www.anrfactory.com Open in urlscan Pro
2606:4700:3034::6815:5e97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
Submission: On September 24 via api (September 24th 2023, 6:00:42 pm UTC) from IE — Scanned from DE

Summary HTTP 92 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 92 HTTP transactions. The main IP is 2606:4700:3034::6815:5e97, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.anrfactory.com.
TLS certificate: Issued by GTS CA 1P5 on August 13th 2023. Valid for: 3 months.

This is the only time www.anrfactory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3034::6815:5e97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
92	19

21 2606:4700:3034::6815:5e97 (United States)

ASN13335 (CLOUDFLARENET, US)

www.anrfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	458 KB
21	anrfactory.com www.anrfactory.com	261 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	123 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	252 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	606 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	171 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	236 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	187 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	165 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	7 KB
92	13

	Domain	Requested by
21	www.anrfactory.com	www.anrfactory.com
18	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	www.anrfactory.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com
6	www.googleadservices.com
6	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.anrfactory.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.anrfactory.com www.google-analytics.com
2	connect.facebook.net	www.anrfactory.com connect.facebook.net
2	www.googletagmanager.com	www.anrfactory.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	i.ytimg.com
92	18

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
youtube.com
www.youtube.com
www.instagram.com
akismet.com
anrfactory.com
blog.feedspot.com

Subject Issuer	Validity	Valid
anrfactory.com GTS CA 1P5	`2023-08-13` - `2023-11-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-02`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
Frame ID: 4A98087F1585ADE148F61CB5A43C07D6
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: DEAA5045830954CC9B9B1E6A321AA0A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&adk=1812271804&adf=3025194257&lmt=1695571235&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436575&bpp=3&bdt=710&idt=235&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7470360114462&frm=20&pv=2&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290
Frame ID: 78257EA6531232C2BDBCF3CE41752D0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=280&slotname=5948233133&adk=4056677716&adf=1801571695&pi=t.ma~as.5948233133&w=740&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436578&bpp=1&bdt=713&idt=291&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d3co7DomzX&p=https%3A//www.anrfactory.com&dtd=296
Frame ID: 17BEFFC6210D747DCF51ABD34F678799
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=600&slotname=5727907135&adk=245867249&adf=306411070&pi=t.ma~as.5727907135&w=300&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436580&bpp=1&bdt=716&idt=304&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x280&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=2836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5TOOSOUa0S&p=https%3A//www.anrfactory.com&dtd=308
Frame ID: 29D0C65E832BB1E304E30D4DC5FDB839
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=600&slotname=1378432737&adk=3943645601&adf=1137415096&pi=t.ma~as.1378432737&w=300&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436580&bpp=1&bdt=715&idt=332&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x280%2C300x600&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yTQvy7ifDI&p=https%3A//www.anrfactory.com&dtd=335
Frame ID: 2AC061CA8A0660BFB7862CFFF8AE383B
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B86C11BE604ED7BFB03CC003784ADE0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5CECDA169F8FDAE861330DB84DDC5568
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ECE8361A08FF1B653AE65E0A6369259A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: ABA6E84394AD6ED56F252D53AB49CDA9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: 86EC19540D0CEE75EBF55ABC14041503
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: B2ACCBC23BD240F1C6244F20AA0A0D4F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Money Coming Fast: OTB Lucciii is all about that cash action on 'Fashion' -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

92
Requests

97 %
HTTPS

94 %
IPv6

13
Domains

18
Subdomains

19
IPs

4
Countries

1653 kB
Transfer

4281 kB
Size

11
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/anrfactory

Search URL Search Domain Scan URL

URL: https://twitter.com/anrfactory

Search URL Search Domain Scan URL

URL: https://instagram.com/anrfactory

Search URL Search Domain Scan URL

URL: https://youtube.com/anrfactory1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=6XEk9xGsX_o
Title: here

Search URL Search Domain Scan URL

URL: https://www.instagram.com/otb_lucciii/
Title: IG

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/new-music
Title: New Music

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/singer-songwriter
Title: Singer Songwriter

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/songwriter
Title: Songwriter

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/soul
Title: Soul

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/soundcloud
Title: Soundcloud

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/spotify
Title: Spotify

Search URL Search Domain Scan URL

URL: https://anrfactory.com/category/music/trap
Title: Trap

Search URL Search Domain Scan URL

URL: http://blog.feedspot.com/music_blogs/
Title: <img width="1200" height="700" src="https://www.anrfactory.com/wp-content/uploads/2022/04/FEEDSPOT-AWARD-ANR-FACTORY.png" class="image wp-image-47517 aligncenter attachment-full size-full" alt="" decoding="async" style="max-width: 100%; height: auto;" srcset="https://www.anrfactory.com/wp-content/uploads/2022/04/FEEDSPOT-AWARD-ANR-FACTORY.png 1200w, https://www.anrfactory.com/wp-content/uploads/2022/04/FEEDSPOT-AWARD-ANR-FACTORY-300x175.png 300w, https://www.anrfactory.com/wp-content/uploads/2022/04/FEEDSPOT-AWARD-ANR-FACTORY-600x350.png 600w, https://www.anrfactory.com/wp-content/uploads/2022/04/FEEDSPOT-AWARD-ANR-FACTORY-1080x630.png 1080w" sizes="(max-width: 1200px) 100vw, 1200px" />

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://googleads.g.doubleclick.net/pagead/adview?ai=CFMKvRHkQZbP5OuPTkwOyv6PABaSizsRy4b28zcYRZBABIKT-vhpglbL4gZQHoAGL1KeVAsgBCakCYTFGH3HfsT6oAwHIA8sEqgTmAk_QNJZVc8uSm7XLJk8AJLJfRWxv0DGPlIMQ7LPHFJgyrt2FE1Ct9Xb5S1YutJXsretTLWZ_d0Fow_13oYla8ttiILyvSrWR8SAyHYmVeD4141DE-8w0I_w7QpFw2cBw9_4OH5MGUf0GEs_69n3ZeFB1m14idI5lYFikaHZPnBv98PoyrNarM3V5rOhIMinQsEbeUSA-eZMYKbDgT6GVBWuyEQJPfgzo5ML5hfR5r6ezsf-UxoFV5g9_TQOo-L1MJ46-BmYs_W4RTXEvXCSJrAQqV1T5FN6u82l8JR2EzBz73HVSZGzVqrDCJwKvGeUgGq40zQUTYQWMput_eBO3myxRM-9T91KkCeVJxUCKjTF-vgLC82yo0AtAuW3pOcQ4-9JFytFunD3_TkyuhDsmR9W4Jp62pqpveHI5YSeb7ZY8iuH72eYJ-mJafuGMu-_4eQcX24cL2fA08I7fcAh5XgL6m3vALNfABO7W-_amBIgF99W-ikuSBQQIBBgBkgUECAUYBKAGLoAH3avY6gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCrnB_SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkWaHR0cHM6Ly93d3cudHJpc29yLmRlL4AKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00Mzg3NDcxODEwMDE1NzYwGAA&sigh=UF-zBS1Yhlg&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWdOohZuhS_dbHy8FWrqTOhSkA4x_ochgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212664544259159822839%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228703543667172823521%22}&andc=true

