urlscan.io logo urlscan.io
SecurityTrails logo

offers.ankylosingspon-yg-ace.fyi Open in urlscan Pro
2606:4700:3030::ac43:a2c0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ankylosingspon-yg-ace.fyi/
Effective URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Submission: On April 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3030::ac43:a2c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is offers.ankylosingspon-yg-ace.fyi.
TLS certificate: Issued by R3 on March 30th 2023. Valid for: 3 months.
This is the only time offers.ankylosingspon-yg-ace.fyi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:3030::ac43:a2c0 (United States)

ASN13335 (CLOUDFLARENET, US)
ankylosingspon-yg-ace.fyi
offers.ankylosingspon-yg-ace.fyi
1    2606:4700:3032::6815:a5a (United States)

ASN13335 (CLOUDFLARENET, US)
offers.ankylosingspon-yg-ace.fyi
10    18.66.248.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-105.dus51.r.cloudfront.net
s.flocdn.com
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4005:801::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    54.155.242.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-242-125.eu-west-1.compute.amazonaws.com
soflopxl.com
Apex Domain
Subdomains		 Transfer
10 flocdn.com
s.flocdn.com — Cisco Umbrella Rank: 21212
369 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4135
111 KB
4 ankylosingspon-yg-ace.fyi
ankylosingspon-yg-ace.fyi
offers.ankylosingspon-yg-ace.fyi
6 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
2 soflopxl.com
soflopxl.com — Cisco Umbrella Rank: 20397
409 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6074
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
433 B
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 13318
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
118 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 925
605 B
32 10
Domain Requested by
10 s.flocdn.com offers.ankylosingspon-yg-ace.fyi
s.flocdn.com
6 www.google.com s.flocdn.com
www.google.com
3 www.google-analytics.com s.flocdn.com
www.google-analytics.com
2 soflopxl.com s.flocdn.com
2 www.google.de offers.ankylosingspon-yg-ace.fyi
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 afs.googleusercontent.com www.google.com
2 www.googletagmanager.com s.flocdn.com
www.googletagmanager.com
2 offers.ankylosingspon-yg-ace.fyi 1 redirects
2 ankylosingspon-yg-ace.fyi 2 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 partner.googleadservices.com www.google.com
32 12

This site contains no links.

Subject Issuer Validity Valid
*.ankylosingspon-yg-ace.fyi
R3		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.flocdn.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-02-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
pxtres.com
Amazon RSA 2048 M02		 2023-02-19 -
2024-03-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Frame ID: 717A3D8F9E5E4E7A91CC3C746A66267A
Requests: 18 HTTP requests in this frame

Frame: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Frame ID: A20A2B074B1CFF6310DEF4661C6A3EAD
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&rpbu=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2Fserp%3Fsc%3DVzuhutcpizrnaebHfuDjMFgro2y5WVZn-1hwLgZZ52ynNLDwWzuiamKRouxVhGH2lkskXE68shJ_Ra2f_a0tzFiGFaNnbMI6gyPx-nV88ptEOd7TqxgHM6MIaCm2ANi0rGnzJJvRJMmEMw7u8L73dsl8t42ia2JuK0CNikxnPsfK3ubWYJkY7ZosClbi2x2mKrKFOOomQI_ngSwooF0BmGnlOzDpPu_NmDAHkBqeawTyloWisioTMvZ3godEmzWqU9D2z_0pnXbwV-n0SAHej6EeG34_bvSuHixrD7o6v2_EjTzwpAKffFYS3tB6VMakqtsj4Z3UJdpJXny45la0gxFDQTSW2RsQoPlw96YCPr6Ee_B9CBpHLchFx3K9LFxILUxsu7nefZ3jPc4MkY-1QCHUGJ4j6GfB6ZOO7o7Eqd3kkKCdH3tQ_zNMCd-EmKRq-YDBG-8q6KWTaYcfRG-xhwZ8Rs4xYDM3GzQSp7q1WQ7k4QHVt9WJq7gVF0r7KgivdpCdOgx-AkRMO0WUAbgikEdf4s9PpjdsfNoM_nj_2aDey6kPzpdiAeLFVTG6dnGZmPWZ_05GR6xTL-8jc-L3YizqvVsVqfbmQ9bVMDXQa5GV_-JSBIcjHAmp3YKHuIzTqXV6RsXE71DjNe6UzrhLyGd3l8nXX2Nu2gPWnFfBUqkW3d2hVnvoizBrE9jNInRYbtA-X0C_ZBu8mLmlpcfdu4t6qgfhOedhHveDHiBKxdqFQaVi0q21UsA8GDZ_61ksHrsfXNFMCjMnKJagcJbsGh-74qXNsNMgmyyA-VwK1B_HtVK34SzFU-GPY1CryId5CNHGcYeS2bJ3Up6N7wDaNELiNNnFVLj6YzunxZeCcZ3g-7ORCy4CybcJ60BalkKxsKrvG82Kr3TPcDELEjFplL1DA51c_HvdIH0eujLU2C2XORh6pthEBI2DgZ-_e8nnEvAeY-0FN1Z5nyeHQ06XzCOlbC-4O9etWYHwxJJWPn71WyKcMKkfnXxpJwIums0JaxyELsyqi4-aCb3TxKlq-fJMbyteMB9L30R27CK-GKwJe0OpWCU-oY7tjCT4ZOaWGC8lMmvhYBuWPsVtydWKOQ19m9CBDBlxfyfsR6fZje7pCSBdSEP9JoOSL1KIOlb-EHHLrVMlDtTGjuEhWFeRnx7HGAl340mhSnPIkxqYSVU8VyvzlKxiMvN08qWhFKLxtRY-KvxKBfYHaIxiGoJn2msVFjsrRvLj0Fp4_9yiiFWWzSTwGEcBDA1k_hpxSrYYa9iZzxVAyN6TM_NncJ84bdS6FdDQRYJHQo7lar4BiwlC2NIAXzMZPDw388G-lJtiwFNsT95kXEgFhrEa5FpfItIy_XG2Cq3WDmhLl-Z0I2475jTyxFlAhNScxrqeNXad-dCUdZfTZFdU8KUIeXYzGsRxn8iZmTBt6FdN1r--Z4430cuKrt-RQaG1Lw5irH9ZTc_ExiwJkpunIi8UdomxpvT3t-vQlZRf82wUzoe8zX6QMtLEOQSHB3hY05-YuBy-bMF7hzj05ZVQ3KbMSt_GTQDYJRF8WNVveQxVX_5QaFayrb2GVEYZZw5X4uFErmtyIBTByfqK0FWSeqzacYfmRmHHga6r1VKubAdJrJn2RYwqa7O8SRnzCVFK6ziLrFPtiFaOn3dYsuvwIo0h9uHx2lS_6UoyQ9a2nLgfiMiO156uDXWug-gyu_peZQyoSetoLKHqVqRYrKmyNzA8HieY2_-dJfhhYxEKKi7HoTi3q-g9y6BDbAmUmS2yiFx0-gjD_Qy8IwsNOppOUEpaGjn4XIobkIekos4IMp9aGETphq9khYLn9g&rpqp=query&terms=Best%20Medication%20for%20Ankylosing%20Spondylitis%2CAnkylosing%20Spondylitis%20Signs%20and%20Treatments%2CTreatment%20Options%20for%20Ankylosing%20Spondylitis%2CAnk%20Spondylitis%20Treatment%2CAnkylosing%20Spondylitis%20New%20Treatment&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300964&format=r5&nocache=271681587005277&num=0&output=afd_ads&domain_name=offers.ankylosingspon-yg-ace.fyi&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681587005278&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=523105112&uio=-&cont=ads&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&adbw=master-1%3A500
Frame ID: 86087B946B3E7D7DCAB8D5296E17A7D9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ankylosingspon-yg-ace.fyi

