freetrial.finalfantasyxiv.com Open in urlscan Pro
2a02:e980:f3::86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd
Effective URL:
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ...
Submission: On March 11 via api (March 11th 2021, 4:25:42 am UTC) from DE

Summary HTTP 50 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a02:e980:f3::86, located in United States and belongs to INCAPSULA, US. The main domain is freetrial.finalfantasyxiv.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on December 6th 2019. Valid for: 2 years.

This is the only time freetrial.finalfantasyxiv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.251.44 212.32.251.44	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	217.79.188.2 217.79.188.2	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
23	2a02:e980:f3::86 2a02:e980:f3::86	19551 (INCAPSULA) (INCAPSULA)
8	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.17.178.109 2.17.178.109	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	52.200.208.53 52.200.208.53	14618 (AMAZON-AES) (AMAZON-AES)
50	12

2 212.32.251.44 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

stvkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.2 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:e980:f3::86 (United States)

ASN19551 (INCAPSULA, US)

freetrial.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.178.109 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-178-109.deploy.static.akamaitechnologies.com

img.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.208.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-208-53.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	finalfantasyxiv.com freetrial.finalfantasyxiv.com img.finalfantasyxiv.com	348 KB
8	googletagmanager.com www.googletagmanager.com	442 KB
7	onetrust.com cdn-ukwest.onetrust.com geolocation.onetrust.com	110 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	116 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	fontawesome.com use.fontawesome.com	83 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	stvkr.com 1 redirects stvkr.com	2 KB
1	adition.com 1 redirects ad1.adfarm1.adition.com	766 B
50	9

	Domain	Requested by
23	freetrial.finalfantasyxiv.com	stvkr.com freetrial.finalfantasyxiv.com
8	www.googletagmanager.com	freetrial.finalfantasyxiv.com www.googletagmanager.com
6	cdn-ukwest.onetrust.com	stvkr.com cdn-ukwest.onetrust.com
2	errors.client.optimizely.com	cdn.optimizely.com
2	fonts.gstatic.com	fonts.googleapis.com
2	use.fontawesome.com	freetrial.finalfantasyxiv.com use.fontawesome.com
2	img.finalfantasyxiv.com	freetrial.finalfantasyxiv.com
2	stvkr.com	1 redirects
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	fonts.googleapis.com	freetrial.finalfantasyxiv.com
1	ajax.googleapis.com	freetrial.finalfantasyxiv.com
1	cdn.optimizely.com	freetrial.finalfantasyxiv.com
1	ad1.adfarm1.adition.com	1 redirects
50	13

This site contains links to these domains. Also see Links.

Domain
secure.square-enix.com
usk.de
www.square-enix.com
us.playstation.com
www.square-enix-games.com
square-enix-games.com
onetrust.com

Subject Issuer	Validity	Valid
stvkr.com R3	`2021-02-27` - `2021-05-28`	3 months	crt.sh
dragonquest.com Trusted Secure Certificate Authority 5	`2019-12-06` - `2021-08-28`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.finalfantasyxiv.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-04` - `2021-11-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
Frame ID: 0645923649AF097186A796FBC3FDFA58
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd Page URL
https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd&no_co... HTTP 303
https://ad1.adfarm1.adition.com/redi?sid=4523921&kid=4059563&bid=12219261&prf%5Bp1%5D=8DVZ1TF3tdZA2lK&rnd=8D... HTTP 302
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021ga... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

50
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

1160 kB
Transfer

3292 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.square-enix.com/account/app/svc/ffxivregister?lng=en-us&notr=0
Title: KOSTENLOS STARTEN

Search URL Search Domain Scan URL

URL: https://usk.de/

Search URL Search Domain Scan URL

URL: https://www.square-enix.com/

Search URL Search Domain Scan URL

URL: https://us.playstation.com/

Search URL Search Domain Scan URL

URL: https://www.square-enix-games.com/de_DE/documents/tnc
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/de_DE/documents/privacy
Title: Datenschutzrichtlinien

