m.focus-news.net Open in urlscan Pro
213.91.198.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://m.focus-news.net/?action=scandal&id=5148
Submission Tags: falconsandbox
Submission: On July 22 via api (July 22nd 2022, 4:43:41 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 13 domains to perform 60 HTTP transactions. The main IP is 213.91.198.5, located in Bolyarovo, Bulgaria and belongs to FOCUS-NUNTI, BG. The main domain is m.focus-news.net.

This is the only time m.focus-news.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	213.91.198.5 213.91.198.5	34653 (FOCUS-NUNTI) (FOCUS-NUNTI)
4	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
5	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	213.91.198.26 213.91.198.26	34653 (FOCUS-NUNTI) (FOCUS-NUNTI)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:805::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:65::7	15169 (GOOGLE) (GOOGLE)
60	22

8 213.91.198.5 (Bolyarovo, Bulgaria)

ASN34653 (FOCUS-NUNTI, BG)
PTR: gate.focus-news.net

m.focus-news.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.focus-news.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.91.198.26 (Bolyarovo, Bulgaria)

ASN34653 (FOCUS-NUNTI, BG)
PTR: ads2.focus-news.net

ads2.focus-news.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:65::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nz7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	244 KB
11	focus-news.net m.focus-news.net images.focus-news.net ads2.focus-news.net	273 KB
5	gstatic.com csi.gstatic.com fonts.gstatic.com	41 KB
5	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4002	62 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 bid.g.doubleclick.net — Cisco Umbrella Rank: 463	38 KB
4	jquery.com code.jquery.com — Cisco Umbrella Rank: 613	119 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 902 r2---sn-4g5e6nz7.c.2mdn.net — Cisco Umbrella Rank: 878914	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72 imasdk.googleapis.com — Cisco Umbrella Rank: 434	127 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 96	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5701 adservice.google.de — Cisco Umbrella Rank: 8252	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	87 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	649 B
60	13

	Domain	Requested by
9	pagead2.googlesyndication.com	ads2.focus-news.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	m.focus-news.net	m.focus-news.net
5	static.addtoany.com	m.focus-news.net static.addtoany.com
4	code.jquery.com	m.focus-news.net code.jquery.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ads2.focus-news.net	m.focus-news.net ads2.focus-news.net
2	r2---sn-4g5e6nz7.c.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	m.focus-news.net tpc.googlesyndication.com
2	www.google-analytics.com	m.focus-news.net www.google-analytics.com
2	connect.facebook.net	m.focus-news.net connect.facebook.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	m.focus-news.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	images.focus-news.net	m.focus-news.net
60	23

This site contains links to these domains. Also see Links.

Domain
www.focus-news.net
www.addtoany.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-01` - `2022-07-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-07-12` - `2022-09-20`	2 months	crt.sh

This page contains 7 frames:

Primary Page: http://m.focus-news.net/?action=scandal&id=5148
Frame ID: A07883277CBEFCA4F8B0A18FE72238A3
Requests: 27 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: FF6681C1FA875F028D0664F90910C31E
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 62A7C94DF461AB3BF886516E627609D9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6558187838193851&output=html&h=250&slotname=8097016331&adk=3533798206&adf=3383700276&pi=t.ma~as.8097016331&w=300&url=http%3A%2F%2Fm.focus-news.net%2F&ea=0&wgl=1&dt=1658508216068&bpp=16&bdt=56&idt=115&shv=r20220721&mjsv=m202207180101&ptt=5&saldr=sa&correlator=6293448478176&frm=23&ife=1&pv=2&ga_vid=2050751511.1658508216&ga_sid=1658508216&ga_hid=790660311&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=666&ady=15029&biw=1600&bih=1200&isw=300&ish=250&ifk=2563099736&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C42531605%2C31064019&oid=2&pvsid=609186490503034&uas=0&nvt=1&top=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bssdkr2zrpza&btvi=1&fsb=1&dtd=132
Frame ID: 48B72BCCEAC72C3CD341786CFA13008E
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D1A5EBBD5C0BBD2B7ABD3F8832A62E3C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C63C277154BC72821F3202E181488875
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 292F44933E21C1B58DF392775BB77482
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Предизборният сезон е открит

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

68 %
HTTPS

82 %
IPv6

13
Domains

23
Subdomains

22
IPs

6
Countries

1015 kB
Transfer

2742 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.focus-news.net/?full=1
Title: Към пълната версия

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://connect.facebook.net/bg_BG/sdk.js HTTP 307
https://connect.facebook.net/bg_BG/sdk.js

Request Chain 13

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 49

https://gcdn.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4324AE467A69BD685D722AA0FE3F21FBB775B300.9D036C84C4612A9AA5955E93B474F69D64F3827C/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11750688F8D7B4797E13D97CFBF64CEC6DAD4779.4AA9F973C1115A00CE47FCE986AFFA6D4EF136A9/key/cms1/cms_redirect/yes/mh/n_/mip/2001:ac8:20:272::2e/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1658507811/mv/m/mvi/2/pl/53/file/file.mp4

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
m.focus-news.net/ 164 KB
164 KB 174ms
49ms Document
text/html 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: 6c9a6c0504eabbdaa1b8cf6d6ea6cb0f87f4489ebb0e657dae334eb90b51339a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html
Date: Fri, 22 Jul 2022 16:43:35 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK jquery.mobile-1.4.5.min.css
code.jquery.com/mobile/1.4.5/ 203 KB
25 KB 37ms
7ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:54 GMT
Server: nginx
ETag: W/"611feaca-32a69"
Vary: Accept-Encoding
X-HW: 1658508215.dop237.fr8.t,1658508215.cds052.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24849

GET
H/1.1 200
OK jquery.bxslider.css
m.focus-news.net/css/ 4 KB
4 KB 82ms
41ms Stylesheet
text/css 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://m.focus-news.net/css/jquery.bxslider.css
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: b457c5f4846dc7fe3b6edf3a457cab514f906f917085aa4ccd6eea23e51df1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/?action=scandal&id=5148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Mon, 26 Jan 2015 15:49:43 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 4040
Content-Type: text/css