Page URL History Show full URLs

  1. http://ankylosingspon-yg-ace.fyi/ HTTP 301
    https://ankylosingspon-yg-ace.fyi/ HTTP 302
    http://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks HTTP 301
    https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

11
IPs

4
Countries

645 kB
Transfer

1514 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ankylosingspon-yg-ace.fyi/ HTTP 301
    https://ankylosingspon-yg-ace.fyi/ HTTP 302
    http://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks HTTP 301
    https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.ankylosingspon-yg-ace.fyi/
Redirect Chain
  • http://ankylosingspon-yg-ace.fyi/
  • https://ankylosingspon-yg-ace.fyi/
  • http://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
  • https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1070306c1e3d758552699e726b1e51930b14d975c21308f44e4d4d77d4d4ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b8699d46f4a9bb8-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 15 Apr 2023 19:30:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04OXc2s%2F4ox5dyJ%2FUheamvRkQ38Zfs7YKB6Lx36zbdZsaA1mUvUNTAR7A7LChGLUBW6%2BN7DSrKDviZ2mlXPM5iKIn71B6Hp8gDc5SImGzBehgkFttk6CJhIBOibPh3cuviXRuhnaD979Yz%2BmCA9X8rmL%2FtUYy0s8Eu%2FNRp9Yqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7b8699d40f13bbbc-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 15 Apr 2023 19:30:03 GMT
Expires
Sat, 15 Apr 2023 20:30:03 GMT
Location
https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rpu8DJtOaYHHvSOJDlu1cy1LbJVjqJnYTPLowoU%2FQBi0B%2BKGfFQ5ykUN7rSeeEZRkot0U1Kmh6EYFu98EA7vzjMJRaLlzTjPIdYmEsUoOSPN0kLUPKCOPA2PyhXMlP7NhSsi9XkF%2FIJ0Mt5zggCcSAfx88GKENGOTGGAucnjAw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
deps.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/deps.js
Requested by
Host: offers.ankylosingspon-yg-ace.fyi
URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dd57d041ac30e848f760bd65ea054649d932bda4c8707d5b17218fb6dde2f56

Request headers

Referer
https://offers.ankylosingspon-yg-ace.fyi/
Origin
https://offers.ankylosingspon-yg-ace.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
x-amz-version-id
GdhgavMA5ARcgeB.dQDkBKFPq38ZmfXV
content-encoding
gzip
last-modified
Fri, 14 Apr 2023 07:39:29 GMT
server
AmazonS3
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
etag
W/"4467d0ec65360bcff5795048dd58ab2d"
access-control-max-age
60000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
uhXN7uzLxMhnCFvxNIYmqnytkm7U2-fzIxGLYg6jRJ9JpnLzm9S07A==
runtime.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/runtime.js
Requested by
Host: offers.ankylosingspon-yg-ace.fyi
URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b7ca7500d141e33ebbbcd0463c3a3df6da51054203601792e3b034933f05563