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/de_DE/documents/cookies
Title: Cookie-Richtlinien

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/documents/cookies
Title: Cookie-Hinweis

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://square-enix-games.com/documents/privacy
Title: Datenschutz-Hinweise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd Page URL
https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd&no_cookie=1&widht=1600&height=1200&timezone=-60 HTTP 303
https://ad1.adfarm1.adition.com/redi?sid=4523921&kid=4059563&bid=12219261&prf%5Bp1%5D=8DVZ1TF3tdZA2lK&rnd=8DVZ1TF3tdZA2lK&click_id=8DVZ1TF3tdZA2lK HTTP 302
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set click-FQU4YVXN-NLJQCM7Z Show response
stvkr.com/ 2 KB
1 KB 62ms
26ms Document
text/html 212.32.251.44
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7b8c1e717aaff1ec2b6ad561da533226d7ce112344fa6aa20b60fca15c5b1f0d

Request headers

Host: stvkr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 11 Mar 2021 04:25:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=i1ok59de3b1hqrn3m3r0j2nps6; path=/; SameSite=None; Secure cnt=771c85c52497630e30fc399e3be8c44d; expires=Fri, 11-Mar-2022 04:25:22 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.stvkr.com init_referer=NNNNNNNNNNNNNjZPNNNNNNNVvk8%3D; expires=Thu, 11-Mar-2021 04:26:22 GMT; Max-Age=60; path=/; SameSite=None; Secure; skip_js_r=1; expires=Sat, 10-Apr-2021 04:25:22 GMT; Max-Age=2592000; path=/; SameSite=None; Secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

GET
H2

200

Primary Request / Show response
freetrial.finalfantasyxiv.com/de/
Redirect Chain

https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd&no_cookie=1&widht=1600&height=1200&timezone=-60
https://ad1.adfarm1.adition.com/redi?sid=4523921&kid=4059563&bid=12219261&prf%5Bp1%5D=8DVZ1TF3tdZA2lK&rnd=8DVZ1TF3tdZA2lK&click_id=8DVZ1TF3tdZA2lK
https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099

16 KB
5 KB

619ms
563ms

Document
text/html

2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099

Requested by

Host: stvkr.com
URL: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dffca359a5ee3e5135d20a23618367c4255d26b2d2bcbac7f7bb653b83cc1e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: freetrial.finalfantasyxiv.com
:scheme: https
:path: /de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://stvkr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
set-cookie: visid_incap_1837129=YW3l8yiiS8KOzXjiEJ9r17KbSWAAAAAAQUIPAAAAAAAhDuZCI2M4f+SHVLNv1Fsv; expires=Fri, 11 Mar 2022 00:29:54 GMT; HttpOnly; path=/; Domain=.finalfantasyxiv.com; Secure; SameSite=None incap_ses_184_1837129=c2u9Xr+oowt54XLNj7ONArKbSWAAAAAAIpWMOdEeOdjcEAd1gUesrQ==; path=/; Domain=.finalfantasyxiv.com; Secure; SameSite=None
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 0-64835-64836 NNNN CT(99 203 0) RT(1615436722311 0) q(0 0 3 6) r(4 5) U12

Redirect headers

Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Thu, 11 Mar 2021 05:25:22 +0100
Location: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
P3P: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6938247889757734099; expires=Wed, 09-Jun-2021 05:25:22 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure lc_4059563=w=4523921|t=1615436722; expires=Thu, 11-Mar-2021 04:55:22 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure

GET
H2 200 main.css
freetrial.finalfantasyxiv.com/de/css/ 16 KB
4 KB 417ms
416ms Stylesheet
text/css 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/css/main.css

