www.dw.com Open in urlscan Pro
2a02:26f0:6c00:1bd::2d63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Submission: On October 20 via manual (October 20th 2021, 10:35:50 am UTC) from QA — Scanned from DE

Summary HTTP 353 Redirects Behaviour Indicators

Summary

This website contacted 69 IPs in 13 countries across 63 domains to perform 353 HTTP transactions. The main IP is 2a02:26f0:6c00:1bd::2d63, located in Ascension Island and belongs to AKAMAI-ASN1, NL. The main domain is www.dw.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 16th 2021. Valid for: a year.

This is the only time www.dw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2a02:26f0:6c0... 2a02:26f0:6c00:1bd::2d63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:1a00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	104.111.250.147 104.111.250.147	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.222.214.37 52.222.214.37	16509 (AMAZON-02) (AMAZON-02)
6	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1 4	3.127.122.125 3.127.122.125	16509 (AMAZON-02) (AMAZON-02)
4	151.106.66.199 151.106.66.199	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 24	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.120.57.46 3.120.57.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.112.43 18.66.112.43	16509 (AMAZON-02) (AMAZON-02)
3	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	2a04:4e42:600... 2a04:4e42:600::626	54113 (FASTLY) (FASTLY)
17	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	52.215.19.227 52.215.19.227	16509 (AMAZON-02) (AMAZON-02)
1	152.199.22.243 152.199.22.243	15133 (EDGECAST) (EDGECAST)
2	2.16.186.10 2.16.186.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
1	3.220.202.22 3.220.202.22	14618 (AMAZON-AES) (AMAZON-AES)
55	3.85.70.67 3.85.70.67	14618 (AMAZON-AES) (AMAZON-AES)
6	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
6	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
3	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
6	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
16	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	52.70.89.158 52.70.89.158	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
6	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 20	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	52.46.133.124 52.46.133.124	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3039::6815:c094	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	25751 (VALUECLICK) (VALUECLICK)
1 2	52.45.237.203 52.45.237.203	14618 (AMAZON-AES) (AMAZON-AES)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:aed6:5140:ccda:f0b0	16509 (AMAZON-02) (AMAZON-02)
3 4	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	3.120.29.221 3.120.29.221	16509 (AMAZON-02) (AMAZON-02)
3 4	18.194.90.146 18.194.90.146	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
6 6	52.49.53.128 52.49.53.128	16509 (AMAZON-02) (AMAZON-02)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	18.200.233.208 18.200.233.208	16509 (AMAZON-02) (AMAZON-02)
1	54.205.198.41 54.205.198.41	14618 (AMAZON-AES) (AMAZON-AES)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	18.193.97.64 18.193.97.64	16509 (AMAZON-02) (AMAZON-02)
2 2	87.98.228.78 87.98.228.78	16276 (OVH) (OVH)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.23.65.200 23.23.65.200	14618 (AMAZON-AES) (AMAZON-AES)
353	69

40 2a02:26f0:6c00:1bd::2d63 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

www.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

player.h-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.250.147 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-147.deploy.static.akamaitechnologies.com

commons.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-37.fra56.r.cloudfront.net

pym.nprapps.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.218.209.87 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.127.122.125 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-122-125.eu-central-1.compute.amazonaws.com

logs1242.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.106.66.199 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: srv6199.mailer-service.de

system.promio-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.193 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 37.252.172.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (None, )

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.43 (United States)

ASN16509 (AMAZON-02, US)

peach-static.ebu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::626 (Ascension Island)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.19.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-19-227.eu-west-1.compute.amazonaws.com

pipe-collect.ebu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.243 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.10 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com

tvdownloaddw-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.79.242.16 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

cdn.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.202.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-202-22.compute-1.amazonaws.com

compass-v2.deliverimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 3.85.70.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-70-67.compute-1.amazonaws.com

compass-events.deliverimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.195.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

brightcom-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.70.89.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-89-158.compute-1.amazonaws.com

compass-allbids.deliverimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.218.208.246 (United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.133.124 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c094 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Sweden) 1 redirects