Request headers

Referer
https://offers.ankylosingspon-yg-ace.fyi/
Origin
https://offers.ankylosingspon-yg-ace.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
x-amz-version-id
ON6dU.B758smprQUikNv0qmdju9Bko17
content-encoding
gzip
last-modified
Fri, 14 Apr 2023 07:39:29 GMT
server
AmazonS3
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
etag
W/"da425f1aed4d27ad50e5272ae07a3a4f"
access-control-max-age
60000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Q19QKEpqFoKHPBeGGvOnUceJyuKjFf-xZ3GrWW81MdEJk-VhoV6Abg==
UiSyndication.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/lib/ 		412 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/lib/UiSyndication.js
Requested by
Host: offers.ankylosingspon-yg-ace.fyi
URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1baf2f0c6f6d4ce3221674ed8e9e9e413096bdd5fdb2f3ec571d3216f1bdead0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
gW1JhgdwK1g9cdOz5iDc.eqUMySFPoLs
content-encoding
gzip
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
date
Sat, 15 Apr 2023 19:29:38 GMT
last-modified
Thu, 13 Apr 2023 18:37:39 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
27
etag
W/"e2a37edee7c03cd34a21650ac46d07bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
PSasO7DE24VctIRs7SIrDMLU63vQvd7aIRaVOL2wAioM9kHIKxe8HA==
dpl-search.js
s.flocdn.com/@s1/dpl/4.10.5/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/lib/UiSyndication.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
433464a815f255ec1606caf38c2f951fbac5bb2e7864f1b2636d5204e25a07ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 18:30:34 GMT
content-encoding
gzip
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-version-id
PULIeBUHKyAGmvoi.m6kq9gOipwP_giY
last-modified
Thu, 23 Mar 2023 19:29:55 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1645172
etag
"deeb5a6adc11c3cd22c8d86b9a00b20b"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
15966
x-amz-cf-id
Dl243tXjEWI4Wc9YCgj4IwKuLbvPbgLhxko2ZRuZyBow0qRX7ZOQeA==
caf.js
www.google.com/adsense/domains/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/39050606/lib/UiSyndication.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b710702716aa42000e1f1db81754676688de3ed135daf75f569f5ce381af02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"10397816918891957947"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 15 Apr 2023 19:30:05 GMT
texture.png
s.flocdn.com/layout/gd05/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/gd05/texture.png
Requested by
Host: offers.ankylosingspon-yg-ace.fyi
URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
9nrwm6vbihUL1RldyKfYApKff2o.FEKN
date
Sat, 15 Apr 2023 15:38:49 GMT
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified
Tue, 16 May 2017 22:02:26 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
13877
etag
"57bbfe7c227619d47a41639eba996150"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-version-id
HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-length
84780
x-amz-cf-id
hwys4NrOmV1GkpiJq2afxOP_ASW93UEPAX42_u3LZyMT43Nbf0GweQ==
arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by
Host: offers.ankylosingspon-yg-ace.fyi
URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
date
Sat, 15 Apr 2023 16:08:45 GMT
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified
Wed, 04 Jan 2023 19:08:13 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
12081
etag
"9ca21edfdf15faf735dad1f024227fbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
87916
x-amz-cf-id
YCOE9f-gH73ECpVbhmX_xAwP9NY2GDJFb6unGKOTYfckns0p_24z0A==
iframe.html
s.flocdn.com/%40s1/dpl/4.10.5/ Frame A20A 		318 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1448bf72a43a485252ffbf7e536e95484947bbb7629b204560999e39aeee7212

