rOoOJhrhqPt5to-nsoABPNGsVMq2Q7-ewQXUrd5LjcTf3XSDDvahrsSkG8b0qsg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWwWCxsY3A9QWvDR8NWbxUQuawlY4JT80sZVxgt17bF4oSVYLzv0xroEV5yYCpbzkTZ7L8VXV9rOoOJhrhqPt5to-nsoABPNGsVMq2Q7-ewQXUrd5LjcTf3XSDDvahrsSkG8b0qsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjc3NjEwLDE3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmYxNGNhcmQuZ3VkYWxvZy5jb20vIixudWxsLFtbOCwiSUlVdERTUVJRa00iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
194fde78440c00e8146270194f847f9f4ad6f44e18f672e5173d332f96cb0b4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F1EZNnMHEzXDQ3LHMt6JAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-F1EZNnMHEzXDQ3LHMt6JAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTN8WrP7fVsAg_-PkwHAKiuMdA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUEjE7vgjNMEws0nuOnrrS6p-0B_V8tBJpn0rumqxOqF__2p3coLuJuwCRiIF-zelX97DzNBsCCes4tTRUl5_6QBBl76xOsb0Fem9Y0JDQnOtex2X5e5yn9JIG1IVapZDx9q3WR0g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUEjE7vgjNMEws0nuOnrrS6p-0B_V8tBJpn0rumqxOqF__2p3coLuJuwCRiIF-zelX97DzNBsCCes4tTRUl5_6QBBl76xOsb0Fem9Y0JDQnOtex2X5e5yn9JIG1IVapZDx9q3WR0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UTjy3SV6vOtxIzX6hb-p4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ff14card.gudalog.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:13:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UTjy3SV6vOtxIzX6hb-p4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1gDgFiIh-PVntvr2QQ6Lnc2MwIAyQcMQQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ff14card.gudalog.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=4087460565206691&bg=!YGOlYyzNAAY_ejuoH3o7ADQBe5WfOHJ0i-4_z4gO3ilnF8SPrOP9qaXaUUWcv5_dttSC_dX_kvDejCsHW6-eFN6aB70_AgAAADpSAAAACWgBB5kCzW98wLLgwW1808BJBhWlnL6xIuaisJPZIfyV-Di3dHrjrTgkSm1Yxj0vN_dq8HsGymZNVpp28kiB5nbVDy51EjCQmRqtcxJ9Z0ApSLihAsiXOMJewsMyx9kBTr3MvextPL4DGf2HzGAzG-AW99wPPuArO6cPw0Xc-9CtgiXsiaqVw_YkIM7jFFnIG1A9JlfQAMiQQu-oY6X-4FZMKIIjbELdcKnZJ3UYLUydK5i7k2PWHL8jz9fy0-9SmskprLev63esCvXv5oNlYDNQsNJbAmCaXAK1pKhF2iRADLUc2HOUyxs_G03-yqe6_SWiSw6YT8HBVICLNPRH74UWfJnFHMLo9hOUVxm1ewOBUpWTNLJ2NKLCDYiJKx4kMJrSMBGhfcrcjvreiOflWLUE6frYdwnKcfhpNmJr1DDAY93YnIWeZSVnUJvEhwDHGWevgv25WkfwWh9IQoU5Hagk695NGcQzMhrUW82513e1JSFmvdUjv-QawBPT8wXkSsud2PPFPstHgew_P3R8yeGLuZ_qYm1ledDOXSRKTuDLvX2A7iIWAxIluOqfuqKJvW-QCRNSwS4Cyl1UIBmPbP7fIaoOuvC9nB0jokovjcAL1bFfuI501Pq4zkxIX9WIxxTb6Pja26UUF72ER6zCqLz5bpfesD-Uc5kQuBwR8znWPOeuGKzORNG8HYa21X7ZVlQBnlAgn8vRd5TVOCOvlMHjaMSHodg2-t5lq9PnXc-q3IplLJJqgb2fO7wD53OhLq9-Stie9sFaVJlsN5IjosCDxAPz3Aw993YBEc5JoPAA7CymDo5EE_n_Pvoxzc74toG4J9JcQpXYPAhPJjkK_YZTlZzERqb1lQXanITndNJCoUOblmBNJw-Bt1peJ9XwwkuYru_uqQ70DWilMgJWZu9coejOuUXa0A2VEmEkcmVuX_t8g4c6epRXvmjwPmgJIn4wFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ff14card.gudalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery function| ResponsiveCrop function| isTouchDevice function| html2canvas object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmIzMWEyYjM1ZjM0YzMwZWxvYWRlcl9qcw== string| ZmIzMWEyYjM1ZjM0YzMwZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| GoogleGcLKhOms boolean| 131b6c2f-ceb6-439f-a273-f8c02a98833e object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.gudalog.com/ Name: FCNEC