ASN25751 (VALUECLICK, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openx2-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.237.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-237-203.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:aed6:5140:ccda:f0b0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.29.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.90.146 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-90-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.49.53.128 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.233.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-233-208.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.198.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-41.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.97.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-97-64.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.228.78 (Spain) 2 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (Norway) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.65.200 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-65-200.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	deliverimp.com compass-v2.deliverimp.com compass-events.deliverimp.com compass-allbids.deliverimp.com	8 KB
42	dw.com www.dw.com commons.dw.com static.dw.com	876 KB
27	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	87 KB
26	googlesyndication.com 319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com 600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com	113 KB
25	doubleclick.net 6 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	541 KB
18	openx.net 1 redirects brightcom-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	5 KB
17	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	20 KB
17	rubiconproject.com 3 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	36 KB
11	yahoo.com 1 redirects c2shb.ssp.yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	20 KB
10	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	113 KB
9	google.com www.google.com adservice.google.com	5 KB
8	googletagservices.com www.googletagservices.com	256 KB
7	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	2 KB
7	pubmatic.com 1 redirects hbopenbid.pubmatic.com image2.pubmatic.com	956 B
6	bidr.io 6 redirects match.prod.bidr.io	3 KB
6	indexww.com js-sec.indexww.com	6 KB
6	lijit.com ap.lijit.com	2 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	41 KB
5	marphezis.com cdn.marphezis.com	1 MB
4	bidswitch.net 3 redirects x.bidswitch.net	2 KB
4	everesttech.net 3 redirects sync-tm.everesttech.net	990 B
4	adsrvr.org match.adsrvr.org	1 KB
4	google.de adservice.google.de	1 KB
4	jwpcdn.com ssl.p.jwpcdn.com	240 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	299 KB
4	promio-connect.com system.promio-connect.com	39 KB
4	xiti.com 1 redirects logs1242.xiti.com	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	adform.net 2 redirects c1.adform.net	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	a-mo.net prebid.a-mo.net	630 B
3	ebu.io peach-static.ebu.io pipe-collect.ebu.io	37 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	1021 B
2	erne.co 2 redirects green.erne.co	566 B
2	turn.com 2 redirects ad.turn.com	866 B
2	admedo.com 2 redirects pool.admedo.com	714 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	dotomi.com 1 redirects casale-match.dotomi.com openx2-match.dotomi.com	290 B
2	googleapis.com fonts.googleapis.com	2 KB
2	akamaihd.net tvdownloaddw-a.akamaihd.net	100 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	789 B
2	nprapps.org pym.nprapps.org	6 KB
2	jwplayer.com cdn.jwplayer.com entitlements.jwplayer.com	37 KB
2	googletagmanager.com www.googletagmanager.com	80 KB
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	justpremium.com match.justpremium.com	323 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	280 B
1	adentifi.com rtb.adentifi.com	88 B
1	demdex.net dpm.demdex.net
1	rfihub.com 1 redirects p.rfihub.com	777 B
1	contextweb.com 1 redirects bh.contextweb.com	496 B
1	rlcdn.com id.rlcdn.com
1	ad4m.at ad4m.at
1	stickyadstv.com ads.stickyadstv.com	727 B
1	google-analytics.com www.google-analytics.com	20 KB
1	emxdgt.com hb.emxdgt.com	156 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	h-cdn.com player.h-cdn.com	4 KB
1	jquery.com code.jquery.com	6 KB
0	quantserve.com Failed pixel.quantserve.com Failed
0	argosdata.io Failed data.argosdata.io Failed
353	63