Request Chain 100

https://googleads.g.doubleclick.net/pagead/adview?ai=C6w-LRXkQZevLDZSY7wLVhY2ACKSizsRy_Iy60bMRZBABIKT-vhpglbL4gZQHoAGL1KeVAsgBCakCYTFGH3HfsT6oAwHIA8sEqgTmAk_QjmjaCvevjIe6omxUmy99y-N7tTRbannBfoCxFajA88U84CphZi8wUXJqxSQjobXVXR7kAeld1jfmkYkSylPiGlN2ePN0hlWUa1RH_1I3U-kumi1bX43u29dEMAPkCRv0xXc4BSxW5B-p36-y7Ynr8_ZZf-pH-EZz1HrWAsLQivh8a_c1mVfjrikYKO0B87gh9EX5WzFKCfNvcpNLyJ7tSsEqK531u_osj-1VYJfrvZ8rlap-VM7h8KsP-dVCaz36llDTU0QDZzRP-IB2W4vl4p-Jdxu6n7kTvHsZPDuxItwu3LD-c-QKNIqgFTmFhvVdE2vV3JVCxksNiUjHGIucrJyW7tBkjtltYDK1pJkiyQXFIdtPd_RGtAUnVFKR1wW4H6F3g_XRhVze-S9BKRK8yHZL-rg4qYMAR4ej-wQuPMU1hlf8PU_5DJzypPlrTvc43hoBHcjz0OVkE5gT0Tx7WNw8TQXABO6dr8-zBIgF99W-ikuSBQQIBBgBkgUECAUYBKAGLoAH3avY6gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCPsAjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkWaHR0cHM6Ly93d3cudHJpc29yLmRlL4AKAcgLAaIMDCoKCgjktLEC7rWxAtgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00Mzg3NDcxODEwMDE1NzYwGAA&sigh=-66TShDE2K4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWYSCv50cgfhfdKPg8vDmMujUHxbkOoBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225457287887213620941%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222830023081426591585%22}&andc=true

Request Chain 102

https://googleads.g.doubleclick.net/pagead/adview?ai=CYw4ZRHkQZYGAPJWh5LcP7YeymAqkos7EcvyMutGzEWQQASCk_r4aYJWy-IGUB6ABi9SnlQLIAQmpAmExRh9x37E-qAMByAPLBKoE5gJP0N9kwKW4oDVA6HtKkF9svSkuCgJZPmNwFO2U1An_sbSfXEJ_Qsy1i0HqKNDdcMl6KWXLJMzK3hHw_G-uVMcM8Osu_boA5jZws95qK4ac8ucUxw5qzTpryJnOwwCAXTb8cV6X971cMsPRAWFDAMaK9N6NkxGxRHM7mri5spE3PWVX76qE-B929tu3lVGxuNDR03lwL5xTz8W-ED4VsyYC1mwT8xRZwqvLmiGrW-k_hOaOiEYGqWkCfLsLjPrWt6UBol2nQqwHQtrhFBwyOEo_EVYS7yCArVsXiitbeJ8i2b5ZoofSeypvo1eTYiHv_psEi6LIGSsnI8O-IrvfWLVgr3ZOTjJH4TtXLNRi9txRykAVbN4bzcnDj_6ofqbOdJck_N5bQf-aJBQ2cjybAHgOyQpGJIke6tPoK12qtun8VsixFbXlAN8tzv-ljaJDKL_bj8P5npQnqBehIhMXhEb_WuB8xKJRwATuna_PswSIBffVvopLkgUECAQYAZIFBAgFGASgBi6AB92r2OoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9c8H0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJFmh0dHBzOi8vd3d3LnRyaXNvci5kZS-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDM4NzQ3MTgxMDAxNTc2MBgA&sigh=7pt3ZbaIwUE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNb71f7jO-apNTjxNdsl5R4deRq7LfnRgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215495945632321209922%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216250216226651057745%22}&andc=true

92 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/ 82 KB
19 KB 2382ms
2065ms Document
text/html 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: af6e7d133ed23b3d0ad8225dd89a488e64efbb8ee1917df0fe831d06f8698db5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 80bced7b98282e77-DFW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 18:00:35 GMT
expires: Sun, 24 Sep 2023 18:00:34 GMT
last-modified: Sun, 24 Sep 2023 18:00:35 GMT
link: <https://www.anrfactory.com/wp-json/>; rel="https://api.w.org/", <https://www.anrfactory.com/wp-json/wp/v2/posts/34516>; rel="alternate"; type="application/json", <https://www.anrfactory.com/?p=34516>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ5G4Z39lWNnF%2FoepylliV1774DK2YyihQ62J4yWqN%2BYKScVwDh4ATWtlHiin%2BkhzwfeNsOY3upCwQ7OCZq8b%2BTmafCfTi7q3a6V2AWAKAil1OzGbATDibtX23u8LtHmYUdieElGVQz97vSmYxVQDK4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 webcache2 (Varnish/trunk)
x-pingback: https://www.anrfactory.com/xmlrpc.php
x-powered-by: PHP/8.0.30
x-varnish: 3616035541

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 81ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%3A400%2C700%2C400italic%2C700italic%26amp%3Bsubset%3Dlatin%2Clatin-ext%7CMontserrat%3A400%2C500%2C700%26amp%3Bsubset%3Dlatin%2Clatin-ext&display=swap

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

007281271696553daf7262c201bcb7b7660522f6d807b0cc0f21773b5c2b0102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 18:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 18:00:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 18:00:35 GMT

GET
H2 200 rocket-loader.min.js Show response
www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 149ms
148ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 08:17:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650aaa83-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmNScYt%2BScI7SZrmQh3RmqxfMUNYl4cax4w%2BDV8oz83YrzMJ4h6ZeOdx9nKqFwadIujGtp4aAlFfjupG5w9Czme0sUb%2FnhYB6wze6BVGpTDBOCRSqai0PApq%2F7wnx733zeuScY%2FEQemOjkQAT1mafCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80bced888c1b2e77-DFW
expires: Tue, 26 Sep 2023 18:00:35 GMT