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

016f5a75d106512e33a4035bdf49f2d27b3d2fea424a653c1051ab87528f8908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"413a-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: text/css
x-iinfo: 0-64846-64114 2VNN RT(1615436722880 0) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=428, public
content-length: 3451
expires: Thu, 11 Mar 2021 04:32:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8571101-12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f04caa83d658fb5a5969e8ced03d4f1b11ffbec563276f38efe6712a884ca4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39790
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H2 200 square_enix_master.js Show response
cdn.optimizely.com/public/17026340012/s/ 461 KB
115 KB 25ms
11ms Script
text/javascript 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/17026340012/s/square_enix_master.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d74c517494e3331598e576dd9802b405076e6e6257d0a7c7dd5a94a18afd5fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: MykcZL5T2aeDiWN1tvIG_i.HWqTKqs6b
content-encoding: gzip
etag: "b022b16ecd10dfe009376aae59087968"
x-amz-request-id: RVJJ1XEG21V0QREM
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1174
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 117178
x-amz-id-2: iZhWiCzIyZzP/4rNls6XshIZJcsUX+nyFQTbQXrY+ow0fyqBjsOmCweJnFkZCrhZPz2N2ioFnkg=
last-modified: Thu, 04 Mar 2021 15:20:15 GMT
server: AmazonS3
date: Thu, 11 Mar 2021 04:25:23 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 top_ffxiv_logo_de.png
freetrial.finalfantasyxiv.com/img/ 175 KB
177 KB 414ms
413ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/top_ffxiv_logo_de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b292f57cd23308285807705c4935f8b18c20545e2defffedf042a27b6473e916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "2bd4f-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64847-64641 2VNN RT(1615436722928 0) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=1, public
content-length: 179535
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 trailer-thumb01.png
freetrial.finalfantasyxiv.com/de/img/ 23 KB
23 KB 418ms
412ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/trailer-thumb01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

53bd01e7928926a22b252f5c1c3b8b906c04c4af623545923b4ef721f1882e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "5bfe-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64852-64650 2VNN RT(1615436723321 0) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=1, public
content-length: 23550
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 trailer-thumb02.png
freetrial.finalfantasyxiv.com/de/img/ 22 KB
22 KB 421ms
415ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/trailer-thumb02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4c2c12169c872494a894c867ae35b3a3ff9c1f4b7194898e4243755d0256ec63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "5696-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64853-64637 2VNN RT(1615436723323 0) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=1, public
content-length: 22166
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 usk_rating.png
freetrial.finalfantasyxiv.com/de/img/ 1 KB
1 KB 426ms
420ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/usk_rating.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

80456479b829f440dcd77ab55977916d0e60305dcda8fbbdc61083f3a1d986cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "523-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64854-64722 2VNN RT(1615436723324 0) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=1, public
content-length: 1315
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 square-enix-logo.png
freetrial.finalfantasyxiv.com/img/ 2 KB
2 KB 429ms
423ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/square-enix-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3c233fb324049a238c47dcf9b6f7fd9d40b8d0320b2f3e7755ad0350f9f60229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "d81-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64855-64315 2VNN RT(1615436723326 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=1, public
content-length: 2283
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 ps4.png
freetrial.finalfantasyxiv.com/img/ 2 KB
2 KB 529ms
524ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/ps4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

44361d524e926d76b90fe63dff91eb0c20876c3605a1a9249c15c59340b3e3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "a74-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64856-64716 2VNN RT(1615436723327 0) q(0 1 1 -1) r(5 5)
cache-control: max-age=1, public
content-length: 1849
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 pc.png
freetrial.finalfantasyxiv.com/img/ 530 B
628 B 487ms
482ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/pc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4ae2cd96faa1722227404edadc317c60b3fb91828c20cd34612be06c4ee9832a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "6b9-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64857-64114 2VNN RT(1615436723329 0) q(0 3 3 -1) r(4 4)
cache-control: max-age=1, public
content-length: 530
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 mac-icon.jpg
freetrial.finalfantasyxiv.com/img/ 1 KB
1 KB 831ms
827ms Image
image/jpeg 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/mac-icon.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f73e4ecaf55919fa0a36d1ec1eecd35bf88c09850f7807014cd6e264640c9f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:24 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "7fa-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 0-64858-64647 2VNN RT(1615436723330 0) q(0 4 4 -1) r(8 8)
cache-control: max-age=1, public
content-length: 1184
expires: Thu, 11 Mar 2021 04:25:25 GMT