	Domain	Requested by
55	compass-events.deliverimp.com	www.dw.com
30	www.dw.com	www.dw.com
23	ib.adnxs.com	1 redirects www.dw.com cdn.marphezis.com acdn.adnxs.com
17	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.dw.com cdn.marphezis.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com www.dw.com tpc.googlesyndication.com
10	static.dw.com	www.dw.com
8	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com um2.eqads.com
8	cm.g.doubleclick.net	6 redirects eu-u.openx.net www.dw.com
8	www.googletagservices.com	www.dw.com securepubads.g.doubleclick.net cdn.marphezis.com
7	eu-u.openx.net	cdn.marphezis.com eu-u.openx.net
6	match.prod.bidr.io	6 redirects
6	us-u.openx.net	eu-u.openx.net
6	js-sec.indexww.com	cdn.marphezis.com ssum-sec.casalemedia.com
6	eus.rubiconproject.com	cdn.marphezis.com eus.rubiconproject.com
6	tpc.googlesyndication.com	cdn.marphezis.com
6	c2shb.ssp.yahoo.com	cdn.marphezis.com
6	prg.smartadserver.com	cdn.marphezis.com
6	hbopenbid.pubmatic.com	cdn.marphezis.com
6	ap.lijit.com	cdn.marphezis.com
5	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
5	compass-allbids.deliverimp.com	www.dw.com
5	cdn.marphezis.com	securepubads.g.doubleclick.net cdn.marphezis.com www.dw.com
5	www.google.com	www.dw.com system.promio-connect.com cdn.marphezis.com
5	widgets.outbrain.com	www.dw.com widgets.outbrain.com
4	x.bidswitch.net	3 redirects ssum-sec.casalemedia.com
4	sync-tm.everesttech.net	3 redirects ssum-sec.casalemedia.com
4	pixel.rubiconproject.com	www.dw.com
4	match.adsrvr.org	eu-u.openx.net ssum-sec.casalemedia.com www.dw.com
4	adservice.google.com	securepubads.g.doubleclick.net cdn.marphezis.com
4	adservice.google.de	securepubads.g.doubleclick.net cdn.marphezis.com
4	ssl.p.jwpcdn.com	cdn.jwplayer.com
4	fastlane.rubiconproject.com	www.dw.com cdn.marphezis.com
4	c.amazon-adsystem.com	www.dw.com c.amazon-adsystem.com
4	system.promio-connect.com	pym.nprapps.org system.promio-connect.com
4	logs1242.xiti.com	1 redirects www.dw.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	pr-bh.ybp.yahoo.com	1 redirects eu-u.openx.net ssum-sec.casalemedia.com
3	token.rubiconproject.com	3 redirects
3	c1.adform.net	2 redirects ssum-sec.casalemedia.com
3	sync.mathtag.com	3 redirects
3	acdn.adnxs.com	cdn.marphezis.com
3	brightcom-d.openx.net	cdn.marphezis.com
3	htlb.casalemedia.com	cdn.marphezis.com
3	prebid.a-mo.net	cdn.marphezis.com
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	green.erne.co	2 redirects
2	ad.turn.com	2 redirects
2	pool.admedo.com	2 redirects
2	pm.w55c.net	2 redirects
2	rtb.openx.net	1 redirects eu-u.openx.net
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	system.promio-connect.com
2	tvdownloaddw-a.akamaihd.net	www.dw.com
2	pipe-collect.ebu.io	peach-static.ebu.io
2	www.gstatic.com	www.google.com
2	pym.nprapps.org	www.dw.com system.promio-connect.com
2	commons.dw.com	www.dw.com
2	www.googletagmanager.com	www.dw.com
1	nep.advangelists.com	1 redirects
1	ups.analytics.yahoo.com	ssum-sec.casalemedia.com
1	match.justpremium.com	eu-u.openx.net
1	pixel-sync.sitescout.com	1 redirects
1	openx2-match.dotomi.com	eu-u.openx.net
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	rtb-csync.smartadserver.com	eu-u.openx.net
1	bh.contextweb.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	id.rlcdn.com	www.dw.com
1	ads.yahoo.com	www.dw.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	compass-v2.deliverimp.com	cdn.marphezis.com
1	mv.outbrain.com	widgets.outbrain.com
1	319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	odb.outbrain.com	widgets.outbrain.com
1	entitlements.jwplayer.com	cdn.jwplayer.com
1	log.outbrainimg.com	widgets.outbrain.com
1	peach-static.ebu.io	www.dw.com
1	www.google-analytics.com	www.googletagmanager.com
1	hb.emxdgt.com	www.dw.com
1	cdn.jsdelivr.net	www.dw.com
1	widget-pixels.outbrain.com	www.dw.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	player.h-cdn.com	www.dw.com
1	cdn.jwplayer.com	www.dw.com
1	code.jquery.com	www.dw.com
0	pixel.quantserve.com Failed	eu-u.openx.net ssum-sec.casalemedia.com
0	data.argosdata.io Failed	www.dw.com
353	100

This site contains no links.