Request headers

Referer
https://offers.ankylosingspon-yg-ace.fyi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1644985
cache-control
max-age=31536000
content-encoding
gzip
content-length
201
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 18:33:40 GMT
etag
"1f6f8e54b2db545b3266083e18293359"
last-modified
Thu, 23 Mar 2023 19:29:55 GMT
server
AmazonS3
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-id
nB-uUsJjIjVWiMAyeFmWQDSc2G0sPaMiR3_DlSszWlYuoxxiIACiiA==
x-amz-cf-pop
DUS51-P1
x-amz-version-id
_..yhvFg4jUoPCCb.3eOGMOK3MAUh_Wv
x-cache
Hit from cloudfront
analytics.js
www.google-analytics.com/ Frame A20A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.flocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Apr 2023 18:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4713
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 15 Apr 2023 20:11:32 GMT
iframe.js
s.flocdn.com/%40s1/dpl/4.10.5/ Frame A20A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa35093fe1dc1f7de4500f1d738ebacf3cef300aba8eb40d75fceec72cd654d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 18:33:41 GMT
content-encoding
gzip
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-version-id
j.sjjFPUPPbaiW9I.0suz0uEuoe02OJ1
last-modified
Thu, 23 Mar 2023 19:29:55 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1644985
etag
"e05539d09837c596736ed83a8857a809"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
2948
x-amz-cf-id
sCezzvi4KM375gP_AvMq1Z1JTynIigflp5IWMTkfK6751HW7YJnGpQ==
cookie.js
partner.googleadservices.com/gampad/ 		390 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=offers.ankylosingspon-yg-ace.fyi&client=dp-dotzup27_3ph_js&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae057f4572749bba834db86bb3c7aef12723098534975bbd29385f621dcf45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
ads
www.google.com/afs/ Frame 8608 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&rpbu=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2Fserp%3Fsc%3DVzuhutcpizrnaebHfuDjMFgro2y5WVZn-1hwLgZZ52ynNLDwWzuiamKRouxVhGH2lkskXE68shJ_Ra2f_a0tzFiGFaNnbMI6gyPx-nV88ptEOd7TqxgHM6MIaCm2ANi0rGnzJJvRJMmEMw7u8L73dsl8t42ia2JuK0CNikxnPsfK3ubWYJkY7ZosClbi2x2mKrKFOOomQI_ngSwooF0BmGnlOzDpPu_NmDAHkBqeawTyloWisioTMvZ3godEmzWqU9D2z_0pnXbwV-n0SAHej6EeG34_bvSuHixrD7o6v2_EjTzwpAKffFYS3tB6VMakqtsj4Z3UJdpJXny45la0gxFDQTSW2RsQoPlw96YCPr6Ee_B9CBpHLchFx3K9LFxILUxsu7nefZ3jPc4MkY-1QCHUGJ4j6GfB6ZOO7o7Eqd3kkKCdH3tQ_zNMCd-EmKRq-YDBG-8q6KWTaYcfRG-xhwZ8Rs4xYDM3GzQSp7q1WQ7k4QHVt9WJq7gVF0r7KgivdpCdOgx-AkRMO0WUAbgikEdf4s9PpjdsfNoM_nj_2aDey6kPzpdiAeLFVTG6dnGZmPWZ_05GR6xTL-8jc-L3YizqvVsVqfbmQ9bVMDXQa5GV_-JSBIcjHAmp3YKHuIzTqXV6RsXE71DjNe6UzrhLyGd3l8nXX2Nu2gPWnFfBUqkW3d2hVnvoizBrE9jNInRYbtA-X0C_ZBu8mLmlpcfdu4t6qgfhOedhHveDHiBKxdqFQaVi0q21UsA8GDZ_61ksHrsfXNFMCjMnKJagcJbsGh-74qXNsNMgmyyA-VwK1B_HtVK34SzFU-GPY1CryId5CNHGcYeS2bJ3Up6N7wDaNELiNNnFVLj6YzunxZeCcZ3g-7ORCy4CybcJ60BalkKxsKrvG82Kr3TPcDELEjFplL1DA51c_HvdIH0eujLU2C2XORh6pthEBI2DgZ-_e8nnEvAeY-0FN1Z5nyeHQ06XzCOlbC-4O9etWYHwxJJWPn71WyKcMKkfnXxpJwIums0JaxyELsyqi4-aCb3TxKlq-fJMbyteMB9L30R27CK-GKwJe0OpWCU-oY7tjCT4ZOaWGC8lMmvhYBuWPsVtydWKOQ19m9CBDBlxfyfsR6fZje7pCSBdSEP9JoOSL1KIOlb-EHHLrVMlDtTGjuEhWFeRnx7HGAl340mhSnPIkxqYSVU8VyvzlKxiMvN08qWhFKLxtRY-KvxKBfYHaIxiGoJn2msVFjsrRvLj0Fp4_9yiiFWWzSTwGEcBDA1k_hpxSrYYa9iZzxVAyN6TM_NncJ84bdS6FdDQRYJHQo7lar4BiwlC2NIAXzMZPDw388G-lJtiwFNsT95kXEgFhrEa5FpfItIy_XG2Cq3WDmhLl-Z0I2475jTyxFlAhNScxrqeNXad-dCUdZfTZFdU8KUIeXYzGsRxn8iZmTBt6FdN1r--Z4430cuKrt-RQaG1Lw5irH9ZTc_ExiwJkpunIi8UdomxpvT3t-vQlZRf82wUzoe8zX6QMtLEOQSHB3hY05-YuBy-bMF7hzj05ZVQ3KbMSt_GTQDYJRF8WNVveQxVX_5QaFayrb2GVEYZZw5X4uFErmtyIBTByfqK0FWSeqzacYfmRmHHga6r1VKubAdJrJn2RYwqa7O8SRnzCVFK6ziLrFPtiFaOn3dYsuvwIo0h9uHx2lS_6UoyQ9a2nLgfiMiO156uDXWug-gyu_peZQyoSetoLKHqVqRYrKmyNzA8HieY2_-dJfhhYxEKKi7HoTi3q-g9y6BDbAmUmS2yiFx0-gjD_Qy8IwsNOppOUEpaGjn4XIobkIekos4IMp9aGETphq9khYLn9g&rpqp=query&terms=Best%20Medication%20for%20Ankylosing%20Spondylitis%2CAnkylosing%20Spondylitis%20Signs%20and%20Treatments%2CTreatment%20Options%20for%20Ankylosing%20Spondylitis%2CAnk%20Spondylitis%20Treatment%2CAnkylosing%20Spondylitis%20New%20Treatment&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300964&format=r5&nocache=271681587005277&num=0&output=afd_ads&domain_name=offers.ankylosingspon-yg-ace.fyi&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681587005278&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=523105112&uio=-&cont=ads&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&adbw=master-1%3A500