GET
H2 200 WbP7-gW3eZL2HyGYGrvLqorznk.svg
img.finalfantasyxiv.com/lds/h/u/ 2 KB
2 KB 347ms
280ms Image
image/svg+xml 2.17.178.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.finalfantasyxiv.com/lds/h/u/WbP7-gW3eZL2HyGYGrvLqorznk.svg
Requested by: Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.178.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-178-109.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a782704f3577d0311dccf36faecaed57292c05b0eafb71add4aa8a10e6e6e8f

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 04:25:24 GMT
last-modified: Thu, 27 Jun 2019 08:13:10 GMT
server: nginx
etag: "5d147a96-619"
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1561
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 yBAnSiXwKsWFR_e285d93si7Vw.svg
img.finalfantasyxiv.com/lds/h/W/ 2 KB
2 KB 341ms
274ms Image
image/svg+xml 2.17.178.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.finalfantasyxiv.com/lds/h/W/yBAnSiXwKsWFR_e285d93si7Vw.svg
Requested by: Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.178.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-178-109.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9dde5e52dd0b9ab595cce1193b55605b0d99f7ddc75d620c3bb32a3b9585e36e

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 04:25:24 GMT
last-modified: Thu, 27 Jun 2019 08:13:10 GMT
server: nginx
etag: "5d147a96-877"
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2167
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43274
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 16:24:09 GMT

GET
H2 200 main.js Show response
freetrial.finalfantasyxiv.com/de/js/ 3 KB
1 KB 120ms
114ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d234c5c6dc2e8d7d715f6609473662137d4649ba5a181d5e7b45791526e40936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"14ba-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 0-64851-64114 2VNN RT(1615436723319 0) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=1, public
content-length: 1052
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 lazy-load.js Show response
freetrial.finalfantasyxiv.com/de/js/ 7 KB
3 KB 523ms
518ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/lazy-load.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0977fd57728130160687936aeea6f3628f0238e54f3860aaeff9add19e1e77c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"1a7d-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 0-64860-64637 2VNN RT(1615436723333 0) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=1, public
content-length: 3147
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 lazy-bg.js Show response
freetrial.finalfantasyxiv.com/de/js/ 2 KB
916 B 527ms
522ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/lazy-bg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

040819139b0962a8afaa43e06589bbb66d492fab9ced8b80d8e21f516f40dae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"d25-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 0-64861-64641 2VNN RT(1615436723334 0) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=1, public
content-length: 813
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 magnific.js Show response
freetrial.finalfantasyxiv.com/de/js/ 21 KB
8 KB 832ms
828ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/js/magnific.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6f5f3d7368f5d771da3813a5bda537f7c2c5e043a8be11c5369aaeceeb0c4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"52b3-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 0-64862-64673 2VNN RT(1615436723336 0) q(0 4 4 -1) r(8 8) U18
cache-control: max-age=1, public
content-length: 7565
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 _Incapsula_Resource Show response
freetrial.finalfantasyxiv.com/ 143 KB
21 KB 42ms
38ms Script
application/javascript 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1492181935

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d712265388957ab93bde9920d669d14859a7dc7c641b89b9ec7b31e3102e637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20929
content-type: application/javascript

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
80 KB 46ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaab6c760f47e11beda7c87f0b6307d12507d9c90d78bca9d43f6757f2a1dc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81914
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H2 200 final-fantasy-xiv-stormblood-button-left.png
freetrial.finalfantasyxiv.com/img/ 3 KB
3 KB 589ms
586ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/final-fantasy-xiv-stormblood-button-left.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0bf8e25ba6f447f090d680615920b90c4bc4b5cfab51459c3eb0c148c75e0996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "f92-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64864-64114 2VNN RT(1615436723353 0) q(0 4 4 -1) r(6 6)
cache-control: max-age=1, public
content-length: 3003
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 final-fantasy-xiv-stormblood-button-right.png
freetrial.finalfantasyxiv.com/img/ 3 KB
3 KB 625ms
622ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/final-fantasy-xiv-stormblood-button-right.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