GET
H2 200 bc0c78648801c2d2353103311a926c53.css
www.anrfactory.com/wp-content/cache/min/1/ 195 KB
33 KB 163ms
162ms Stylesheet
text/css 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/cache/min/1/bc0c78648801c2d2353103311a926c53.css
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc60db883ccba2637578982f02724176b1d5e4fd0b280351b8e747a1bf4a5471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:35 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1421699
cf-polished: origSize=199638
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 06:51:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um9D%2FmpEpebumfZOLqbSdEHSOngE8YLBwNMcBvwp%2FelRcFBq16i1pUokZMRAvnFlivPguMhTVxIurtO%2FWUZ71wrbna9%2FhmyNRw8e1aIasAZupTSgArxyvS56Sed6jJnOX%2F%2FwdUh6CyveI00nqgrCnOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-varnish: 47732613196 47801443728
cache-control: public, max-age=31536000
cf-ray: 80bced888c152e77-DFW
expires: Sat, 07 Sep 2024 06:52:22 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ccebd55962b86304d49ceeb9a6ef96beb723d62db79d6d0555644ad3c75e89f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3f1e4144c0fc9a0638f42d5d6c9875ae6768680a7f2ffa5ef449ccdf25fe436

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67043f97f410b02d6be7a0129f31c6a62cd6e72473ac6c74b7a7952e40f25842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aa4af0852579c003605e6527d898cc5e6a414aa9258fd937704f267e8530fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1c81fe11d1bd086d5a8708d4aa0c22c4f7679e06de4e5ae97be8cfac8bef0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bebd2370c21138168750a107504b2ce895f62aa2e80565a964ac3f0d1eef6429

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lazyload.min.js Show response
www.anrfactory.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 157ms
156ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 785596
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 May 2022 20:10:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIVE3UewDCF%2FRtbQlBKCA1YzGpkl%2FaF%2BJ6TTYjNm8VtQbW3VZn6yWUJ39EpeVPIQlc28I3Mi8S5Q4idKRNMMpK5sOySKfblMOvbA4xyBncGJw1FXClTakfcfevd7ekDrUDnlxdixwnwxatAc5d%2Fb6Ho%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 54859531546
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80bced89de502e77-DFW
expires: Sat, 14 Sep 2024 15:47:20 GMT

GET
H2 200 akismet-frontend.js Show response
www.anrfactory.com/wp-content/plugins/akismet/_inc/ 6 KB
2 KB 163ms
162ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1694807034
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 762561
cf-polished: origSize=10733
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 19:43:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxunU4%2F1terG3uUUlg1hCHDqsKCyZyfZONpzQLWCUTbmVq2NNkHvANu%2BqTa2IW9vlzfuOBjpIbANBQhqldQ2KRKhGyIB2Rs%2FnQ9DJcoqWurmlNIDmtnWYw2wZtOClaQBnBfEexXktAQ3y8ZbfRo1aPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 55065872235 54977271256
cache-control: public, max-age=31536000
cf-ray: 80bced89de532e77-DFW
expires: Sat, 14 Sep 2024 19:46:32 GMT

GET
H2 200 ads.js Show response
www.anrfactory.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 439 B
579 B 169ms
169ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.76
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 473e48c21306bbaee9b2d327fc13d23346840d26b70dd3717830636faca631d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 771222
cf-polished: origSize=562
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 19:43:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ0YokxhgiFyA9tnogoeilK7v7oq3djE%2FURAgtlrLxCX8oeUX5R22QL68Wi9wT9FWTg0SmLQzVLE8yBjDzGfwerPsIHbiFv2wKZF6Xl8xCBnN4frFLEvOTdxPTtL7%2FTxayIRZ6vxkvN06UWCXVrv0QU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 54899754451 54881607163
cache-control: public, max-age=31536000
cf-ray: 80bced89de602e77-DFW
expires: Sat, 14 Sep 2024 19:46:32 GMT

GET
H2 200 comment-reply.min.js Show response
www.anrfactory.com/wp-includes/js/ 3 KB
2 KB 165ms
164ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-includes/js/comment-reply.min.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2246216
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 29 May 2022 18:05:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64x2ZlAFvCq8WvFoAAhgspie9SBYPe8ICWbw9P1x9BGhjDVmV%2FMNR54MLzDogQ61PT3jIuoU8Kd7V%2FtjOgOINTUIKfp%2F1%2BCTzRdTHysVEPLCah3jwIElxx%2BaK5etixLCXCAHNvTGYTBCJtpZYj97UHA%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 37968549934
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80bced89de692e77-DFW
expires: Wed, 28 Aug 2024 18:03:40 GMT

GET
H2 200 solopine.js Show response
www.anrfactory.com/wp-content/themes/redwood/js/ 839 B
794 B 176ms
175ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/themes/redwood/js/solopine.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8860ec750c479b647736b81b517acecf144f555e116aec543e92a9cbd7cc829b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 785594
cf-polished: origSize=1135
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 19 Nov 2020 16:40:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0JZSiP0Rm6jYCaERRSMmrh6At6%2F0o6%2FvqOd0muvA0ZM6Ti0kWPPAW2ss51szQz0grrm%2BVroHB31%2BOiEmxHpthUpWeLjXt%2FXuychTjuHUDgkzK0iD7YC%2BImGWNIyMb5dS3gI4xIa2zJhNsSLkkWiI0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 54772610894
cache-control: public, max-age=31536000
cf-ray: 80bced89de6d2e77-DFW
expires: Sat, 14 Sep 2024 15:47:22 GMT

GET
H2 200 fitvids.js Show response
www.anrfactory.com/wp-content/themes/redwood/js/ 2 KB
1 KB 167ms
166ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/themes/redwood/js/fitvids.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f8ac0374c2bb1477727fda495437bb1093ebc4ea905138540bbaa35f5dbf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 330901
cf-polished: origSize=3321
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 19 Nov 2020 16:40:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09DQ%2FGTX0MHLAi6So7lWIZ8%2FnR88T5B9iFhztRrZFsI1IBKwvbptYtblg0cwY3F4z6ICm5odRGP0BrqtvaRRJCPSPreP6rutrvRw4DVt1QxoIuprR0uZQQGU0dx66Ses7cWpkNL7xxpiw8xZhx9A6ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 319361592 55673536
cache-control: public, max-age=31536000
cf-ray: 80bced89de6f2e77-DFW
expires: Thu, 19 Sep 2024 13:56:04 GMT

GET
H2 200 jquery.bxslider.min.js Show response
www.anrfactory.com/wp-content/themes/redwood/js/ 19 KB
6 KB 169ms
168ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/themes/redwood/js/jquery.bxslider.min.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1474094
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Nov 2020 16:40:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFPP3Kd5qRt3UfFMrl%2F8PvOCu%2FcfCbOJ39Q6ytoajdg5V1X8%2FxIkTpB0hBlMeYWp%2FE%2BRi9moyq24rTCmGY3oSNFSto9TZ6Vq00Pb%2B%2F51FnxPpevDHuqkBeZ1d3AFwjQl8%2BVPHO%2B1OmEOqG6%2BIDTnMao%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47340462454 37851543518
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80bced89de712e77-DFW
expires: Wed, 28 Aug 2024 16:39:25 GMT