GET
H/1.1 200
OK style.css
m.focus-news.net/ 16 KB
16 KB 82ms
41ms Stylesheet
text/css 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://m.focus-news.net/style.css?t=0.01
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: 5617a6f03d29a1bac2c8889e96d5e62b9ffc552447f4ff87af6507d2e9306ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/?action=scandal&id=5148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Thu, 27 Jul 2017 08:44:26 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 16384
Content-Type: text/css

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
code.jquery.com/ 94 KB
33 KB 39ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
ETag: W/"28feccc0-1762a"
Vary: Accept-Encoding
X-HW: 1658508215.dop003.fr8.t,1658508215.cds148.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33202

GET
H/1.1 200
OK jquery.mobile-1.4.5.min.js Show response
code.jquery.com/mobile/1.4.5/ 195 KB
55 KB 38ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.js
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:54 GMT
Server: nginx
ETag: W/"611feaca-30dcf"
Vary: Accept-Encoding
X-HW: 1658508215.dop234.fr8.t,1658508215.cds252.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 55438

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
m.focus-news.net/js/ 19 KB
19 KB 81ms
40ms Script
application/x-javascript 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://m.focus-news.net/js/jquery.bxslider.min.js
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: 7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/?action=scandal&id=5148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Mon, 26 Jan 2015 15:49:43 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 19368
Content-Type: application/x-javascript

GET
H/1.1 200
OK main.js Show response
m.focus-news.net/ 9 KB
9 KB 80ms
40ms Script
application/x-javascript 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://m.focus-news.net/main.js?t=0.01
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: 7c7393b418eebbffa5c2b42d70f95ccbed66d5fb9660e270362339a393a3fc96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/?action=scandal&id=5148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Mon, 26 Jan 2015 15:44:12 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 9337
Content-Type: application/x-javascript

GET
H/1.1 200
OK custom-radio-icon.gif
m.focus-news.net/img/sys/ 476 B
680 B 82ms
41ms Image
image/gif 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://m.focus-news.net/img/sys/custom-radio-icon.gif
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: 7871d47da2946eb245812c3f045780907bf7492222beb8fa047d319315060de4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/?action=scandal&id=5148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Mon, 26 Jan 2015 15:44:09 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 476
Content-Type: image/gif

GET
H/1.1 200
OK e60fdb0faf03b94ef6696f4508343052.jpg
images.focus-news.net/ 23 KB
23 KB 119ms
40ms Image
image/jpeg 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.focus-news.net/e60fdb0faf03b94ef6696f4508343052.jpg
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: bd759ee5d41f2dfe03bdcb8bee9cb0f96af72548dcc2aa7150711ab09de2d9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Sun, 09 Oct 2011 08:30:47 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 23509
Content-Type: image/jpeg

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 644 B
806 B 71ms
28ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6da69aa5e819334813dcd4d8a58b112912ca889bc35636a24876841d9f4c0ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:35 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 132184
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 03:56:13 GMT
server: cloudflare
etag: W/"284-5e448b2e251f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 72eda2dbab1b01db-ZRH
cf-bgj: minify

GET
H2

200

sdk.js Show response
connect.facebook.net/bg_BG/
Redirect Chain

http://connect.facebook.net/bg_BG/sdk.js
https://connect.facebook.net/bg_BG/sdk.js

3 KB
2 KB

37ms
10ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js

Requested by

Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148

Protocol

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0ec84c18ea788cd0ae7b3de9ba9dbd117bdd68b273b8e6a6c04d5bf820c0d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5agd3hNIkatSi0LzKZgHSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 22 Jul 2022 16:45:13 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: FBBlqpdRa+PGT4WXUUyn+P+FZ5219JWDd8+UoD4AABOV1+31Kl59X1vnD3V5PEhWgpo+B8bGuvTpJERwN7oefA==
x-fb-trip-id: 686109401
x-fb-content-md5: ea4fc1c363fd601cd1d4ffaf55a01dd6
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 16:43:35 GMT
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7772843204c88f8c2b1b43b3ab660e65"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/bg_BG/sdk.js#xfbml=1&appId=466381163440913&version=v2.0
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 sdk.js Show response
connect.facebook.net/bg_BG/ 294 KB
84 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js?hash=3d132e4d327355892550022e7b5d0b1e

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/bg_BG/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8ea7aa2967136bce0f46483bf69d37bf8abe2f386d11555ca802a49eaef8c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://m.focus-news.net/
Origin: http://m.focus-news.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dTMoeOjdkJAIvP7Oo+kHEQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 22 Jul 2023 14:45:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86110
x-fb-rlafr: 0
x-fb-debug: rYQbqnUnqIMtr4Ra49YdV1SWD7F+OY4sCj/aUvV25cc7ia1af9dgvtTSFi06z+GnhMaZACvlY9IsEAVz0MMlMw==
x-fb-content-md5: 37c8c3ca630620c776e61c6d07440f2d
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 16:43:35 GMT
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8ce423fb6add230f35c4d581b7b8c269"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK asyncjs.php Show response
ads2.focus-news.net/adnetwork/www/delivery/ 17 KB
17 KB 134ms
48ms Script
text/javascript 213.91.198.26
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://ads2.focus-news.net/adnetwork/www/delivery/asyncjs.php
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148
Protocol: HTTP/1.1
Server: 213.91.198.26 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: ads2.focus-news.net
Software: nginx/1.8.0 / PHP/5.6.14
Resource Hash: 6bead760223b43f236f5ea287299403f28978fcb85096617ebaf77f71f51c491

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:30:41 GMT
ETag: 7f68696ffbe75fafcd11bbda97cbeb89
Server: nginx/1.8.0
X-Powered-By: PHP/5.6.14
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expire: Fri, 22 Jul 2022 17:30:41 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