46a653ab800ab04ac53d71793a6a8ea3b502996feb7ac4b20b4b00c54bbcecd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "106d-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64865-64637 2VNN RT(1615436723355 0) q(0 5 5 -1) r(6 6)
cache-control: max-age=1, public
content-length: 2948
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 bottom-cta-left.png
freetrial.finalfantasyxiv.com/de/img/ 2 KB
2 KB 631ms
627ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/bottom-cta-left.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d19ff040def0bc446a5a021537df9ccefc2e45d3a3dec4d276458731c59fd079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "7cf-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64866-64666 2VNN RT(1615436723357 0) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=428, public
content-length: 1999
expires: Thu, 11 Mar 2021 04:32:31 GMT

GET
H2 200 bottom-cta-right.png
freetrial.finalfantasyxiv.com/de/img/ 2 KB
2 KB 631ms
628ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/de/img/bottom-cta-right.png

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7631a00da585a8e78006a64d414031d9a085b16568665f26d9fd8e06337ad04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "7a9-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64867-64641 2VNN RT(1615436723360 0) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=428, public
content-length: 1961
expires: Thu, 11 Mar 2021 04:32:31 GMT

GET
H2 200 alegreyasc-regular-webfont.woff2
freetrial.finalfantasyxiv.com/de/font/ 26 KB
26 KB 170ms
167ms Font
font/woff2 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/font/alegreyasc-regular-webfont.woff2

Requested by

Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ad5ff485bf20446d77d6f294b4ad64ac9c9249ceaed167c69af9121800b1b413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://freetrial.finalfantasyxiv.com/de/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: "6904-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: font/woff2
x-iinfo: 0-64859-64836 PNNN RT(1615436723331 0) q(0 0 0 -1) r(1 1) U12
accept-ranges: bytes
content-length: 26884

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
50 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5F2RMC&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fc840516b047ab4fe0a97e3adf7c4a64cb8040678630e8cc377ba691d7a480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51621
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
52 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55Z4HC7&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59ebf327877a65c37b751d2f804f0d34cc3d5c571c32ea44206a95f50c473dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52858
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
62 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TC9NQJ9&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a0eaa2f7f3ed0c723f03ed02b5642f10f5afe66639cae12d48adcd56c1a0307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63383
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
63 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZBX977&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ebc84efa1c2652c0ec97c52212263ad3acd343fbfc7ea34bf696f991eb9bdc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64749
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
55 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B85TLL&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f84bab1afc80be7b0fbc2737b01bea5946ad1d9978cde8c58600904edb555a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56553
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
40 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRT85CK&l=digitalData

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37XSWJ&l=digitalData

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9aee778827239832c98fc960e1ced26513caf1f257e0554475a55e56cce2285a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40555
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 04:25:23 GMT

GET
H2 200 _Incapsula_Resource
freetrial.finalfantasyxiv.com/ 1 B
36 B 7ms
7ms Image
text/plain 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6244098001430829

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 13 KB
5 KB 41ms
27ms Script
application/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: stvkr.com
URL: https://stvkr.com/click-FQU4YVXN-NLJQCM7Z?bt=25&tl=1&sa=69d87da525a27b9a8cdc6e7eed43d3fd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: DgCf/JQeR4+J+ZEYMfLA9Q==
age: 1348
content-length: 4211
cf-request-id: 08c1214f370000c272c3b09000000001
x-ms-lease-status: unlocked
last-modified: Tue, 23 Feb 2021 20:20:11 GMT
server: cloudflare
etag: 0x8D8D8386C3D1101
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b7ce3198-301e-0025-10b6-15bc28000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e204c52ef7c272-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.4.1/css/ 49 KB
13 KB 53ms
16ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by: Host: freetrial.finalfantasyxiv.com
URL: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
last-modified: Thu, 11 Oct 2018 20:07:26 GMT
server: NetDNA-cache/2.2
etag: W/"beb60a9475685e87a9738a7306591e69"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:42:04 GMT
server: ESF
date: Thu, 11 Mar 2021 04:25:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 04:25:24 GMT