GET
H2 200 jquery.slicknav.min.js Show response
www.anrfactory.com/wp-content/themes/redwood/js/ 6 KB
2 KB 176ms
175ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/themes/redwood/js/jquery.slicknav.min.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2246264
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Nov 2020 16:40:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDD%2F%2BSHu9pZMDzTybJfVQ9R5n16VmnwMayvKWzaS5vr57y5LlL809StNZoLwOAZZim8VlAhT%2B4t%2F2qzuxdaMSo%2By7dvDKgFlNNcaI%2Fpa6%2BzmaFpELqOdD09afymIRCS%2B%2BNG62LyY924r9C20%2B%2FVNtIE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 37931822715
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80bced89de732e77-DFW
expires: Wed, 28 Aug 2024 18:02:51 GMT

GET
H2 200 index.js Show response
www.anrfactory.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 179ms
178ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4155458
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 15:41:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r292TLYS2OTUNoZvHjLsah%2FTTi5ORu8zApM6ktC0G2q1FMHpF4p%2BEQPX5P957ExLlgcFUcD7MHdywif7r00GYq2w%2BA8BRAAKxH4vzrkPAv0N8yzWJ4rcsuj7p9NX8sA7aC4vU1HU7m1e7%2BQAjoiJc6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 16823653195 16840560454
cache-control: public, max-age=31536000
cf-ray: 80bced89de742e77-DFW
expires: Tue, 06 Aug 2024 15:42:00 GMT

GET
H2 200 index.js Show response
www.anrfactory.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 185ms
184ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4149140
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 15:41:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oBB%2F9Fm9bIl8cvF4uXamlD%2FMVfq3317dHWNb25rS4bdA%2Byu%2FeCtWCHwzhRSxhOpGfb8beVJqCjOC6sGdeDnBAOCBuyJJIqOVUJr8FEMZw6I4Fk2kuVODYwim30amS1SNzyM71xqIa%2Fi%2FGSKSBaplkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 16883426750 16825882721
cache-control: public, max-age=31536000
cf-ray: 80bced89de762e77-DFW
expires: Tue, 06 Aug 2024 15:41:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 274ms
101ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8c0733a38904fe9bef96cd81a765a96c843894bdb2539a2b26b200da2c0a8b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50631
x-xss-protection: 0
server: cafe
etag: 8551053971698458922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 242ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4387471810015760&host=ca-host-pub-2644536267352236

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502f9f6bee057e58ca4ac42d0319f945262fff5b1e6c6fe716739ea78aff5025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Origin: https://www.anrfactory.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50633
x-xss-protection: 0
server: cafe
etag: 16680300566312911725
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 212ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-WRHDT4R

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cbbbf44e1cf39c1aab74f2d060b9bacbf032880c2a2217e5118dab3b207ab8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Sep 2023 18:00:36 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.anrfactory.com/wp-includes/js/jquery/ 13 KB
5 KB 302ms
301ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 785593
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Aug 2023 20:11:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkhiwhj%2FvrhfxX2yfGtHoTWwT10knZRlxzwEHMnzbPGfrpKNXHtKZcaY9aHoJ6c%2BO%2BuNhUgBMS%2FDzTmAczVVeh3eLmAvuxRiRNq6yDtsix9Bm%2BwZQUFtxStbory4BH8GoNWpz8YNUGCpm4rsN%2BWbRHg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 54834238768
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80bced8acfa42e77-DFW
expires: Sat, 14 Sep 2024 15:47:23 GMT

GET
H2 200 jquery.min.js Show response
www.anrfactory.com/wp-includes/js/jquery/ 85 KB
31 KB 389ms
389ms Script
application/javascript 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1469044
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Aug 2023 20:11:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N920z96vuLmoL2dFVf%2FQQt4FYO0ayYxaE2Bmyt%2FUdLYBCINTCeVBEcUjxnk4Zzy%2Fd6o%2FOFY8yTUZVtAOUC3WX1NOuAAVyo69CxKFRKLf%2Bq%2B5GvHShPYEW1y42wy5DMH2Z%2FURw3SecQ%2FKb0E%2FvJ0pe44%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47351644384 34148806271
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80bced8acfa72e77-DFW
expires: Sat, 24 Aug 2024 19:43:44 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
36 KB 185ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C700%2C400italic%2C700italic%26amp%3Bsubset%3Dlatin%2Clatin-ext%7CMontserrat%3A400%2C500%2C700%26amp%3Bsubset%3Dlatin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anrfactory.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 07:19:52 GMT
x-content-type-options: nosniff
age: 211244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 07:19:52 GMT

GET
H2 200 searchsubmit.png
www.anrfactory.com/wp-content/themes/redwood/img/ 1 KB
2 KB 290ms
290ms Image
image/png 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anrfactory.com/wp-content/themes/redwood/img/searchsubmit.png
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/wp-content/cache/min/1/bc0c78648801c2d2353103311a926c53.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/wp-content/cache/min/1/bc0c78648801c2d2353103311a926c53.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191463
alt-svc: h3=":443"; ma=86400
content-length: 1167
last-modified: Thu, 19 Nov 2020 16:40:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJQ0oYSmywUlLdlGMHdCThdf4cc9%2BtE%2Fm5TdcDvQimmPEj73f008UjuONoa%2BtalxBYl0RmruJDD96L7gL7haYYGCeotm6DXL9WVN5D44DJsY7kK9zGlqlm6o6cenE7nbQUC4YFYkRfLyLbzzeadNgrI%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1813005300
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 80bced8acfab2e77-DFW
expires: Sat, 20 Jan 2024 12:49:33 GMT

GET
H2 200 0QIhMX1D_JOuMw_LIftL.woff2
fonts.gstatic.com/s/lora/v32/ 38 KB
38 KB 219ms
57ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIhMX1D_JOuMw_LIftL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d55ce9c3ac7a5f37a38813a2deed310abde9e63d0d36912e2e5e59751ca66c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anrfactory.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 17:28:26 GMT
x-content-type-options: nosniff
age: 261130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39208
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 17:28:26 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 203ms
43ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.anrfactory.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 258091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:19:05 GMT