80ms
8ms

Script
text/javascript

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148

Protocol

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6095
date: Fri, 22 Jul 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Jul 2022 17:02:00 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK ajax-loader.gif
code.jquery.com/mobile/1.4.5/images/ 6 KB
6 KB 9ms
9ms Image
image/gif 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://code.jquery.com/mobile/1.4.5/images/ajax-loader.gif
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Fri, 20 Aug 2021 17:47:54 GMT
Server: nginx
ETag: "611feaca-1862"
X-HW: 1658508215.dop234.fr8.t,1658508215.cds142.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6242

GET
H/1.1 200
OK sprites.png
m.focus-news.net/img/ 17 KB
17 KB 81ms
40ms Image
image/png 213.91.198.5
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://m.focus-news.net/img/sprites.png
Requested by: Host: m.focus-news.net
URL: http://m.focus-news.net/style.css?t=0.01
Protocol: HTTP/1.1
Server: 213.91.198.5 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: gate.focus-news.net
Software: nginx /
Resource Hash: 4a1ce1c2846438a4a8e9a960609c12579fa6562ac3166396db5f2cdb4a544565

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/style.css?t=0.01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:35 GMT
Last-Modified: Mon, 26 Jan 2015 15:44:09 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 17369
Content-Type: image/png

GET
DATA 200
OK truncated
/ 578 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f8f520c8876a74eb54f59706270c0246cd7a2264372c926dc496397222fe06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://code.jquery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 core.aba90b1c.js Show response
static.addtoany.com/menu/modules/ 72 KB
26 KB 93ms
43ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.aba90b1c.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c65b1c9e27a3f16dc317b838240d4fff2d9aefe1c20dd4cc0bd1d6071dcee309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.focus-news.net/
Origin: http://m.focus-news.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:35 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95410
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 03:56:12 GMT
server: cloudflare
etag: W/"120ec-5e448b2d021b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 72eda2dc898d01f0-ZRH
cf-bgj: minify

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1578844706&t=pageview&_s=1&dl=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B5%D0%B4%D0%B8%D0%B7%D0%B1%D0%BE%D1%80%D0%BD%D0%B8%D1%8F%D1%82%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B5%20%D0%BE%D1%82%D0%BA%D1%80%D0%B8%D1%82&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=797254784&gjid=666333868&cid=2050751511.1658508216&tid=UA-7038211-1&_gid=895811518.1658508216&_r=1&_slc=1&z=2089344797

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.focus-news.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://m.focus-news.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7038211-1&cid=2050751511.1658508216&jid=797254784&gjid=666333868&_gid=895811518.1658508216&_u=IEBAAEAAAAAAAC~&z=978569316

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.focus-news.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Jul 2022 16:43:35 GMT
content-type: text/plain
access-control-allow-origin: http://m.focus-news.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg.js Show response
static.addtoany.com/menu/locale/ 3 KB
1 KB 67ms
46ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/locale/bg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.aba90b1c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc0de7183618d4462178b3cc3ab2c5e62c87e899fe755892f0e027c84b9a39b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:35 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 293441
cf-polished: origSize=2769
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Dec 2020 22:38:34 GMT
server: cloudflare
etag: W/"ad1-5b623d60a0836"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
cf-ray: 72eda2dd0d4e2325-ZRH
cf-bgj: minify

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame FF66 741 B
784 B 58ms
44ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.aba90b1c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.focus-news.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1953241
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 72eda2dd0d512325-ZRH
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 16:43:35 GMT
etag: W/"2e5-5cc9e128a4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 37ms
29ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.aba90b1c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:35 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21979786
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 72eda2dd0d532325-ZRH
cf-bgj: minify

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 63ms
33ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7038211-1&cid=2050751511.1658508216&jid=797254784&_u=IEBAAEAAAAAAAC~&z=1129797309

Requested by

Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
30ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7038211-1&cid=2050751511.1658508216&jid=797254784&_u=IEBAAEAAAAAAAC~&z=1129797309

Requested by

Host: m.focus-news.net
URL: http://m.focus-news.net/?action=scandal&id=5148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK asyncspc.php Show response
ads2.focus-news.net/adnetwork/www/delivery/ 899 B
1 KB 51ms
51ms XHR
application/json 213.91.198.26
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to

Full URL: http://ads2.focus-news.net/adnetwork/www/delivery/asyncspc.php?zones=15&prefix=revive-0-&loc=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148
Requested by: Host: ads2.focus-news.net
URL: http://ads2.focus-news.net/adnetwork/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 213.91.198.26 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: ads2.focus-news.net
Software: nginx/1.8.0 / PHP/5.6.14
Resource Hash: 3970c6cf4ad3a4cefd44c5d0564963225a6422639ce28ba29a833349a67cc88d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 16:30:41 GMT
Server: nginx/1.8.0
X-Powered-By: PHP/5.6.14
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: http://m.focus-news.net
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 62A7 100 KB
35 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads2.focus-news.net
URL: http://ads2.focus-news.net/adnetwork/www/delivery/asyncjs.php

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc49d47395d75c7d01c7188eaed9d0890660ae106c77032c1f77477b56e00138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 22 Jul 2022 16:43:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16363468224934134816
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35705
X-XSS-Protection: 0
Expires: Fri, 22 Jul 2022 16:43:36 GMT