Value: %5B%5B%22AKsRol85QvF17XIIkG3_pFtMlAetv3H_TfbUb_kMR1LEtUi672Vn3wOnvd_0Vvn12EHKYir05aQQPHUJxxw2qNd7-oEdTduuRS8cxoddAwXxfDYBri1-GNtuy50pKth1MK0RUWnsydDBJKjIrE4idxVoQGeUTOg_hw%3D%3D%22%5D%5D

1 Console Messages

Source Level URL
Text
other warning URL: https://ff14card.gudalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.polyfill.io
ff14card.gudalog.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
157.112.183.121
2404:6800:4004:801::200e
2404:6800:4004:80c::200a
2404:6800:4004:81c::2002
2404:6800:4004:81e::2002
2404:6800:4004:81e::2004
2404:6800:4004:823::200a
2404:6800:4004:826::2001
2404:6800:4004:826::2003
2606:4700:3110::6812:352c
040bf8dbb920ffee8c6e31feeccc00ca9d38e0b66a1a7c19415c1279f91abc44
08d54237c9b479000dfe3b01309205b5ca9f3839504286bd01ad9fce7b1d9d20
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d479201751cee6667e796bcc6f8d5967dda7591819f1981127de721355c64ee
0e9e541589180b9e3e86ba0d3988f913b0ac4e68c16bd0503a7db88212b8083c
105e9c76328065e61de854d97a96effd6e2db3fc0975c8b91591da58bf3aff32
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
194fde78440c00e8146270194f847f9f4ad6f44e18f672e5173d332f96cb0b4c
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
365cbbca25ac5d06c9856d7a56090108cfe33814eb63775232836c5aaf387858
37ca3e811d269e4369f3c4d0697f9b831451cb5eebc06158e955ed9276bf2b41
3a2d70d07c588442364d853f11250df9e77dc09f3e5e6abcbd1c166249e943f7
3cd9ab77e5791e0156b4215632f71a62a340d0a7463080c270bf242581d3b2b8
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4d7ca327dd602d7942332b43b7d83b0b52326e55b42f85038d9119c1666d7134
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bd080de21f757c83469183adf03be440f386397336f94b3d7cc0a17afe57efb
758e8f6f4a03eb87ca4243f1813732a4a0f26a07378cc2b79fbeabf8026081fc
7ba22c88adbdd3838c00b1d40ac5f560ea17c37898b52e273f846d8e88444dd3
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8392e06603883c95e4b7c65e362c902962af79b205a53acc8a7d7a5b22e5f9a5
8868d70dcdc43f24e41a5520524110d4085edd131871cfb3442d35901f6754aa
9865d169f32222c0394e0375a6a1165c42ba195fa97d469d7e17359c8d60fffb
a7b37810052f31d32754b1c2d7037f66c1c4c01c77e2622f0d4c2bf90a01c7e5
ba35ebc941ece6365960f7e775506b43287f6e43c242f1e711d4cace4e01d330
c18f3b8f5c44a35fd17bed01e26a223f65e68c397cbc38b67b0ae6d86ab700cc
c6716ef02d521dcb4e1cc28cc5f1bdf39a3a3cccf12b4d8bd44dbec738d66bc6
c695e45c728c4f6b876b8b877dab01c9557cb24bef5cfb96c48b9436cb197271
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8abe7abb03dd82dc4a491ade7a44c56d9475b139b5bb99d4ee02f430d9644a
f28af7be678c8b1fabdd163f91258f3f6e0c5ab60ad097df8445779b5d9ed76f