GET
H2 200 fontawesome-webfont.woff2
www.anrfactory.com/wp-content/themes/redwood/fonts/ 75 KB
76 KB 296ms
296ms Font
application/octet-stream 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anrfactory.com/wp-content/themes/redwood/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.anrfactory.com
URL: https://www.anrfactory.com/wp-content/cache/min/1/bc0c78648801c2d2353103311a926c53.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.anrfactory.com/wp-content/cache/min/1/bc0c78648801c2d2353103311a926c53.css
Origin: https://www.anrfactory.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
cf-cache-status: HIT
last-modified: Thu, 19 Nov 2020 16:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 230814
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgUATDMZwUwSxAAKeBqKJOxq6bdFFHLD0t%2FBin0urEpC%2BMwDo8aVyJGKh0jHgR9hAE%2FJU6TYRZ2EmkQyad4ivxEcf7rkExd9EjoxptdpseQjw2TIufp%2FcCbOHeOyIMPOvYug30dcOAFViSVz5wD8udo%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1355422543 49120304
cache-control: max-age=2678400
cf-ray: 80bced8acfae2e77-DFW
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 13:56:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 24 Sep 2023 18:00:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53243
x-xss-protection: 0
pragma: public
x-fb-debug: SVO2ahbZ2tOuQS4/GF3TVhQXHxyIUUIOtgEBhQCtEJ0Hyrq4JHoTVL4R7e1arAGPbk8FTt39/TcKcXf1Dyvjxw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc33343d505d24c3246056aac0d4d4904d4df8ac27f832bc95d110b09ed4d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50632
x-xss-protection: 0
server: cafe
etag: 13205306021206982059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.anrfactory.com
URL: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 653
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Sep 2023 19:49:43 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4387471810015760&plah=www.anrfactory.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4387471810015760&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51c2918cd3df0652b620f5dac4ef27b334d0db5aef41d474d7797f12774d5ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131562
x-xss-protection: 0
server: cafe
etag: 6984163732742786975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame DEAA 10 KB
5 KB 222ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4387471810015760&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 12:04:54 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 12:04:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 207ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VRF5C4B4X2&gtm=45Pe39k2&_p=1658597630&gdid=dZTNiMT&cid=1952570730.1695578437&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1695578436&sct=1&seg=0&dl=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&dt=Money%20Coming%20Fast%3A%20OTB%20Lucciii%20is%20all%20about%20that%20cash%20action%20on%20%27Fashion%27%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WRHDT4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 18:00:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.anrfactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 youtube.png
www.anrfactory.com/wp-content/plugins/wp-rocket/assets/img/ 662 B
1 KB 181ms
181ms Image
image/png 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anrfactory.com/wp-content/plugins/wp-rocket/assets/img/youtube.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fc28a845d8b8a279c9c867cb86cee52b6ddf9df67f91b0c6a15513848fdb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80224
alt-svc: h3=":443"; ma=86400
content-length: 662
last-modified: Thu, 19 May 2022 20:10:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0CK9Te7BNG4ti56s4wVU9rfh1thlm4XvfpTjH9g6AIZQhC%2FZfOU9NkKF%2FoKA9jX0HdVF2QcsV3Z5TDm0UBWh0k7qHYLTxzscClLEbPQGJYS8v8wfFwUHrAKkxM%2B9RL39g87YfnrkAsFiJIBXBM3G%2FA%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 2967504156 16261610
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 80bced8d6bd3ced5-SJC
expires: Thu, 18 Jan 2024 14:58:37 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1658597630&t=pageview&_s=1&dl=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&ul=en-us&de=UTF-8&dt=Money%20Coming%20Fast%3A%20OTB%20Lucciii%20is%20all%20about%20that%20cash%20action%20on%20%27Fashion%27%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=2002050151&gjid=739311098&cid=1952570730.1695578437&tid=UA-49987016-1&_gid=681667674.1695578437&_r=1&_slc=1&z=1906736060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3240bda49d4ea8356a9098eae93879caec34cbf27fceb0d8f27d6d6682631cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.anrfactory.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 18:00:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.anrfactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AR_FACTORY_MINIMAL-LOGO-WEBSITE.png
www.anrfactory.com/wp-content/uploads/2021/11/ 14 KB
14 KB 182ms
182ms Image
image/png 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anrfactory.com/wp-content/uploads/2021/11/AR_FACTORY_MINIMAL-LOGO-WEBSITE.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503ce79251aa08d05c1046dcef24940a77c692918f8afdc0886b01fb03d5a451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295657
alt-svc: h3=":443"; ma=86400
content-length: 14232
last-modified: Mon, 15 Nov 2021 11:58:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B76kuUp08ad9eK2N9HR%2BB3MlBuf6P7tihUMy6KsG4XH7UmmE7tBBqwobSFJM53wqkibAxa9r4SkVGiNqaMfdrmHA7pvJN8aHvaISXqiCMqz50i0WZqkYBi%2Bto4CFk9HDNvEu3n2filzuU1rrjw1UxsQ%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 637343316
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 80bced8d8bf4ced5-SJC
expires: Fri, 19 Jan 2024 07:52:59 GMT

GET
H3 200 SUBMIT_YOUR_MUSIC.png
www.anrfactory.com/wp-content/uploads/2021/11/ 35 KB
36 KB 356ms
356ms Image
image/png 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anrfactory.com/wp-content/uploads/2021/11/SUBMIT_YOUR_MUSIC.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9fab7922264ea50220e264de4d91e57cfee55c70333815f6c2d0eaab807300b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
via: 1.1 webcache2 (Varnish/trunk)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3318095
alt-svc: h3=":443"; ma=86400
content-length: 36244
last-modified: Mon, 15 Nov 2021 11:55:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MBLt2neI4kmHs8ByOWksmXMxsOVCBbaNW87UiLXiCKBvRZGgys8XpuMi1%2FMdBelPWIGErEjdhZ84S0J3X3hGrtnr8%2FueCHJfPAC74xa42yQPw3RC6jzeZ%2BY5V8lcuDdLiWR5tco56KgqQ96zNOPIZk%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 25679399651 3772908239
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 80bced8d8bf5ced5-SJC
expires: Tue, 21 Nov 2023 13:22:35 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/6XEk9xGsX_o/ 7 KB
7 KB 217ms
82ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6XEk9xGsX_o/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24ff3ec517497fba0e6fb5a3bdafc3903f98b340c9261ebec7242e21902bfdc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7172
x-xss-protection: 0
server: sffe
etag: "1611174668"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 24 Sep 2023 20:00:36 GMT

GET
H2 200 1663217597399663 Show response
connect.facebook.net/signals/config/ 489 KB
134 KB 192ms
191ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663217597399663?v=2.9.128&r=stable&domain=www.anrfactory.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56600bb06ad706d8fa3f8fc88479aad8a9b3e0c2733c7f9727eba0a19d133277