GET
H/1.1 200
OK lg.php
ads2.focus-news.net/adnetwork/www/delivery/ Frame 62A7 43 B
499 B 51ms
50ms Image
image/gif 213.91.198.26
FOCUS-NUNTI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads2.focus-news.net/adnetwork/www/delivery/lg.php?bannerid=34&campaignid=33&zoneid=15&loc=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148&cb=81141866d3
Requested by: Host: ads2.focus-news.net
URL: http://ads2.focus-news.net/adnetwork/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 213.91.198.26 Bolyarovo, Bulgaria, ASN34653 (FOCUS-NUNTI, BG),
Reverse DNS: ads2.focus-news.net
Software: nginx/1.8.0 / PHP/5.6.14
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 16:30:41 GMT
Server: nginx/1.8.0
X-Powered-By: PHP/5.6.14
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207180101/ Frame 62A7 338 KB
120 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6558187838193851&plah=m.focus-news.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f7e4a8372755d1c7cbcf273bd21a5faa9e8a65e1ac2042a2f5cf8c79a2d684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121832
x-xss-protection: 0
server: cafe
etag: 12379672464146449092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:43:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 62A7 218 B
649 B 313ms
39ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=m.focus-news.net&callback=_gfp_s_&client=ca-pub-6558187838193851

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6558187838193851&plah=m.focus-news.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

87131b3ad9c5182caee4bb6895d29405bad42fe7b6b4f478097ebf939afaf53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 62A7 107 B
792 B 39ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.focus-news.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 62A7 107 B
549 B 47ms
19ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.focus-news.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48B7 69 KB
22 KB 422ms
394ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6558187838193851&output=html&h=250&slotname=8097016331&adk=3533798206&adf=3383700276&pi=t.ma~as.8097016331&w=300&url=http%3A%2F%2Fm.focus-news.net%2F&ea=0&wgl=1&dt=1658508216068&bpp=16&bdt=56&idt=115&shv=r20220721&mjsv=m202207180101&ptt=5&saldr=sa&correlator=6293448478176&frm=23&ife=1&pv=2&ga_vid=2050751511.1658508216&ga_sid=1658508216&ga_hid=790660311&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=666&ady=15029&biw=1600&bih=1200&isw=300&ish=250&ifk=2563099736&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C42531605%2C31064019&oid=2&pvsid=609186490503034&uas=0&nvt=1&top=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bssdkr2zrpza&btvi=1&fsb=1&dtd=132