GET
H2 200 magnific.css
freetrial.finalfantasyxiv.com/de/css/ 8 KB
2 KB 142ms
142ms Stylesheet
text/css 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrial.finalfantasyxiv.com/de/css/magnific.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a17757969607f832887baa3b470ee7c212b0c50d32b3f24744e6d302eea077d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 13:36:44 GMT
x-cdn: Imperva
etag: W/"1e6c-5bd2ec1f8b300"
strict-transport-security: max-age=31536000
content-type: text/css
x-iinfo: 0-64877-64114 2VNN RT(1615436723555 0) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=428, public
content-length: 2006
expires: Thu, 11 Mar 2021 04:32:31 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 8475
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:04:09 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 209392
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:15:32 GMT

GET
H2 200 e224d806-772f-4a8e-85f8-7e6c4b216f88.json Show response
cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/ 3 KB
2 KB 35ms
21ms XHR
application/x-javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/e224d806-772f-4a8e-85f8-7e6c4b216f88.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51f3adfbc7bedbafbbcbfc13345609bc801f1e7fd31ba236495f71d3c921c730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: WEx6XWyrxJgLbODXTd9fWw==
age: 8456
content-length: 1383
cf-request-id: 08c1214f7a0000dfe3b43b4000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 09:17:30 GMT
server: cloudflare
etag: 0x8D886229D7226B0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e76dc29b-101e-005f-16b6-15d665000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e204c58b93dfe3-FRA

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ 70 KB
71 KB 21ms
21ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a

Request headers

Origin: https://freetrial.finalfantasyxiv.com
Referer: https://use.fontawesome.com/releases/v5.4.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:24 GMT
last-modified: Thu, 11 Oct 2018 20:08:04 GMT
server: NetDNA-cache/2.2
etag: "1dc5b6dd4bf409a6f919be38603f76a0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 72000

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
239 B 18ms
16ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62e204c5bf4cc272-FRA
cf-request-id: 08c1214f930000c272c3b0b000000001

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.8.0/ 332 KB
71 KB 20ms
19ms Script
application/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: ZxViCiQmz7HefYYdJwAS4g==
age: 1167
content-length: 72918
cf-request-id: 08c1214fa60000c272038fa000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Oct 2020 18:26:35 GMT
server: cloudflare
etag: 0x8D875EED76F8FB8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5ab0a997-c01e-0030-46b6-157eb1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e204c5df55c272-FRA

GET
H2 200 de.json Show response
cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/b7fe9e9c-e00b-48c3-801a-9e5207bee0af/ 53 KB
13 KB 36ms
36ms Fetch
application/x-javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/e224d806-772f-4a8e-85f8-7e6c4b216f88/b7fe9e9c-e00b-48c3-801a-9e5207bee0af/de.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a1d3f735125105a795f8c3846a89be5e3353fac881b48fe222255a94b0aff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: WiPJwMOuJ7HGVTPY8pCxqA==
age: 8456
content-length: 13243
cf-request-id: 08c1214fcc0000dfe37c385000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 09:17:38 GMT
server: cloudflare
etag: 0x8D88622A287201C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 65eea438-b01e-0059-14b6-15211d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e204c61bf0dfe3-FRA

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/ 12 KB
4 KB 15ms
15ms Fetch
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/otFlat.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: MC/cbbO9nlbWDh1quobBbA==
age: 1277
content-length: 3328
cf-request-id: 08c1214ff70000dfe3b43b9000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Oct 2020 18:26:23 GMT
server: cloudflare
etag: 0x8D875EED04BCF0C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 04ac43b8-101e-001b-4db6-150a09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e204c65c18dfe3-FRA