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 24 Sep 2023 18:00:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: WU630ql1/8FlGBQB0UTJwpMcz6zextxi56wUPuhZ7NRcnbAuFliuGo5RoadzCHPxGRHCka+w0/p6g/M5xolEBQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49987016-1&cid=1952570730.1695578437&jid=2002050151&gjid=739311098&_gid=681667674.1695578437&_u=IADAAEAAAAAAACAAI~&z=1740724600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.anrfactory.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 24 Sep 2023 18:00:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.anrfactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XPFYBRQKEM&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3dd48d0bae850cd0ce6cb4c6a099cf49c34de7eb817798816e617eddb4915fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Sep 2023 18:00:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
606 B 79ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.anrfactory.com&callback=_gfp_s_&client=ca-pub-4387471810015760

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4387471810015760&plah=www.anrfactory.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc1fc8840643649aa9a1681e447b699492f9e099e089d351666f881fd524cde2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7825 0
188 B 365ms
362ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&adk=1812271804&adf=3025194257&lmt=1695571235&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436575&bpp=3&bdt=710&idt=235&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7470360114462&frm=20&pv=2&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:00:37 GMT
expires: Sun, 24 Sep 2023 18:00:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 121ms
120ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=top-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 18:00:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
70ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45e3e7e7cf0cc424325b491bb22a85e0b8e124405b6d2a90c6846cb05cfe9400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12035
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17BE 117 KB
39 KB 697ms
696ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=280&slotname=5948233133&adk=4056677716&adf=1801571695&pi=t.ma~as.5948233133&w=740&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436578&bpp=1&bdt=713&idt=291&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d3co7DomzX&p=https%3A//www.anrfactory.com&dtd=296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f243ab2f79e534a60268621f5fd7bfb5e846beddf2fd019a05dea1aa24f3039d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39847
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:00:37 GMT
expires: Sun, 24 Sep 2023 18:00:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29D0 118 KB
39 KB 585ms
583ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=600&slotname=5727907135&adk=245867249&adf=306411070&pi=t.ma~as.5727907135&w=300&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436580&bpp=1&bdt=716&idt=304&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x280&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=2836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5TOOSOUa0S&p=https%3A//www.anrfactory.com&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9be6b57b7810bdda8f895b2c7345260dd0bf7f7b982922164b189f0406df794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39866
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:00:37 GMT
expires: Sun, 24 Sep 2023 18:00:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AC0 119 KB
40 KB 463ms
460ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=600&slotname=1378432737&adk=3943645601&adf=1137415096&pi=t.ma~as.1378432737&w=300&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436580&bpp=1&bdt=715&idt=332&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x280%2C300x600&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yTQvy7ifDI&p=https%3A//www.anrfactory.com&dtd=335

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6a7b3313a8d7d81dfd2a55f18eb3c954dfe7e606a7d9ab30188054fc1cc0398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40515
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:00:37 GMT
expires: Sun, 24 Sep 2023 18:00:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XPFYBRQKEM&gtm=45je39k2&_p=1658597630&gdid=dZTNiMT&ul=en-us&sr=1600x1200&cid=1952570730.1695578437&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&dt=Money%20Coming%20Fast%3A%20OTB%20Lucciii%20is%20all%20about%20that%20cash%20action%20on%20%27Fashion%27%20-&sid=1695578436&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XPFYBRQKEM&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 18:00:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.anrfactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 256ms
82ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 178ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663217597399663&ev=PageView&dl=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&rl=&if=false&ts=1695578436977&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695578436975.1455614842&cs_est=true&it=1695578436676&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 24 Sep 2023 18:00:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 Master-top-10-badge-2023-150x150.png
www.anrfactory.com/wp-content/uploads/2023/01/ 14 KB
15 KB 187ms
186ms Image
image/png 2606:4700:3034::6815:5e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.anrfactory.com/wp-content/uploads/2023/01/Master-top-10-badge-2023-150x150.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e078de8e39362dca5647c5a09f3dc81a6954e9b1e507ba2d94b17d6622b839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:37 GMT
via: 1.1 webcache2 (Varnish/trunk)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 492141
alt-svc: h3=":443"; ma=86400
content-length: 14592
last-modified: Sat, 14 Jan 2023 19:39:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BMDQVd0bScX3nBsdbQm4nJlkMqO2UilJjQkiiuBVAW1VlysAVuMGL91WF8KhsDFvx1fLICcdnG%2FmCPsiao2zW064R%2FluVcrGfUPbP2C%2BEOJ5kxAZR4dJBfhaGfTa3InK0OWMVeYj%2FxOf%2FiyiymsWN0%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 57932744268
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 80bced8fce4bced5-SJC
expires: Wed, 17 Jan 2024 01:18:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B86 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 12:05:00 GMT
expires: Mon, 23 Sep 2024 12:05:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5CEC 829 B
1 KB 446ms
33ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e63aec74591d1747b862e4468fdaf30c7d3714ef7aafd87493ce690764098edb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bo3PgjPqrle_c4PL5j7cVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Bo3PgjPqrle_c4PL5j7cVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:00:37 GMT
expires: Sun, 24 Sep 2023 18:00:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B86 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 16:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Sep 2024 16:32:13 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 4B86 0
40 B 20ms
19ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ll5ncg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 29D0 14 KB
1 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=600&slotname=5727907135&adk=245867249&adf=306411070&pi=t.ma~as.5727907135&w=300&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436580&bpp=1&bdt=716&idt=304&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x280&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=2836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5TOOSOUa0S&p=https%3A//www.anrfactory.com&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 16:32:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 29D0 2 KB
892 B 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 29D0 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 29D0 3 KB
1 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 29D0 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29D0 182 KB
57 KB 94ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 29D0 36 KB
15 KB 85ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 17BE 14 KB
1 KB 38ms
37ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=280&slotname=5948233133&adk=4056677716&adf=1801571695&pi=t.ma~as.5948233133&w=740&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436578&bpp=1&bdt=713&idt=291&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d3co7DomzX&p=https%3A//www.anrfactory.com&dtd=296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 17:17:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 17BE 2 KB
892 B 29ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 17BE 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 17BE 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 17BE 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17BE 182 KB
57 KB 122ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 17BE 36 KB
15 KB 77ms
27ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2AC0 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4387471810015760&output=html&h=600&slotname=1378432737&adk=3943645601&adf=1137415096&pi=t.ma~as.1378432737&w=300&fwrn=4&fwrnh=100&lmt=1695571235&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.anrfactory.com%2Fmoney-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695578436580&bpp=1&bdt=715&idt=332&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x280%2C300x600&nras=1&correlator=7470360114462&frm=20&pv=1&ga_vid=1952570730.1695578437&ga_sid=1695578437&ga_hid=1658597630&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077969&oid=2&pvsid=2527980058173226&tmod=1201466980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yTQvy7ifDI&p=https%3A//www.anrfactory.com&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 16:05:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 2AC0 2 KB
892 B 29ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 2AC0 23 KB
9 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 2AC0 3 KB
1 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 2AC0 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AC0 182 KB
57 KB 138ms
92ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:00:37 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 2AC0 36 KB
15 KB 81ms
45ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame ECE8 0
51 B 24ms
21ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.anrfactory.com
Referer: https://www.anrfactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.anrfactory.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:00:37 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18357133183657797787/ Frame 17BE 14 KB
14 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18357133183657797787/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdda5fcf771774c1a0398c608027360bbfc8f6e8587db41bd2bf4fccef77aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:04:57 GMT
x-content-type-options: nosniff
age: 57340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14051
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 15:32:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Sep 2024 02:04:57 GMT