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0b4bc1ef119c2a180a779fb15c4348a4e307ec6573a3f5c95a878994115a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.focus-news.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22223
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 16:43:36 GMT
expires: Fri, 22 Jul 2022 16:43:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 48B7 21 KB
9 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6558187838193851&output=html&h=250&slotname=8097016331&adk=3533798206&adf=3383700276&pi=t.ma~as.8097016331&w=300&url=http%3A%2F%2Fm.focus-news.net%2F&ea=0&wgl=1&dt=1658508216068&bpp=16&bdt=56&idt=115&shv=r20220721&mjsv=m202207180101&ptt=5&saldr=sa&correlator=6293448478176&frm=23&ife=1&pv=2&ga_vid=2050751511.1658508216&ga_sid=1658508216&ga_hid=790660311&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=666&ady=15029&biw=1600&bih=1200&isw=300&ish=250&ifk=2563099736&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C42531605%2C31064019&oid=2&pvsid=609186490503034&uas=0&nvt=1&top=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bssdkr2zrpza&btvi=1&fsb=1&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 16:39:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 48B7 8 KB
1 KB 48ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 15:20:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 16:43:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Jul 2022 16:43:36 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/ Frame 48B7 14 KB
3 KB 34ms
7ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 12:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 10:40:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 12:49:22 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/ Frame 48B7 354 KB
123 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd0fc1a1e24ea9d6276ed56bab380d668444c7897550335fa11f43845baac20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 12:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125543
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 10:40:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 12:49:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 48B7 17 KB
7 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 15:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 15:44:51 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 48B7 0
327 B 136ms
44ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~l5woyy6a&c=7921320302672&slotId=3960660151336&qqid=CNjQ2Mj4jPkCFf3Huwgd1oAPDg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48B7 9 KB
10 KB 48ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 332033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 20:29:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48B7 15 KB
16 KB 40ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 201527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:44:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48B7 15 KB
15 KB 40ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 117705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 08:01:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48B7 0
20 B 61ms
42ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CZL66uNPaYtiUD_2P7_UP1oG-cMa91pdr2My4rIgQ_9GivcABEAEgmqPdFWCV4pCCoAegAZmWuOIoyAEFqQJ5kRlB8jxuPqgDAcgDmwSqBPQBT9BoxFPHPKAtjZkC-vGkr0fj-iDYYb2or0_BMPGHCN79VE248-z_bCyaMOoCIuFNTPxPsq0DcneN7Rsjlc6YGZXKF-KNC9rzpaWy8giw-7j61pnQAW73OQwFsE-Fbkm75NUDtD92oqtRbiN0GboXUfyiiMOqM12CEzVz6wNSAGJDnpkg26smV7GWmWIx2qhwSytscYiFlz1bDe80frn40LrORydjHck8fEqZMCoJPpzTT9LO8QYwRth4flOMfvSpadoO2SVpygfxIM7sDURMAywBwwVUKJ1MR4cPKztYWIfMc-te1yo3LGu0VA-KvkYBgj07tcAE4OHjsocE4AQDkAYBoAZ2gAeZzojCA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT4NfuD8gThobw4APQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1658508216714&ai=CZL66uNPaYtiUD_2P7_UP1oG-cMa91pdr2My4rIgQ_9GivcABEAEgmqPdFWCV4pCCoAegAZmWuOIoyAEFqQJ5kRlB8jxuPqgDAcgDmwSqBPQBT9BoxFPHPKAtjZkC-vGkr0fj-iDYYb2or0_BMPGHCN79VE248-z_bCyaMOoCIuFNTPxPsq0DcneN7Rsjlc6YGZXKF-KNC9rzpaWy8giw-7j61pnQAW73OQwFsE-Fbkm75NUDtD92oqtRbiN0GboXUfyiiMOqM12CEzVz6wNSAGJDnpkg26smV7GWmWIx2qhwSytscYiFlz1bDe80frn40LrORydjHck8fEqZMCoJPpzTT9LO8QYwRth4flOMfvSpadoO2SVpygfxIM7sDURMAywBwwVUKJ1MR4cPKztYWIfMc-te1yo3LGu0VA-KvkYBgj07tcAE4OHjsocE4AQDkAYBoAZ2gAeZzojCA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT4NfuD8gThobw4APQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 48B7 26 KB