Subject Issuer	Validity	Valid
*.dw.com GeoTrust RSA CA 2018	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
*.h-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-05` - `2022-07-18`	2 years	crt.sh
pym.nprapps.org Amazon	`2021-05-06` - `2022-06-04`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.xiti.com Thawte RSA CA 2018	`2020-02-27` - `2022-05-22`	2 years	crt.sh
*.promio-connect.com Starfield Secure Certificate Authority - G2	`2021-08-12` - `2022-09-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.ebu.io Gandi Standard SSL CA 2	`2020-03-16` - `2022-04-02`	2 years	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
entitlements.jwplayer.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-30` - `2022-06-30`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
cdn.marphezis.com Go Daddy Secure Certificate Authority - G2	`2021-05-15` - `2022-06-16`	a year	crt.sh
compass-v2.deliverimp.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-13` - `2022-09-28`	a year	crt.sh
compass-events.deliverimp.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-05-02` - `2022-06-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
compass-allbids.deliverimp.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-05-02` - `2022-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Frame ID: 2BC914476424C8CF28050CADD6F5F8DF
Requests: 158 HTTP requests in this frame

Frame: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
Frame ID: 483CAE60EC08A0E23D807E97C2AB8016
Requests: 11 HTTP requests in this frame

Frame: https://319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 69BA51372BF39936D51D41F85AFBB1C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Frame ID: 78F58B8DC080B2F0C3281B84D8B7C17E
Requests: 17 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: FFCB767AC9A9FD3989EE278EB6D9068E
Requests: 30 HTTP requests in this frame

Frame: https://f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: BC164932E368E9DB6554D9C1BBE7B4DB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 542B98EA7B32C06C629B4F440CE51232
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C97C8C3F7B473A0BE364337C06E47AC0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D1574F6A532B3C7FEE4A8DBC1495977
Requests: 2 HTTP requests in this frame

Frame: https://54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: 7C4231D50C3C7EF181BEDDAB550E00F7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BE5E2BDC57F139FE2E00A7FF739DC363
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66D740D23F6CE8BF3332B81FF0711D8D
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: D1E295AE428B8E71AED5CE809C75AAE4
Requests: 14 HTTP requests in this frame

Frame: https://600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: F33B75E1AC4D7238BBD6855D18376E08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B8B3A6E6F42ED52E620D51C11ED77953
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 462FEBFF43BED74EBAA96B0CADB06FFF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 443F44886F97B746C7554BAE344FA103
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13419622
Frame ID: A1902BB302E8D47277B9061E39020A0A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Frame ID: 999428F66DCF101337450A76A6305F36
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D0A5858834A4EDED35733D90B8ADB57C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E49D1A7954C23B7DD5AE7C00DF607187
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9155792DF248362A389B300AD42ABC66
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 4E35B09D61F011BFADC12CF264B28820
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Frame ID: 24DF877613B090235D59B9679C48DB8F
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 645AB7C4B3E5E50AB962B82CABCD0F40
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 152CE6E186596AED4F29FC74D1237FB4
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13419622
Frame ID: B7A4D9741C40C6487F97342A81A60423
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7E44B554D06C850CC648D336E8F2D44B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E5A8F42643985A2738A3ED67CD1413EF
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9072770EEE12813795A79C5E7168D662
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Frame ID: 18332343C136C2261E27D514FE37A5A5
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 33518B7F8CB184CFF55787BE4298B2C8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13419622
Frame ID: 371B95FF611C423030B851C3EACE3B35
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 179C2606A1F33F680DE207E49E236EB9
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8C817648CAB9E5508EB71DF0BA6EED59
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AT Internet XiTi (Analytics) Expand