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/ 61 KB
15 KB 23ms
23ms Fetch
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/assets/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5015a9d4b5c5f025e2a826f1489c250c23fd70a63bb019a75cfc9e9a3025079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 04:25:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: k1DLcGqIpyZFonby6h4eWQ==
age: 1002
content-length: 14893
cf-request-id: 08c1214ff70000dfe331099000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Oct 2020 18:26:23 GMT
server: cloudflare
etag: 0x8D875EED09AECB4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d8a2ade9-a01e-0064-7cb6-15943b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e204c65c19dfe3-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 live_de.png
freetrial.finalfantasyxiv.com/img/ 34 KB
34 KB 166ms
165ms Image
image/png 2a02:e980:f3::86
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrial.finalfantasyxiv.com/img/live_de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:f3::86 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13e3513ee329732dd42847984c2de2c6ba1604bb807f813ea27cfa04c47c7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freetrial.finalfantasyxiv.com/de/?utm_source=cityads&utm_medium=cpa&utm_campaign=ffxiv_performanceq12021gas_add2&click_id=8DVZ1TF3tdZA2lK&_autaclid=6938247889757734099
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:25:23 GMT
last-modified: Wed, 10 Mar 2021 13:36:46 GMT
x-cdn: Imperva
etag: "8857-5bd2ec2173780"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 0-64900-64114 2VNN RT(1615436723845 0) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=428, public
content-length: 34903
expires: Thu, 11 Mar 2021 04:32:31 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
255 B 101ms
101ms XHR
text/plain 52.200.208.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17026340012/s/square_enix_master.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.208.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-208-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrial.finalfantasyxiv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://freetrial.finalfantasyxiv.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Thu, 11 Mar 2021 04:25:25 GMT
Content-Type: text/plain

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 418ms
102ms Preflight
text/plain 52.200.208.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.200.208.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-208-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://freetrial.finalfantasyxiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://freetrial.finalfantasyxiv.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Thu, 11 Mar 2021 04:25:24 GMT
Content-Length: 13
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finalfantasyxiv.com/	1970-01-20 01:29:32	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Mar+11+2021+05%3A25%3A24+GMT%2B0100+(Central+European+Standard+Time)&version=6.8.0&hosts=&consentId=669d2fe9-5d3e-47f3-bab8-ea20192177fb&interactionCount=0&landingPath=https%3A%2F%2Ffreetrial.finalfantasyxiv.com%2Fde%2F%3Futm_source%3Dcityads%26utm_medium%3Dcpa%26utm_campaign%3Dffxiv_performanceq12021gas_add2%26click_id%3D8DVZ1TF3tdZA2lK%26_autaclid%3D6938247889757734099&groups=C0002%3A0%2CC0001%3A1%2CC0003%3A0%2CC0004%3A0
.finalfantasyxiv.com/	1969-12-31 23:59:59	Name: incap_ses_184_1837129 Value: c2u9Xr+oowt54XLNj7ONArKbSWAAAAAAIpWMOdEeOdjcEAd1gUesrQ==
.finalfantasyxiv.com/	1970-01-20 01:29:18	Name: visid_incap_1837129 Value: YW3l8yiiS8KOzXjiEJ9r17KbSWAAAAAAQUIPAAAAAAAhDuZCI2M4f+SHVLNv1Fsv