16 KB 104ms
49ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BLJ3no2MQeb0rGfoi-NI6wIkmw0T8UKdRKwF5Dm7GgoYTZAMBrx46xfEt6RlZbOfIMXNvIQ8HiaXjFHKUZoveaNtwGdA&cry=1&dbm_d=AKAmf-BxyCGuHVjTwJDkdCxpyLZtLvYDtKBng0NAD-d9U82rxd3RMKaThofLrioyKjlx-0Y-ANJa_JpSVbLwN6QWKo26etVKOC2J-EbTnz_E8vCuL_Xc73-bZNLO5hD2OTVtAGRrTYiC5zN2Zair0G49DvrMY_PaQCVreV03tf4GKedleDtIguC5RuU4igrahdFtAUdmkf7tE1TDCXUinAfRNY6L48xvS41oa_EkoppMGNqGlOCjPd18HX05YqnRh_9VtysOnZv1--BwYzv_8sgD15S-H5l1n3-GpmQrRANL66Wpnc9PelIv9lzlij7m6x-572s4wROOaM_KVkHo0p3RaPbaH3EnhTGckQ55QuGOiHh7BpDP3CP_zHndx-yZ2LEqqRSqmBHh79E6jymBeKImah07aFTpFjt3sfxy-2xj-TBzZlFXCT6TyYcbeFZ8aidTmHzoXVNa-56tj_e4hho6b-8chNhGlp8WUhW-TxOwBTEGCzuwVXImASoriF02XA_5fY9s80Esb9z5GaJNC-967N8Kgb0IrJAkSvq3ierLwhjdGgWn4KYpwQ6Hv2Yt9hDOKdBWVWoCpnrhTkws6bq6AfG1tMz1fA4B65A6yACv5E_vHisTOgWeFL5eLkfBNhwHX5N-yx06AhB3ojz3TIGeaAb2MJP8FPt83c7LyfrNLMcnWf0M0_eDDsWsks9BbxA3NaSzaRDYaTYONVJxEVdGhF5meEH00Z5HKzwWuV-BYIAUETLMcQmMZO3IxToS_KknO-W3wFozZ1A1nYO74SjJeqcBjgzfXW5MuRDbyAZJZii8fttVV7sSF-tCKJZbqLN2BB12_SCsBbEVbT_BJw_8QNYX9ZSYfhpg-0y2I-_1lQO2AROmMklIG2EzE-NXJY2eX9fPdMEwYcZ6ioDe3XvPSb4ADnLgEHSKim7mIm2kYHsbJ3Aip1sdXtf0siV6xX3mgh7O_5t9plcjvsf8CK4-Ma3HSfgWEax9w2HSrnND1aEHvxOAC2JtV4FpZIfOH5Q-_drBM49gsVwOSwRx1gsRfa0NLCPjChjK5bD8irRH_qGNKdfgy4-QZuqwWwFJoEV-zGM1DM0lArdJ3A-d2PmYgqV-ObzeEgAzvLveW-jc12zMTimD2RnpyD2Qldn3JMDtnvtNTIKUmJera901kLiLGSXGfwVTPWnn_OLKbH7qBlC5Onx87W89qMYzbtkEVmKwhoPqH7DABtWd8GBn95Slga-wOiIDqHoKIVrvSo-puwS8MwGa1FhtYn2IyC0vknu0-Oefoez-quaiV986djpkhc57Q0PUe8xKfg_5cV2fmmYKx7c_ZSYkhWEShAiClq-T97fpcXjIW8fP3F8VC9osBkjcyKw1Wxy7B7d2N2YyUAZ2j0Njb2tN6hqGDGWYMVBHco7kBz9mz7xrkfTJjpxdD1AFdX0Nx2NlPnn3UUSbAFBZpwOYHctE8Y1rREdEdYySsWEpI_j1cDR7CsGukcuGu_vV_3orJQqY8lTGSlR5ycXRZpO4G7DEnRPVzcFHEh3M59Shx4_8LBHk9NDcZ8R5lCnfFwxyb_JVsNEV3XcZviXLSUPas663x_RVZXyy1EIxbafyttNFG-nz4dCNQ1GQx2dFgllQCnlVtrzwuTFv5QmBqQVVcrJVOWDnx5QETOvlbzmDNeZwNgKvbboPguQcWporFqFPO54Nps_zSHZjEuNMukK3As59BuOd4owbPP_yg4Qm4FEwjyAQX5ITqz8kLXEVhVzwrLUtM4FBwX1RP49Ggzet3M9AqsmGs5yyB_DlYbA6lbnIQZJ6MgqsPBUOVC6sRmQdKRVrLGvNCKDFyDCGG9Yiw6ArbI8pfbPJkL2ugX2XkSCpFvcgShppBD2n0jRgCW6jn2ERSv1M_29c3d1lPachB_M_5zlMe2zDpV9g0bu3nVHwNYgJfOc5NSNM0cs6UUJmV_3b4LGmLoeKVZia8Nve1Tr2-LeWboxpyhQks3d0HY-ePs0lk9-KEF2cwVAqpu3103WnY6HAavP5yRPHIsDUIuPULDyXi0trAjM8AptoL2jwSDxvO2mOdXtro-vtOFYVScUgx_V9S6GobByAkKHl2UvXpMyijcxmLjHeJ_-iuxtmJvRTuJpJoyRZQCTErbVtdXriadHrw37Z4_tGOqBIjDFPbpU_ZSpr6KGOoia2Io6l38J0SSckiVk1H7-skd598fumlt1R4KXC95AKxlW7EWEIQilvpUjxmbcDIHlir8NGWP0EJx4XLqMRrFzg8B1EO1idlZXZynpR1LoHnUY9hxLmL3VlPELc2s_KamlD21E8Z9vrxgU_B49Bm56OxW4dQyoDoFAlMN8HRR1ojzuWhhn_Oan3ekb7wJlCpuaiOG-t0zo6Z-ZfyfT3NxTcEUVsGWXoQLNXDgK3dfj1drb8-UB98wQW-99DqYO9mGVJnseSz8Kx270AQNXYO-ZmZSEEIHxNzzbMhvJOB9JhVqFnRV6vcMisJPrms3N8GvZ3HgVHSc5INf--DWrzQI2SQFxatx3Qhk7BIT1aCjyMZr97WdSXQ19l9v7yK167s6zRZ1wX0cKGplqT2W-m-VLy_K8hhMz1oeKn8CWl2j22rkd7AEryymi9oLBUL0xqBNs3aRGxC7mQnL9GIIN_b_fvRxaXFIrrZcQvlOWFPyJWOyg2ULDk0mQJ8rK6ocQBbg7QoaiYJr6aSA_4m1FyFJwI6QSDhkBhMTKbgGZXOLeF_FZS1f32viwctXht1AzUhBNZB8bhzJfNDk6LZxoIGtsVKryZBmJ9hrQaRb-BrKjxGdu1XjC0PdiEn2fK78e9DfIxpLGG-F5zseTKRF2y-4Aah3DpzjsekvDAc9e0dZ3kliGpHIXpRKwFJJf3D9LqcQD4GpuCuRjnPhtkCwa02Hz_Cp1IKZoEqwRrTqDjnr8MHMj0fyChcXJWMIHARU2N6WmlHVoggjEA5D631ymerGug6tMnVKGUUc6grAaFvHJJ21Rw3YIleZpE62DYRWYIhqA4zpjfPmZ-DIKHef8rz0wSlz9afVlpT1bcYcJHW1ANs79935SCmjw2ftZ5Rcdx7C7a57e3HipqO_3jM0czA9TULRae0IAcT1Pk_d6VkQSi9bOGBHx1UF2qFD7r9BMXGkxiVQ74tjyuJ3_tQrbJTXiQe0zoQRIAaZZsm2JpUQIpkU7KLMf2F5bCVO1QGB9OITrXVBmKv6u1Cvi-XUhyW4cIlk-vBkMwYUh0K3JUjJlzn4mjprgaGrca80c0Dv7CjV6N1d01OVaKWunLxrnZVAqKJkfUr4Y3iPM0Qdxx67oh_ooSHa531EFXixI_Lu9GBjwoKEwy&cid=CAASBORoVPc&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