Overall confidence: 100%
Detected patterns

xiti\.com/hit\.xiti

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

353
Requests

99 %
HTTPS

26 %
IPv6

63
Domains

100
Subdomains

69
IPs

13
Countries

4488 kB
Transfer

9459 kB
Size

66
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137675&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&idp=1035376650540&jv=0&p=TOP+STORIES::World::Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed&s2=2&vrn=1&x1=1&x2=2&x3=59376192&x4=1429&x5=[Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192]&x8=[]&x9=20211003&x10=[TOP+STORIES::World]&x11=&x12=&x13=1&x14=&x15=19990022&x16=19990032&x17=&x18=&x19=&x20=News&ref= HTTP 302
https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137675&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&idp=1035376650540&jv=0&p=TOP+STORIES::World::Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed&s2=2&vrn=1&x1=1&x2=2&x3=59376192&x4=1429&x5=[Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192]&x8=[]&x9=20211003&x10=[TOP+STORIES::World]&x11=&x12=&x13=1&x14=&x15=19990022&x16=19990032&x17=&x18=&x19=&x20=News&ref=&Rdt=On

Request Chain 281

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2

Request Chain 283

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6112475634651975236

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMrX3zXdkJSGnWoHVMlS9DY&google_cver=1

Request Chain 287

https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 290

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&dcc=t

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECSHtJVHse_zARbgUOPgvvQ&google_cver=1

Request Chain 292

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YW-w-tGnc.u52GQu-mx7mgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHSYn3G5ZA8-1K3hPosed_Y&google_cver=1&gdpr=1&google_hm=2

Request Chain 296

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634812542&gdpr=1

Request Chain 298

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 299

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZDQGSC-1X-4VDR&sigv=1&esig=2~518a7bdf20c45de20abb97cb48be0c9ed14d2ade

Request Chain 300

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2IwMDE5ODFkNTBiNGJkYzk1YzdlMDExZTRkZjI4ZTk0NTY0YTM3OQ

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIngH-9tPyvu1FjzHrW9veg&google_cver=1

Request Chain 304

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&expires=28

Request Chain 305

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/JplSWT2JpIMewWPuSbwkKsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8547631874180429792

Request Chain 306

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YW-w-wAAAFcQhgAT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW-w-wAAAFcQhgAT&_test=YW-w-wAAAFcQhgAT

Request Chain 314

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-g_aMEicw40BaikQQ6gHow==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 316

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Ias4G2gR1MD8WH5

Request Chain 317

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=8ece5112-4a5f-482a-b53f-5fc20a52d929 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=8ece5112-4a5f-482a-b53f-5fc20a52d929 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f9f64e76-8ffc-42f1-9148-1ffda83f5dab&user_group=1&ssp=openx&bsw_param=8ece5112-4a5f-482a-b53f-5fc20a52d929 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=8ece5112-4a5f-482a-b53f-5fc20a52d929

Request Chain 318

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3219152490918884758

Request Chain 319

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGTXhFN0MzLUlBQURmMjRZVEN4UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMxE7C3-IAADf24YTCxQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFMxE7C3-IAADf24YTCxQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFMxE7C3-IAADf24YTCxQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFMxE7C3-IAADf24YTCxQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 324

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&gdpr=1&gdpr_consent=

Request Chain 325

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3883367226904300381

Request Chain 327

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718546645417

Request Chain 341

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=

Request Chain 343

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW-w-wAAAFcQhgAT

Request Chain 344

https://green.erne.co/openx/cm HTTP 302
https://pixel.onaudience.com/?mapped=e0fdp6heMSx2tX5NJ0dzXrY7&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253De0fdp6heMSx2tX5NJ0dzXrY7 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253De0fdp6heMSx2tX5NJ0dzXrY7 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253De0fdp6heMSx2tX5NJ0dzXrY7 HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4d553a6208b59afc4561288e0f77f9a9&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253De0fdp6heMSx2tX5NJ0dzXrY7 HTTP 302
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3De0fdp6heMSx2tX5NJ0dzXrY7 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=e0fdp6heMSx2tX5NJ0dzXrY7

Request Chain 345

https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3883367226904300381&gdpr=1&gdpr_consent=&us_privacy=