GET
DATA 200
OK truncated
/ Frame 17BE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17BE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18357133183657797787/ Frame 29D0 14 KB
14 KB 28ms
23ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18357133183657797787/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdda5fcf771774c1a0398c608027360bbfc8f6e8587db41bd2bf4fccef77aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:04:57 GMT
x-content-type-options: nosniff
age: 57340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14051
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 15:32:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Sep 2024 02:04:57 GMT

GET
DATA 200
OK truncated
/ Frame 29D0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 29D0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18357133183657797787/ Frame 2AC0 14 KB
14 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18357133183657797787/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdda5fcf771774c1a0398c608027360bbfc8f6e8587db41bd2bf4fccef77aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:04:57 GMT
x-content-type-options: nosniff
age: 57340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14051
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 15:32:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Sep 2024 02:04:57 GMT

GET
DATA 200
OK truncated
/ Frame 2AC0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2AC0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 29D0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bb5e9d4ec73b5c53de7545db10e331102c6761ae20affd18e970d97e5497c99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5CEC 0
0 121ms
121ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2527980058173226&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 17BE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce4d5bc274d7e6603422b94484be38cd0f5943f04675afd4d15c0c6366181c96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2AC0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96f81e30bdb4b9de68d83c727ab045670cee52d2b7aebea935ed10cf6e0195a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 17BE 33 KB
33 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 391569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 17BE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFMKvRHkQZbP5OuPTkwOyv6PABaSizsRy4b28zcYRZBABIKT-vhpglbL4gZQHoAGL1KeVAsgBCakCYTFGH3HfsT6oAwHIA8sEqgTmAk_QNJZVc8uSm7XLJk8AJLJfRWxv0DGPlIMQ7LPHFJg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212664544259159822839%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22...

0
0

104ms
56ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212664544259159822839%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228703543667172823521%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12664544259159822839","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"8703543667172823521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 18:00:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 18:00:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12664544259159822839","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"8703543667172823521"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 29D0 33 KB
33 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 391569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 05:14:28 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame ABA6 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2AC0 33 KB
33 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 391569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2AC0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6w-LRXkQZevLDZSY7wLVhY2ACKSizsRy_Iy60bMRZBABIKT-vhpglbL4gZQHoAGL1KeVAsgBCakCYTFGH3HfsT6oAwHIA8sEqgTmAk_QjmjaCvevjIe6omxUmy99y-N7tTRbannBfoCxFaj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225457287887213620941%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%222...

0
0

103ms
55ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225457287887213620941%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222830023081426591585%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5457287887213620941","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"2830023081426591585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 18:00:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 18:00:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5457287887213620941","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"2830023081426591585"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 86EC 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 29D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CYw4ZRHkQZYGAPJWh5LcP7YeymAqkos7EcvyMutGzEWQQASCk_r4aYJWy-IGUB6ABi9SnlQLIAQmpAmExRh9x37E-qAMByAPLBKoE5gJP0N9kwKW4oDVA6HtKkF9svSkuCgJZPmNwFO2U1An...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215495945632321209922%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22...