6788cbd05ea56e513180eae31ca541d6bdbd31b6ba11cf63d49dc865bad66d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15245
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 48B7 0
0 62ms
45ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COBbCuNPaYtiUD_2P7_UP1oG-cMa91pdr2My4rIgQ_9GivcABEAEgmqPdFWCV4pCCoAegAZmWuOIoyAEFqQJ5kRlB8jxuPqgDAaoE8QFP0GjEU8c8oC2NmQL68aSvR-P6INhhvaivT8Ew8YcI3v1UTbjz7P9sLJow6gIi4U1M_E-yrQNyd43tGyOVzpgZlcoX4o0L2vOlpbLyCLD7uPrWmdABbvc5DAWwT4VuSbvk1QO0P3aiq1FuI3QZuhdR_KKIw6ozXYITNXPrA1IAYkOemSDbqyZXsZaZYjHaqHBLK2xxiIWXPVsN7zR-ufjQus5HJ2MdyTx8SpkwKgk-nNNP0s7xBmhHQgp2UXRMZkmYOV4ExmxjvomJd9no_3nmvxjdD4IhtFTwMq5TksOXkOJrEaB0H9K1pKN4F2h6vVFfwATg4eOyhwTgBAOIBayO44lCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeZzojCA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEPavAxiA8o3PAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPg1-4PyBOGhvDgA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi02NTU4MTg3ODM4MTkzODUxGAA&sigh=IzxMkcUvw38&uach_m=[UACH]&cid=CAQSGwCNIrLMi6CvTBxsIy_Wm1MBr-AxrzRRgmzMSw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6558187838193851&output=html&h=250&slotname=8097016331&adk=3533798206&adf=3383700276&pi=t.ma~as.8097016331&w=300&url=http%3A%2F%2Fm.focus-news.net%2F&ea=0&wgl=1&dt=1658508216068&bpp=16&bdt=56&idt=115&shv=r20220721&mjsv=m202207180101&ptt=5&saldr=sa&correlator=6293448478176&frm=23&ife=1&pv=2&ga_vid=2050751511.1658508216&ga_sid=1658508216&ga_hid=790660311&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=666&ady=15029&biw=1600&bih=1200&isw=300&ish=250&ifk=2563099736&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C42531605%2C31064019&oid=2&pvsid=609186490503034&uas=0&nvt=1&top=http%3A%2F%2Fm.focus-news.net%2F%3Faction%3Dscandal%26id%3D5148&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bssdkr2zrpza&btvi=1&fsb=1&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 22 Jul 2022 16:43:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Jul 2022 16:43:36 GMT

GET
DATA 200
OK truncated
/ Frame 48B7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5afa576d70448cb99b9441f06c9b38ecf712fd9605768cca22ea1a12ec81112

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62A7 14 KB
11 KB 51ms
35ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc0746fd335f86402a6ac473330312c858cffdca93caf31ce45f09f593ed3d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10890
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 48B7 41 KB
15 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:58:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 48B7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

58ms
7ms

Fetch
video/mp4

2a00:1450:4001:65::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11750688F8D7B4797E13D97CFBF64CEC6DAD4779.4AA9F973C1115A00CE47FCE986AFFA6D4EF136A9/key/cms1/cms_redirect/yes/mh/n_/mip/2001:ac8:20:272::2e/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1658507811/mv/m/mvi/2/pl/53/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:65::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:43:36 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4134825
Last-Modified: Wed, 13 Jul 2022 14:40:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 22 Jul 2022 16:43:36 GMT