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
7a1acf99db7f3576f8c0d72c7935be91120894f82eafdec743b690af06c648c5
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-NTs8ly7dG4YiyHmy4nRXPw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://offers.ankylosingspon-yg-ace.fyi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
3969
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-NTs8ly7dG4YiyHmy4nRXPw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 15 Apr 2023 19:30:05 GMT
expires
Sat, 15 Apr 2023 19:30:05 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		103 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f007f07c6faea39ea9ba6ca1f766e21fff0771dc7bf1d1aeb30f01251bc5594f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41100
x-xss-protection
0
last-modified
Sat, 15 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 15 Apr 2023 19:30:05 GMT
caf.js
www.google.com/adsense/domains/ Frame 8608 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&rpbu=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2Fserp%3Fsc%3DVzuhutcpizrnaebHfuDjMFgro2y5WVZn-1hwLgZZ52ynNLDwWzuiamKRouxVhGH2lkskXE68shJ_Ra2f_a0tzFiGFaNnbMI6gyPx-nV88ptEOd7TqxgHM6MIaCm2ANi0rGnzJJvRJMmEMw7u8L73dsl8t42ia2JuK0CNikxnPsfK3ubWYJkY7ZosClbi2x2mKrKFOOomQI_ngSwooF0BmGnlOzDpPu_NmDAHkBqeawTyloWisioTMvZ3godEmzWqU9D2z_0pnXbwV-n0SAHej6EeG34_bvSuHixrD7o6v2_EjTzwpAKffFYS3tB6VMakqtsj4Z3UJdpJXny45la0gxFDQTSW2RsQoPlw96YCPr6Ee_B9CBpHLchFx3K9LFxILUxsu7nefZ3jPc4MkY-1QCHUGJ4j6GfB6ZOO7o7Eqd3kkKCdH3tQ_zNMCd-EmKRq-YDBG-8q6KWTaYcfRG-xhwZ8Rs4xYDM3GzQSp7q1WQ7k4QHVt9WJq7gVF0r7KgivdpCdOgx-AkRMO0WUAbgikEdf4s9PpjdsfNoM_nj_2aDey6kPzpdiAeLFVTG6dnGZmPWZ_05GR6xTL-8jc-L3YizqvVsVqfbmQ9bVMDXQa5GV_-JSBIcjHAmp3YKHuIzTqXV6RsXE71DjNe6UzrhLyGd3l8nXX2Nu2gPWnFfBUqkW3d2hVnvoizBrE9jNInRYbtA-X0C_ZBu8mLmlpcfdu4t6qgfhOedhHveDHiBKxdqFQaVi0q21UsA8GDZ_61ksHrsfXNFMCjMnKJagcJbsGh-74qXNsNMgmyyA-VwK1B_HtVK34SzFU-GPY1CryId5CNHGcYeS2bJ3Up6N7wDaNELiNNnFVLj6YzunxZeCcZ3g-7ORCy4CybcJ60BalkKxsKrvG82Kr3TPcDELEjFplL1DA51c_HvdIH0eujLU2C2XORh6pthEBI2DgZ-_e8nnEvAeY-0FN1Z5nyeHQ06XzCOlbC-4O9etWYHwxJJWPn71WyKcMKkfnXxpJwIums0JaxyELsyqi4-aCb3TxKlq-fJMbyteMB9L30R27CK-GKwJe0OpWCU-oY7tjCT4ZOaWGC8lMmvhYBuWPsVtydWKOQ19m9CBDBlxfyfsR6fZje7pCSBdSEP9JoOSL1KIOlb-EHHLrVMlDtTGjuEhWFeRnx7HGAl340mhSnPIkxqYSVU8VyvzlKxiMvN08qWhFKLxtRY-KvxKBfYHaIxiGoJn2msVFjsrRvLj0Fp4_9yiiFWWzSTwGEcBDA1k_hpxSrYYa9iZzxVAyN6TM_NncJ84bdS6FdDQRYJHQo7lar4BiwlC2NIAXzMZPDw388G-lJtiwFNsT95kXEgFhrEa5FpfItIy_XG2Cq3WDmhLl-Z0I2475jTyxFlAhNScxrqeNXad-dCUdZfTZFdU8KUIeXYzGsRxn8iZmTBt6FdN1r--Z4430cuKrt-RQaG1Lw5irH9ZTc_ExiwJkpunIi8UdomxpvT3t-vQlZRf82wUzoe8zX6QMtLEOQSHB3hY05-YuBy-bMF7hzj05ZVQ3KbMSt_GTQDYJRF8WNVveQxVX_5QaFayrb2GVEYZZw5X4uFErmtyIBTByfqK0FWSeqzacYfmRmHHga6r1VKubAdJrJn2RYwqa7O8SRnzCVFK6ziLrFPtiFaOn3dYsuvwIo0h9uHx2lS_6UoyQ9a2nLgfiMiO156uDXWug-gyu_peZQyoSetoLKHqVqRYrKmyNzA8HieY2_-dJfhhYxEKKi7HoTi3q-g9y6BDbAmUmS2yiFx0-gjD_Qy8IwsNOppOUEpaGjn4XIobkIekos4IMp9aGETphq9khYLn9g&rpqp=query&terms=Best%20Medication%20for%20Ankylosing%20Spondylitis%2CAnkylosing%20Spondylitis%20Signs%20and%20Treatments%2CTreatment%20Options%20for%20Ankylosing%20Spondylitis%2CAnk%20Spondylitis%20Treatment%2CAnkylosing%20Spondylitis%20New%20Treatment&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300964&format=r5&nocache=271681587005277&num=0&output=afd_ads&domain_name=offers.ankylosingspon-yg-ace.fyi&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681587005278&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=523105112&uio=-&cont=ads&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&adbw=master-1%3A500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
163f292316ed47971ae43c8925b9e78aad5c227505271b58ff9f35890e18493a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"14285691363788620456"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 15 Apr 2023 19:30:05 GMT