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad1.adfarm1.adition.com
ajax.googleapis.com
cdn-ukwest.onetrust.com
cdn.optimizely.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
freetrial.finalfantasyxiv.com
geolocation.onetrust.com
img.finalfantasyxiv.com
stvkr.com
use.fontawesome.com
www.googletagmanager.com
2.17.178.109
212.32.251.44
217.79.188.2
23.111.9.35
2606:4700:10::6814:b844
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
2a02:26f0:7100:19a::13b8
2a02:e980:f3::86
52.200.208.53
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
016f5a75d106512e33a4035bdf49f2d27b3d2fea424a653c1051ab87528f8908
040819139b0962a8afaa43e06589bbb66d492fab9ced8b80d8e21f516f40dae1
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0977fd57728130160687936aeea6f3628f0238e54f3860aaeff9add19e1e77c1
0bf8e25ba6f447f090d680615920b90c4bc4b5cfab51459c3eb0c148c75e0996
13e3513ee329732dd42847984c2de2c6ba1604bb807f813ea27cfa04c47c7397
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
3c233fb324049a238c47dcf9b6f7fd9d40b8d0320b2f3e7755ad0350f9f60229
44361d524e926d76b90fe63dff91eb0c20876c3605a1a9249c15c59340b3e3a8
46a653ab800ab04ac53d71793a6a8ea3b502996feb7ac4b20b4b00c54bbcecd1
4ae2cd96faa1722227404edadc317c60b3fb91828c20cd34612be06c4ee9832a
4c2c12169c872494a894c867ae35b3a3ff9c1f4b7194898e4243755d0256ec63
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
51f3adfbc7bedbafbbcbfc13345609bc801f1e7fd31ba236495f71d3c921c730
53bd01e7928926a22b252f5c1c3b8b906c04c4af623545923b4ef721f1882e59
59ebf327877a65c37b751d2f804f0d34cc3d5c571c32ea44206a95f50c473dbd
6a782704f3577d0311dccf36faecaed57292c05b0eafb71add4aa8a10e6e6e8f
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7631a00da585a8e78006a64d414031d9a085b16568665f26d9fd8e06337ad04e
7a0eaa2f7f3ed0c723f03ed02b5642f10f5afe66639cae12d48adcd56c1a0307
7b8c1e717aaff1ec2b6ad561da533226d7ce112344fa6aa20b60fca15c5b1f0d
7fc840516b047ab4fe0a97e3adf7c4a64cb8040678630e8cc377ba691d7a480e
80456479b829f440dcd77ab55977916d0e60305dcda8fbbdc61083f3a1d986cc
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
9aee778827239832c98fc960e1ced26513caf1f257e0554475a55e56cce2285a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dde5e52dd0b9ab595cce1193b55605b0d99f7ddc75d620c3bb32a3b9585e36e
9ebc84efa1c2652c0ec97c52212263ad3acd343fbfc7ea34bf696f991eb9bdc2
a17757969607f832887baa3b470ee7c212b0c50d32b3f24744e6d302eea077d7
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a
aaab6c760f47e11beda7c87f0b6307d12507d9c90d78bca9d43f6757f2a1dc07
ad5ff485bf20446d77d6f294b4ad64ac9c9249ceaed167c69af9121800b1b413
b292f57cd23308285807705c4935f8b18c20545e2defffedf042a27b6473e916
b6f5f3d7368f5d771da3813a5bda537f7c2c5e043a8be11c5369aaeceeb0c4ba
c5015a9d4b5c5f025e2a826f1489c250c23fd70a63bb019a75cfc9e9a3025079
d19ff040def0bc446a5a021537df9ccefc2e45d3a3dec4d276458731c59fd079
d234c5c6dc2e8d7d715f6609473662137d4649ba5a181d5e7b45791526e40936
d712265388957ab93bde9920d669d14859a7dc7c641b89b9ec7b31e3102e637f
d74c517494e3331598e576dd9802b405076e6e6257d0a7c7dd5a94a18afd5fad
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
dffca359a5ee3e5135d20a23618367c4255d26b2d2bcbac7f7bb653b83cc1e22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04caa83d658fb5a5969e8ced03d4f1b11ffbec563276f38efe6712a884ca4f1
f1a1d3f735125105a795f8c3846a89be5e3353fac881b48fe222255a94b0aff2
f73e4ecaf55919fa0a36d1ec1eecd35bf88c09850f7807014cd6e264640c9f0d
f84bab1afc80be7b0fbc2737b01bea5946ad1d9978cde8c58600904edb555a9f

freetrial.finalfantasyxiv.com Open in urlscan Pro 2a02:e980:f3::86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

58 %IPv6

9 Domains

13 Subdomains

12 IPs

3 Countries

1160 kBTransfer

3292 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freetrial.finalfantasyxiv.com Open in urlscan Pro
2a02:e980:f3::86 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

1160 kB
Transfer

3292 kB
Size

3
Cookies

50 HTTP transactions
1 data transactions