Redirect headers

date: Fri, 22 Jul 2022 16:43:36 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11750688F8D7B4797E13D97CFBF64CEC6DAD4779.4AA9F973C1115A00CE47FCE986AFFA6D4EF136A9/key/cms1/cms_redirect/yes/mh/n_/mip/2001:ac8:20:272::2e/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1658507811/mv/m/mvi/2/pl/53/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62A7 17 KB
6 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:43:36 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D1A5 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 168835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 17:49:41 GMT
expires: Thu, 20 Jul 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C63C 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.focus-news.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 15:08:00 GMT
expires: Sat, 22 Jul 2023 15:08:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 292F 783 B
536 B 41ms
24ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b52805f929352d230345918c4a09a626e172f312afe419cbb0df3d32554296fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lx-UNnc9gHDNW64qB_Z2gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://m.focus-news.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lx-UNnc9gHDNW64qB_Z2gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 16:43:36 GMT
expires: Fri, 22 Jul 2022 16:43:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame D1A5 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 13:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 13:36:31 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame C63C 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 13:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 13:36:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 292F 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=609186490503034&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 206 file.mp4
r2---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/4c789bc3ee5bc97f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1690044216/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 48B7 306 KB
0 19ms
7ms Media
video/mp4 2a00:1450:4001:65::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 22 Jul 2022 16:43:37 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4134824/4134825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4134825
expires: Fri, 22 Jul 2022 16:43:37 GMT
last-modified: Wed, 13 Jul 2022 14:40:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C63C 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6dgJGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:43:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A5 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B7FH0uNPaYr7rMJbqzAaQ4JDgAgAAAAA4AeAEAg&bg=!ra6lrurNAAacadVKvGk7ACkAdvg8WmxYLyptSOiXYzM5pTwDPBwVEvNb2FEhTI2qUTzDBpiYU3eZFQIAAABrUgAAAAFoAQeZAtQ7f91fraZe16NEVvNxxWWb7OtjaxJqzcSsYNM_iUH5C9cmUE2ZaG223iox9D26fanbHZrltNJN9J5Tv3TcXibf9pCGbq_Cpm7PsUw7gFjX4LMkZuUHX_ExpFkMA8QofcxrKQaw4qRywbdLmIsHb35BCOB-2ezUFiV9V7_0j_tU8-wizJKvCY5H-_qlru9y0cCfJ1nUW4imMYdoUuFBF0GapRtndM-3gwNeZv3iRfVBDlt7Nly0O3Pt0cPGbnO6P0M6b2_FeqxxWHquYFqxdBzEKjQq92ypaZ9x-e7bv4dHViKzbsn2D3ktUsoezXyEFWlPXNF4AYB7O0car6B1YTYEUXAZtoytzoz300TGFqO2yw3o9ulZvN9kLdusD7Je0jUMY5LT8JwyQsyAjCIXzWrBAfXd_D1FsTKWsxvAjEaSqfDy7Yv5B9KZlEZnAHbZHVG2jO1ypTnqfG2bdi2XZTD6G0gVkn26-JDKYxwPXaKyce3qlsAGlTUpD0gFlRo8mwq0nydfYlRDcr6VWyEeD8TyjQnJApoMf4wd05PsWt01dpilB9BrZymUZQJ_R5QdaGKzadTTALO2XKCyLauBLBz4b6ceY6SIpUNQbut8kdhWV0gXVv2erAjH8t2GgEtPyIjmNw9zAlE2UbWg9yVZMg4uWIEP9lD8P-7oxaQoQUV03NdqwzhFHL8xsuud34wBfo7ZE76b4Fh0xSzkiNNwqzuYqCKOY34NoUwvQZ6gsQVNkenrEcAFWVX6Vh9gFThy2h1Lq_UPFfCdveCyKkigBPnKnVVJ22EcOV8ilTP7_35atIQ6_QzATxo2AZ0j-UyP7XKENZ8DGpRse8EhojH8PhLzyoR1N_KuvOeOoWkEm7MPRXuQmZXfMAPwF1eULsCti3dz6KOb_NeTpbECuU6ev7I426_lnhFSldE3AqHomkip34BiSfNP4SgLOgsSfTzczU7t4vkW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62A7 0
0 51ms
51ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=609186490503034&bg=!iomlic3NAAacadVKvGk7ACkAdvg8WhxA_keMjRu_S5Ohy6YKLKyo2bU789ljYYfGT4wmM943racUDQIAAABhUgAAAAJoAQeZArVDErvE4Mi2xegAtBt9o8ZxmTdhog2TJh3H6E0QPUFCSTvge6MM-xqg1keZfurZBV-W10MDViWNunAlUcQhgNZ-X1lxGkzALs6z3gLZFY-smLHb5u_06iSFRy24pJZit4ZNcoH6QR4UMbJJyQBoEMUtI5iQE5iDOXuqpE8ks4aF9pu850-hQ_tHBYpOH4n4LTFwy-rPJ-wqB3u6AJSdcbO1OREx9zFRLEEj0bYq-2weLGJDQwBANIVqRZjpzY9EoIxEaSJo-RHGs9O9cGcAaPCbKuG_Tdg02BjNJsGx0HniIDM-BR3z5TgAKFhipT8nnZUGqoVzUa4zUxtetSepu4ETlDhzs8qJZDI2_gQ7ga0_V3W2WzcGCJkKNDCWXj9nEACBRl4RJ-MLfzmdXGcKUxUxqcgV_AOYlWjezjv68OC3fTvS6KxIdU3ifd7FKmbESuGpn1qbM6MVE0g3xYSNAF3o882QgkJLUwptj3j9rjn4IqvNUOjasCa3Al_8JszcrJsE-G0gVaLSQhhuWFLfxr-pwYQTSvKnSVIBkAOiR4aX98S8zySMxSEZHkJGnBq7ehsEyBkOfKO8J3ajuewdYk_PyuqA-TFOnRq5nD_e7MMZcWNX02tmxDCNPSNClIOV0ujB67nQfQWU3cLq5osK04sNa12pZiiJSSNfYrN5j4CUjE07KxSbcFFCoA1sURM6MPGqfkuaqJGgpwCXGoa2jTQ10aOGGz1RqWHupTrbCNkI3py3XIEWYjJP7xTfi9SmeJ300Z2m9At6bcPVGGyL5CYdbc5V9egL3qZyqhmo2vjVYOhyLqJc78VMEJYziTexlSVZc_wUfN_1C6SFty4P19bsNLWJFeChT2ZJUcs-VOzeTOoRs4RhHDFx8o9qIStNmDNPVCIvsk8lq4VXMf8ooMhveUeUACQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.focus-news.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 48B7 0
17 B 110ms
46ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~l5woyy6j&c=7921320302672&slotId=3960660151336&qqid=CNjQ2Mj4jPkCFf3Huwgd1oAPDg&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=857&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=8&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 16:43:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.focus-news.net/	1970-01-20 22:13:00	Name: _ga Value: GA1.2.2050751511.1658508216
.focus-news.net/	1970-01-20 04:43:14	Name: _gid Value: GA1.2.895811518.1658508216
.focus-news.net/	1970-01-20 04:41:48	Name: _gat Value: 1
ads2.focus-news.net/	1970-01-20 13:27:24	Name: OAID Value: 76e6bf5f3a46d9c412d88a251665572f
.focus-news.net/	1970-01-20 14:03:24	Name: __gads Value: ID=c3757e66e0ed129e-22599f1ad5cd008d:T=1658508216:RT=1658508216:S=ALNI_MZNuLnGmaGtb-ES9Tv1N7wU1t2c2Q
.doubleclick.net/	1970-01-20 14:03:24	Name: IDE Value: AHWqTUnLp9j6AhqwRQBqG8xcsZg_Hm8vpHDvwbPMB9VGhP1WKxS1moHLs0Tqz1MBaxk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads2.focus-news.net
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
code.jquery.com
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
images.focus-news.net
imasdk.googleapis.com
m.focus-news.net
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5e6nz7.c.2mdn.net
static.addtoany.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
172.217.18.2
2001:4de0:ac18::1:a:1b
213.91.198.26
213.91.198.5
2606:4700:10::ac43:2794
2a00:1450:4001:65::7
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:806::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c06::9c
2a00:1450:400e:80f::200a
2a00:1450:400f:805::2003
2a03:2880:f01c:216:face:b00c:0:3
74.125.133.157
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
35f7e4a8372755d1c7cbcf273bd21a5faa9e8a65e1ac2042a2f5cf8c79a2d684
3970c6cf4ad3a4cefd44c5d0564963225a6422639ce28ba29a833349a67cc88d
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a1ce1c2846438a4a8e9a960609c12579fa6562ac3166396db5f2cdb4a544565
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5617a6f03d29a1bac2c8889e96d5e62b9ffc552447f4ff87af6507d2e9306ff4
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
5f0b4bc1ef119c2a180a779fb15c4348a4e307ec6573a3f5c95a878994115a32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6788cbd05ea56e513180eae31ca541d6bdbd31b6ba11cf63d49dc865bad66d23
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6bead760223b43f236f5ea287299403f28978fcb85096617ebaf77f71f51c491
6c9a6c0504eabbdaa1b8cf6d6ea6cb0f87f4489ebb0e657dae334eb90b51339a
6da69aa5e819334813dcd4d8a58b112912ca889bc35636a24876841d9f4c0ecc
7871d47da2946eb245812c3f045780907bf7492222beb8fa047d319315060de4
7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621
7c7393b418eebbffa5c2b42d70f95ccbed66d5fb9660e270362339a393a3fc96
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87131b3ad9c5182caee4bb6895d29405bad42fe7b6b4f478097ebf939afaf53f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b457c5f4846dc7fe3b6edf3a457cab514f906f917085aa4ccd6eea23e51df1df
b52805f929352d230345918c4a09a626e172f312afe419cbb0df3d32554296fd
bd0fc1a1e24ea9d6276ed56bab380d668444c7897550335fa11f43845baac20d
bd759ee5d41f2dfe03bdcb8bee9cb0f96af72548dcc2aa7150711ab09de2d9b3
c0f8f520c8876a74eb54f59706270c0246cd7a2264372c926dc496397222fe06
c65b1c9e27a3f16dc317b838240d4fff2d9aefe1c20dd4cc0bd1d6071dcee309
cc49d47395d75c7d01c7188eaed9d0890660ae106c77032c1f77477b56e00138
d0ec84c18ea788cd0ae7b3de9ba9dbd117bdd68b273b8e6a6c04d5bf820c0d9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5afa576d70448cb99b9441f06c9b38ecf712fd9605768cca22ea1a12ec81112
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8ea7aa2967136bce0f46483bf69d37bf8abe2f386d11555ca802a49eaef8c02
fc0746fd335f86402a6ac473330312c858cffdca93caf31ce45f09f593ed3d78
fc0de7183618d4462178b3cc3ab2c5e62c87e899fe755892f0e027c84b9a39b4

m.focus-news.net Open in urlscan Pro 213.91.198.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

68 %HTTPS

82 %IPv6

13 Domains

23 Subdomains

22 IPs

6 Countries

1015 kBTransfer

2742 kBSize

6 Cookies

2 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.focus-news.net Open in urlscan Pro
213.91.198.5 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

68 %
HTTPS

82 %
IPv6

13
Domains

23
Subdomains

22
IPs

6
Countries

1015 kB
Transfer

2742 kB
Size

6
Cookies

60 HTTP transactions
3 data transactions