grey-n1.svg
afs.googleusercontent.com/ad_icons/custom/publisher_icon_image/dotzup01/ Frame 8608 		298 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/custom/publisher_icon_image/dotzup01/grey-n1.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&rpbu=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2Fserp%3Fsc%3DVzuhutcpizrnaebHfuDjMFgro2y5WVZn-1hwLgZZ52ynNLDwWzuiamKRouxVhGH2lkskXE68shJ_Ra2f_a0tzFiGFaNnbMI6gyPx-nV88ptEOd7TqxgHM6MIaCm2ANi0rGnzJJvRJMmEMw7u8L73dsl8t42ia2JuK0CNikxnPsfK3ubWYJkY7ZosClbi2x2mKrKFOOomQI_ngSwooF0BmGnlOzDpPu_NmDAHkBqeawTyloWisioTMvZ3godEmzWqU9D2z_0pnXbwV-n0SAHej6EeG34_bvSuHixrD7o6v2_EjTzwpAKffFYS3tB6VMakqtsj4Z3UJdpJXny45la0gxFDQTSW2RsQoPlw96YCPr6Ee_B9CBpHLchFx3K9LFxILUxsu7nefZ3jPc4MkY-1QCHUGJ4j6GfB6ZOO7o7Eqd3kkKCdH3tQ_zNMCd-EmKRq-YDBG-8q6KWTaYcfRG-xhwZ8Rs4xYDM3GzQSp7q1WQ7k4QHVt9WJq7gVF0r7KgivdpCdOgx-AkRMO0WUAbgikEdf4s9PpjdsfNoM_nj_2aDey6kPzpdiAeLFVTG6dnGZmPWZ_05GR6xTL-8jc-L3YizqvVsVqfbmQ9bVMDXQa5GV_-JSBIcjHAmp3YKHuIzTqXV6RsXE71DjNe6UzrhLyGd3l8nXX2Nu2gPWnFfBUqkW3d2hVnvoizBrE9jNInRYbtA-X0C_ZBu8mLmlpcfdu4t6qgfhOedhHveDHiBKxdqFQaVi0q21UsA8GDZ_61ksHrsfXNFMCjMnKJagcJbsGh-74qXNsNMgmyyA-VwK1B_HtVK34SzFU-GPY1CryId5CNHGcYeS2bJ3Up6N7wDaNELiNNnFVLj6YzunxZeCcZ3g-7ORCy4CybcJ60BalkKxsKrvG82Kr3TPcDELEjFplL1DA51c_HvdIH0eujLU2C2XORh6pthEBI2DgZ-_e8nnEvAeY-0FN1Z5nyeHQ06XzCOlbC-4O9etWYHwxJJWPn71WyKcMKkfnXxpJwIums0JaxyELsyqi4-aCb3TxKlq-fJMbyteMB9L30R27CK-GKwJe0OpWCU-oY7tjCT4ZOaWGC8lMmvhYBuWPsVtydWKOQ19m9CBDBlxfyfsR6fZje7pCSBdSEP9JoOSL1KIOlb-EHHLrVMlDtTGjuEhWFeRnx7HGAl340mhSnPIkxqYSVU8VyvzlKxiMvN08qWhFKLxtRY-KvxKBfYHaIxiGoJn2msVFjsrRvLj0Fp4_9yiiFWWzSTwGEcBDA1k_hpxSrYYa9iZzxVAyN6TM_NncJ84bdS6FdDQRYJHQo7lar4BiwlC2NIAXzMZPDw388G-lJtiwFNsT95kXEgFhrEa5FpfItIy_XG2Cq3WDmhLl-Z0I2475jTyxFlAhNScxrqeNXad-dCUdZfTZFdU8KUIeXYzGsRxn8iZmTBt6FdN1r--Z4430cuKrt-RQaG1Lw5irH9ZTc_ExiwJkpunIi8UdomxpvT3t-vQlZRf82wUzoe8zX6QMtLEOQSHB3hY05-YuBy-bMF7hzj05ZVQ3KbMSt_GTQDYJRF8WNVveQxVX_5QaFayrb2GVEYZZw5X4uFErmtyIBTByfqK0FWSeqzacYfmRmHHga6r1VKubAdJrJn2RYwqa7O8SRnzCVFK6ziLrFPtiFaOn3dYsuvwIo0h9uHx2lS_6UoyQ9a2nLgfiMiO156uDXWug-gyu_peZQyoSetoLKHqVqRYrKmyNzA8HieY2_-dJfhhYxEKKi7HoTi3q-g9y6BDbAmUmS2yiFx0-gjD_Qy8IwsNOppOUEpaGjn4XIobkIekos4IMp9aGETphq9khYLn9g&rpqp=query&terms=Best%20Medication%20for%20Ankylosing%20Spondylitis%2CAnkylosing%20Spondylitis%20Signs%20and%20Treatments%2CTreatment%20Options%20for%20Ankylosing%20Spondylitis%2CAnk%20Spondylitis%20Treatment%2CAnkylosing%20Spondylitis%20New%20Treatment&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300964&format=r5&nocache=271681587005277&num=0&output=afd_ads&domain_name=offers.ankylosingspon-yg-ace.fyi&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681587005278&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=523105112&uio=-&cont=ads&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&adbw=master-1%3A500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
462926b6cf0073e9d08f7a33533309f7c9398e90262bce27538170882ca46ddf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Apr 2023 18:24:15 GMT
age
3950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
228
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 22:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 16 Apr 2023 17:24:15 GMT
call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 8608 		444 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23212121
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&rpbu=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2Fserp%3Fsc%3DVzuhutcpizrnaebHfuDjMFgro2y5WVZn-1hwLgZZ52ynNLDwWzuiamKRouxVhGH2lkskXE68shJ_Ra2f_a0tzFiGFaNnbMI6gyPx-nV88ptEOd7TqxgHM6MIaCm2ANi0rGnzJJvRJMmEMw7u8L73dsl8t42ia2JuK0CNikxnPsfK3ubWYJkY7ZosClbi2x2mKrKFOOomQI_ngSwooF0BmGnlOzDpPu_NmDAHkBqeawTyloWisioTMvZ3godEmzWqU9D2z_0pnXbwV-n0SAHej6EeG34_bvSuHixrD7o6v2_EjTzwpAKffFYS3tB6VMakqtsj4Z3UJdpJXny45la0gxFDQTSW2RsQoPlw96YCPr6Ee_B9CBpHLchFx3K9LFxILUxsu7nefZ3jPc4MkY-1QCHUGJ4j6GfB6ZOO7o7Eqd3kkKCdH3tQ_zNMCd-EmKRq-YDBG-8q6KWTaYcfRG-xhwZ8Rs4xYDM3GzQSp7q1WQ7k4QHVt9WJq7gVF0r7KgivdpCdOgx-AkRMO0WUAbgikEdf4s9PpjdsfNoM_nj_2aDey6kPzpdiAeLFVTG6dnGZmPWZ_05GR6xTL-8jc-L3YizqvVsVqfbmQ9bVMDXQa5GV_-JSBIcjHAmp3YKHuIzTqXV6RsXE71DjNe6UzrhLyGd3l8nXX2Nu2gPWnFfBUqkW3d2hVnvoizBrE9jNInRYbtA-X0C_ZBu8mLmlpcfdu4t6qgfhOedhHveDHiBKxdqFQaVi0q21UsA8GDZ_61ksHrsfXNFMCjMnKJagcJbsGh-74qXNsNMgmyyA-VwK1B_HtVK34SzFU-GPY1CryId5CNHGcYeS2bJ3Up6N7wDaNELiNNnFVLj6YzunxZeCcZ3g-7ORCy4CybcJ60BalkKxsKrvG82Kr3TPcDELEjFplL1DA51c_HvdIH0eujLU2C2XORh6pthEBI2DgZ-_e8nnEvAeY-0FN1Z5nyeHQ06XzCOlbC-4O9etWYHwxJJWPn71WyKcMKkfnXxpJwIums0JaxyELsyqi4-aCb3TxKlq-fJMbyteMB9L30R27CK-GKwJe0OpWCU-oY7tjCT4ZOaWGC8lMmvhYBuWPsVtydWKOQ19m9CBDBlxfyfsR6fZje7pCSBdSEP9JoOSL1KIOlb-EHHLrVMlDtTGjuEhWFeRnx7HGAl340mhSnPIkxqYSVU8VyvzlKxiMvN08qWhFKLxtRY-KvxKBfYHaIxiGoJn2msVFjsrRvLj0Fp4_9yiiFWWzSTwGEcBDA1k_hpxSrYYa9iZzxVAyN6TM_NncJ84bdS6FdDQRYJHQo7lar4BiwlC2NIAXzMZPDw388G-lJtiwFNsT95kXEgFhrEa5FpfItIy_XG2Cq3WDmhLl-Z0I2475jTyxFlAhNScxrqeNXad-dCUdZfTZFdU8KUIeXYzGsRxn8iZmTBt6FdN1r--Z4430cuKrt-RQaG1Lw5irH9ZTc_ExiwJkpunIi8UdomxpvT3t-vQlZRf82wUzoe8zX6QMtLEOQSHB3hY05-YuBy-bMF7hzj05ZVQ3KbMSt_GTQDYJRF8WNVveQxVX_5QaFayrb2GVEYZZw5X4uFErmtyIBTByfqK0FWSeqzacYfmRmHHga6r1VKubAdJrJn2RYwqa7O8SRnzCVFK6ziLrFPtiFaOn3dYsuvwIo0h9uHx2lS_6UoyQ9a2nLgfiMiO156uDXWug-gyu_peZQyoSetoLKHqVqRYrKmyNzA8HieY2_-dJfhhYxEKKi7HoTi3q-g9y6BDbAmUmS2yiFx0-gjD_Qy8IwsNOppOUEpaGjn4XIobkIekos4IMp9aGETphq9khYLn9g&rpqp=query&terms=Best%20Medication%20for%20Ankylosing%20Spondylitis%2CAnkylosing%20Spondylitis%20Signs%20and%20Treatments%2CTreatment%20Options%20for%20Ankylosing%20Spondylitis%2CAnk%20Spondylitis%20Treatment%2CAnkylosing%20Spondylitis%20New%20Treatment&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300964&format=r5&nocache=271681587005277&num=0&output=afd_ads&domain_name=offers.ankylosingspon-yg-ace.fyi&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681587005278&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=523105112&uio=-&cont=ads&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&adbw=master-1%3A500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af67ef467f07528c31667ebdd9a2312f5093d6e1fae9ab2c47522913c64fee8b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Apr 2023 03:06:12 GMT
age
59033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 16 Apr 2023 02:06:12 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a42ad16105fe7e05252aa84513657ba2942a2967d059461018dfb11b5a9948b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:30:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79011
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 15 Apr 2023 19:30:05 GMT
collect
region1.analytics.google.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1QH44F1BG5&gtm=45je34c0&_p=1843615320&_gaz=1&cid=34663843.1681587006&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681587005&sct=1&seg=0&dl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&dt=ankylosingspon-yg-ace.fyi&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Apr 2023 19:30:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.ankylosingspon-yg-ace.fyi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1QH44F1BG5&cid=34663843.1681587006&gtm=45je34c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Apr 2023 19:30:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.ankylosingspon-yg-ace.fyi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1QH44F1BG5&cid=34663843.1681587006&gtm=45je34c0&aip=1&z=1297074245
Requested by
Host: offers.ankylosingspon-yg-ace.fyi
URL: https://offers.ankylosingspon-yg-ace.fyi/?&session_id=wbtusd247olsjut48wd5tlks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Apr 2023 19:30:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dplpxs
soflopxl.com/ 		0
205 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.242.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-242-125.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.ankylosingspon-yg-ace.fyi/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://offers.ankylosingspon-yg-ace.fyi
date
Sat, 15 Apr 2023 19:30:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST
expires
Sat, 15 Apr 2023 19:30:04 GMT
iframe.html
s.flocdn.com/%40s1/dpl/4.10.5/ Frame A20A 		318 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1448bf72a43a485252ffbf7e536e95484947bbb7629b204560999e39aeee7212