0
0

58ms
56ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215495945632321209922%22,%22debug_reporting%22:true,%22destination%22:%22https://trisor.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581560843%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216250216226651057745%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:00:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15495945632321209922","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"16250216226651057745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 18:00:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 18:00:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15495945632321209922","debug_reporting":true,"destination":"https://trisor.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581560843"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"16250216226651057745"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame B2AC 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 107ms
56ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 18:00:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 107ms
56ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 18:00:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 18:00:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 127ms
126ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2527980058173226&bg=!bG-lbyDNAAYrDsWMCw47ADQBe5WfOHmIV3QXAsBvk5W9q1d1owVtVbsfbYrA7yd_2IAbbnVzNtT0ZhbouByGTBdvI76jAgAAAX1SAAAAB2gBBwoAlkmrLM6lNDVdrVgoR1Vc_JSYmd9CfhorQY-ptwbOIuHe65-WryPomrjusSzGumECFC0A2xTd4BUUmDYnNNJe-xJt0M5xUgwqquOWs5O_9J7ymDwcp_nUBdnA3Zs6CpExpXge2rZWEloGxciaQeADdQLxYozSv56yjqE688Qlf6P0LjzZ3qQj8wLhOyC3FneGJwsnZKfkHJkCwJwyHA_uF-Cx6ix1ukSuzVR3etlGuGRtQ6iiNaCVtqOcLGakYG92Lj28l5kXDd8QuKcGF6VpZrHGPkBG4Bi0-0RkFPFBzYqB9bVL7C-wVr1FiQO8cip3oU5hyQS5TMqJUAQLMDMQYZXpnb8qBX9v1B167QC1PJvOl9s20e00tqXJmt9in5Kv0Hsdz05UKW_CIViw0TyVnmEn8WkFAhQOQu9FknZj9XpWgajgilpSnADDMtrqdTr1u0hMG98x5urtaKkqlcfeXOMy44u10gx5pDT1_CjT0Dg0LPFtlAXNl8cSbZNloojYXOtmOF3Jhu_9adHIV_f2a4xy6My836jhvISxFC7uib1ePgYi7LhM8Luum_7PU8GxNx2ITIDbkaiPOooWbRM3B2dr3vLo_FEcBylZJO9B9SKEeS9SB3tApZrn-dIPk9VMKnQnDQlGQtsPaB0kCIHeV4tYmqEX2g325iRgnL9Oi6E456YMokTFDSY8sgj-Q6VB0BerxcOBtQ83hGn6reNV9LtjvHbP8D-I9X1ezNBHXB9qXnGn_IfOSWq9epnLwey-tmPcZpJL8_gcZu31W5QbodKELbMxvsT9x7AL5z-XfBZNoiL1u9aPX2jf3KpSAsXfrivcjm7V8WAb1Z8W6bGyYZUv_fmQZsLoi7IuzHZIR18FpVxMlNPd3qyFVdnFf4fhl_IqgcMeDQbEBjcbvA4ClibIRM7Pi0vLZejszTGeaexbKKkMH_pxVay8MbUM9zY5az1wo70nMbadaQKO9BL97004N0N1gosiwgaReCHO7RZ9J4J9b7U7gvXaFxb1Jj2eTOh6FAhtfwtj4ph1vGfiwJEub_RUWXw9_DrmQowkjdm2Y8Bq2lVA0fPPWfwhqcbFK2-x-rlRUWcZyPx6a7JJ69rpzC1y4BqHGZ6E_esrvk5JpOgqfqSsPX2d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.anrfactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.anrfactory.com/money-coming-fast-otb-lucciii-is-all-about-that-cash-action-on-fashion	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.anrfactory.com/	1970-01-21 00:35:38	Name: _ga_VRF5C4B4X2 Value: GS1.1.1695578436.1.0.1695578436.0.0.0
.anrfactory.com/	1970-01-21 00:35:38	Name: _ga Value: GA1.2.1952570730.1695578437
.anrfactory.com/	1970-01-20 15:01:04	Name: _gid Value: GA1.2.681667674.1695578437
.anrfactory.com/	1970-01-20 14:59:38	Name: _gat Value: 1
.anrfactory.com/	1970-01-21 00:35:38	Name: _ga_XPFYBRQKEM Value: GS1.2.1695578436.1.0.1695578436.0.0.0
.anrfactory.com/	1970-01-21 00:21:14	Name: __gads Value: ID=675fb01007644af4-222d46f789de00a9:T=1695578436:RT=1695578436:S=ALNI_Mb4nXAwnigz_hVUDVJQL5fnsWc-PQ
.anrfactory.com/	1970-01-21 00:21:14	Name: __gpi Value: UID=00000c834084a5f8:T=1695578436:RT=1695578436:S=ALNI_MYar59vtriyuViuwLnn3TxQ7Dv3iw
.anrfactory.com/	1970-01-20 17:09:14	Name: _fbp Value: fb.1.1695578436975.1455614842
.doubleclick.net/	1970-01-21 00:21:14	Name: IDE Value: AHWqTUnUVLugfOh-nCfRqjZrZyu6jpn-IqN50LmHuHk5odarPkRfO_hDPmvpZaMouk4
.googleadservices.com/	1970-01-20 17:09:14	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.anrfactory.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.98
2001:4860:4802:32::36
2606:4700:3034::6815:5e97
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2016
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
007281271696553daf7262c201bcb7b7660522f6d807b0cc0f21773b5c2b0102
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a
0cbbbf44e1cf39c1aab74f2d060b9bacbf032880c2a2217e5118dab3b207ab8c
0dc33343d505d24c3246056aac0d4d4904d4df8ac27f832bc95d110b09ed4d61
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
20e078de8e39362dca5647c5a09f3dc81a6954e9b1e507ba2d94b17d6622b839
24ff3ec517497fba0e6fb5a3bdafc3903f98b340c9261ebec7242e21902bfdc1
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3240bda49d4ea8356a9098eae93879caec34cbf27fceb0d8f27d6d6682631cd4
38f8ac0374c2bb1477727fda495437bb1093ebc4ea905138540bbaa35f5dbf6f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45e3e7e7cf0cc424325b491bb22a85e0b8e124405b6d2a90c6846cb05cfe9400
473e48c21306bbaee9b2d327fc13d23346840d26b70dd3717830636faca631d7
4ccebd55962b86304d49ceeb9a6ef96beb723d62db79d6d0555644ad3c75e89f
502f9f6bee057e58ca4ac42d0319f945262fff5b1e6c6fe716739ea78aff5025
503ce79251aa08d05c1046dcef24940a77c692918f8afdc0886b01fb03d5a451
51c2918cd3df0652b620f5dac4ef27b334d0db5aef41d474d7797f12774d5ad1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56600bb06ad706d8fa3f8fc88479aad8a9b3e0c2733c7f9727eba0a19d133277
5aa4af0852579c003605e6527d898cc5e6a414aa9258fd937704f267e8530fdd
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d55ce9c3ac7a5f37a38813a2deed310abde9e63d0d36912e2e5e59751ca66c7
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67043f97f410b02d6be7a0129f31c6a62cd6e72473ac6c74b7a7952e40f25842
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550
8860ec750c479b647736b81b517acecf144f555e116aec543e92a9cbd7cc829b
8bb5e9d4ec73b5c53de7545db10e331102c6761ae20affd18e970d97e5497c99
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
96f81e30bdb4b9de68d83c727ab045670cee52d2b7aebea935ed10cf6e0195a3
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
a8c0733a38904fe9bef96cd81a765a96c843894bdb2539a2b26b200da2c0a8b1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af6e7d133ed23b3d0ad8225dd89a488e64efbb8ee1917df0fe831d06f8698db5
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b6a7b3313a8d7d81dfd2a55f18eb3c954dfe7e606a7d9ab30188054fc1cc0398
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc1fc8840643649aa9a1681e447b699492f9e099e089d351666f881fd524cde2
bebd2370c21138168750a107504b2ce895f62aa2e80565a964ac3f0d1eef6429
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
bfdda5fcf771774c1a0398c608027360bbfc8f6e8587db41bd2bf4fccef77aa5
c3f1e4144c0fc9a0638f42d5d6c9875ae6768680a7f2ffa5ef449ccdf25fe436
cc1c81fe11d1bd086d5a8708d4aa0c22c4f7679e06de4e5ae97be8cfac8bef0a
cc60db883ccba2637578982f02724176b1d5e4fd0b280351b8e747a1bf4a5471
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce4d5bc274d7e6603422b94484be38cd0f5943f04675afd4d15c0c6366181c96
d3dd48d0bae850cd0ce6cb4c6a099cf49c34de7eb817798816e617eddb4915fc
d9fab7922264ea50220e264de4d91e57cfee55c70333815f6c2d0eaab807300b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fc28a845d8b8a279c9c867cb86cee52b6ddf9df67f91b0c6a15513848fdb29
e63aec74591d1747b862e4468fdaf30c7d3714ef7aafd87493ce690764098edb
f243ab2f79e534a60268621f5fd7bfb5e846beddf2fd019a05dea1aa24f3039d
f9be6b57b7810bdda8f895b2c7345260dd0bf7f7b982922164b189f0406df794

www.anrfactory.com Open in urlscan Pro 2606:4700:3034::6815:5e97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

97 %HTTPS

94 %IPv6

13 Domains

18 Subdomains

19 IPs

4 Countries

1653 kBTransfer

4281 kBSize

11 Cookies

15 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.anrfactory.com Open in urlscan Pro
2606:4700:3034::6815:5e97 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

97 %
HTTPS

94 %
IPv6

13
Domains

18
Subdomains

19
IPs

4
Countries

1653 kB
Transfer

4281 kB
Size

11
Cookies

92 HTTP transactions
17 data transactions