Request headers

Referer
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1644985
cache-control
max-age=31536000
content-encoding
gzip
content-length
201
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 18:33:40 GMT
etag
"1f6f8e54b2db545b3266083e18293359"
last-modified
Thu, 23 Mar 2023 19:29:55 GMT
server
AmazonS3
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-id
Jsu9NmDjaGUvJZQgwv8xjrR48SDD77n91cRH8mmf6xcRlZ-7Ip2gJg==
x-amz-cf-pop
DUS51-P1
x-amz-version-id
_..yhvFg4jUoPCCb.3eOGMOK3MAUh_Wv
x-cache
Hit from cloudfront
analytics.js
www.google-analytics.com/ Frame A20A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.flocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Apr 2023 18:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4713
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 15 Apr 2023 20:11:32 GMT
iframe.js
s.flocdn.com/%40s1/dpl/4.10.5/ Frame A20A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-105.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa35093fe1dc1f7de4500f1d738ebacf3cef300aba8eb40d75fceec72cd654d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 18:33:41 GMT
content-encoding
gzip
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-version-id
j.sjjFPUPPbaiW9I.0suz0uEuoe02OJ1
last-modified
Thu, 23 Mar 2023 19:29:55 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1644985
etag
"e05539d09837c596736ed83a8857a809"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
2948
x-amz-cf-id
MzNIX5Ay93Fwwcp6831GTXN0Q_CjVpyipAqpJoSorZUpCsvtWP_m9w==
collect
www.google-analytics.com/j/ Frame A20A 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=750001909&t=pageview&_s=1&dl=https%3A%2F%2Foffers.ankylosingspon-yg-ace.fyi%2F%3F%26session_id%3Dwbtusd247olsjut48wd5tlks&dp=%2F&ul=en-us&de=UTF-8&dt=ankylosingspon-yg-ace.fyi&sd=24-bit&sr=1600x1200&vp=&je=0&_u=SKCAAAABEAAAACgCAC~&jid=1734088280&gjid=1375015988&cid=942261133.1681587005&tid=UA-158232775-1&_gid=444770459.1681587005&_r=1&_slc=1&cd1=true&cd2=generatePrimaryId&cd3=4.10.5&cd4=6zkbdxglgy46dt6s5bsddc5s&cd5=1681587005116-8772e00e-7704-4314-ad6e-f6654662eb3b&z=125451179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.flocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 Apr 2023 19:30:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.flocdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dplpxs
soflopxl.com/ 		0
204 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.242.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-242-125.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.ankylosingspon-yg-ace.fyi/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://offers.ankylosingspon-yg-ace.fyi
date
Sat, 15 Apr 2023 19:30:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST
expires
Sat, 15 Apr 2023 19:30:04 GMT
collect
stats.g.doubleclick.net/j/ Frame A20A 		4 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-158232775-1&cid=942261133.1681587005&jid=1734088280&gjid=1375015988&_gid=444770459.1681587005&_u=SKCAAAAAEAAAACgCAC~&z=1971554437
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.flocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 15 Apr 2023 19:30:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.flocdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame A20A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-158232775-1&cid=942261133.1681587005&jid=1734088280&_u=SKCAAAAAEAAAACgCAC~&z=16241225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.flocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Apr 2023 19:30:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame A20A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-158232775-1&cid=942261133.1681587005&jid=1734088280&_u=SKCAAAAAEAAAACgCAC~&z=16241225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.flocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Apr 2023 19:30:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
www.google.com/afs/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=4ktuu8y7dyz1&aqid=Pfs6ZP2ZFYPr1wbH3r3gCQ&psid=1646507740&pbt=bs&adbx=550&adby=61&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=523105112&csala=3%7C0%7C145%7C92%7C228&lle=0&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-AV3SpQMftgfYjABKla5vng' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-AV3SpQMftgfYjABKla5vng' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 15 Apr 2023 19:30:07 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=nm1dvyp3qz2u&aqid=Pfs6ZP2ZFYPr1wbH3r3gCQ&psid=1646507740&pbt=bv&adbx=550&adby=61&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=523105112&csala=3%7C0%7C145%7C92%7C228&lle=0&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-wvBw2IAYAuEkoY-DjhFeDw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.ankylosingspon-yg-ace.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-wvBw2IAYAuEkoY-DjhFeDw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 15 Apr 2023 19:30:07 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| webpackChunkfrontend object| React object| ReactDOM function| hydrateSSR object| componentScript object| UISyndication string| onetrustTemplate function| OptanonWrapper object| s1 object| dpls1s string| GoogleAnalyticsObject function| ga object| dataLayer number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| google_tag_manager object| google_tag_data string| defaultGaId function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
s.flocdn.com/%40s1/dpl/4.10.5 Name: c_cn
Value: c_cn1234
.s.flocdn.com/ Name: _ga
Value: GA1.3.942261133.1681587005
.s.flocdn.com/ Name: _gid
Value: GA1.3.444770459.1681587005
.ankylosingspon-yg-ace.fyi/ Name: __gsas
Value: ID=c279f0c2b232eb9d:T=1681587005:S=ALNI_MYVFkVquEK5LEVnsQxzxAAbjmeerQ
.ankylosingspon-yg-ace.fyi/ Name: _ga
Value: GA1.1.34663843.1681587006
.ankylosingspon-yg-ace.fyi/ Name: _ga_1QH44F1BG5
Value: GS1.1.1681587005.1.0.1681587005.60.0.0
.s.flocdn.com/ Name: _gat
Value: 1
.google.com/ Name: NID
Value: 511=pUAWzfwHphFydgldYITY2uglWN0ZU6MpHE6lhd8aSxlUQEFEMhTKhFFDEHCyC1Q782AF_9mIGVsWRRlFeA2px1zOLu3hsTcOKa9tLo_zMvNhgn0RDHLHVeyN5TzP1U9ta0PqxfahtxaubeLmO24czwFPSMkzUg2PQVqem0aNmHw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
ankylosingspon-yg-ace.fyi
offers.ankylosingspon-yg-ace.fyi
partner.googleadservices.com
region1.analytics.google.com
s.flocdn.com
soflopxl.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
18.66.248.105
2001:4860:4802:32::36
2606:4700:3030::ac43:a2c0
2606:4700:3032::6815:a5a
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200e
2a00:1450:4005:801::2003
2a00:1450:400c:c0c::9a
54.155.242.125
1448bf72a43a485252ffbf7e536e95484947bbb7629b204560999e39aeee7212
163f292316ed47971ae43c8925b9e78aad5c227505271b58ff9f35890e18493a
1baf2f0c6f6d4ce3221674ed8e9e9e413096bdd5fdb2f3ec571d3216f1bdead0
1dd57d041ac30e848f760bd65ea054649d932bda4c8707d5b17218fb6dde2f56
2c1070306c1e3d758552699e726b1e51930b14d975c21308f44e4d4d77d4d4ea
433464a815f255ec1606caf38c2f951fbac5bb2e7864f1b2636d5204e25a07ac
44b710702716aa42000e1f1db81754676688de3ed135daf75f569f5ce381af02
462926b6cf0073e9d08f7a33533309f7c9398e90262bce27538170882ca46ddf
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6ae057f4572749bba834db86bb3c7aef12723098534975bbd29385f621dcf45b
7a1acf99db7f3576f8c0d72c7935be91120894f82eafdec743b690af06c648c5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
9b7ca7500d141e33ebbbcd0463c3a3df6da51054203601792e3b034933f05563
a42ad16105fe7e05252aa84513657ba2942a2967d059461018dfb11b5a9948b8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af67ef467f07528c31667ebdd9a2312f5093d6e1fae9ab2c47522913c64fee8b
caa35093fe1dc1f7de4500f1d738ebacf3cef300aba8eb40d75fceec72cd654d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007f07c6faea39ea9ba6ca1f766e21fff0771dc7bf1d1aeb30f01251bc5594f