Request Chain 347

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFMxE7C3-IAADf24YTCxQ&expiration=1635935744&gdpr=1

Request Chain 350

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6880125441633412732&uid=Q6880125441633412732&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 352

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ecc7643c-ba9e-4c2d-a52d-d24651bb5e5c

353 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request a-59376192 Show response
www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/ 73 KB
25 KB 67ms
23ms Document
text/html 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ba5d8c544986c5c569299825c32c3d455721e7d6a988efb7b6a7cb85f2b958e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.dw.com
:scheme: https
:path: /en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

strict-transport-security: max-age=31536000
x-ua-compatible: IE=EmulateIE8; IE=EmulateIE9; IE=EmulateIE10; IE=Edge
content-type: text/html;charset=UTF-8
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
content-encoding: gzip
access-control-allow-origin: *
accept-ranges: bytes
content-length: 25002
cache-control: max-age=120
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
www.dw.com/js/ 86 KB
30 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/jquery-3.4.1.min.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6905187bf215fe6b8c4afe16c84847674297ffb073b8f1b614c4342b125663b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/jquery-3.4.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/jquery-3.4.1.min.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=98850
accept-ranges: bytes
content-length: 30741

GET
H2 200 jquery-migrate-3.0.1.js Show response
code.jquery.com/ 17 KB
6 KB 68ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.0.1.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2017 00:42:14 GMT
server: nginx
etag: W/"59caf3e6-4595"
vary: Accept-Encoding
x-hw: 1634726137.dop021.ml1.t,1634726137.cds014.ml1.hn,1634726137.cds210.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5802

GET
H2 200 dsgvo_utils.js Show response
www.dw.com/js/dsgvo/ 1 KB
848 B 12ms
11ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/dsgvo/dsgvo_utils.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5afab78ca0a323f72103635fcdb92c7da0db7babf8ea34731547aa419c12152f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/dsgvo/dsgvo_utils.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/dsgvo/dsgvo_utils.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=81772
accept-ranges: bytes
content-length: 587

GET
H2 200 accessToROAD_Beta.js Show response
www.dw.com/js/beta_ROAD/ 2 KB
851 B 12ms
11ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/beta_ROAD/accessToROAD_Beta.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a0ed83fa87627f79c564eaa0757c056ac3323b610baeea75a97b33cc5dbc935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/beta_ROAD/accessToROAD_Beta.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/beta_ROAD/accessToROAD_Beta.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=457132
accept-ranges: bytes
content-length: 582

GET
H2 200 de.dw.cdaLanguage.min.js Show response
www.dw.com/js/ 16 KB
6 KB 13ms
11ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/de.dw.cdaLanguage.min.js?v=6.75.3

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b73e4257f71e27b3fdac7a891b0d3b2cd8d4ac80e59b546d570219c0a7a443d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/de.dw.cdaLanguage.min.js?v=6.75.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/de.dw.cdaLanguage.min.js?v=6.75.3
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=165280
accept-ranges: bytes
content-length: 5883

GET
H2 200 dwde-ltr.min.css
www.dw.com/css/ 265 KB
36 KB 14ms
12ms Stylesheet
text/css 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c475b81b499b917e5f9da3cdf8bee817f7c40f097f5e1c77f0c8afb7a8de7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/dwde-ltr.min.css?v=6.75.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/dwde-ltr.min.css?v=6.75.3
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=157198
accept-ranges: bytes
content-length: 36605

GET
H2 200 dw-fonts-latin.css
www.dw.com/css/ 9 KB
2 KB 17ms
15ms Stylesheet
text/css 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/dw-fonts-latin.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9cb70a891222ff4bfd17a7ca529c9d02c1ef9a976566d2c9fbbaf094bb975ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/dw-fonts-latin.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/dw-fonts-latin.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=101416
accept-ranges: bytes
content-length: 1775

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 45ms
17ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109618266-1

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a7aee5bf9610fb0126fcbbaf320b82659bf91096e5db1a3445ff2448acf0f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36834
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 10:35:37 GMT

GET
H2 200 dwde.min.js Show response
www.dw.com/js/ 920 KB
235 KB 18ms
16ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/dwde.min.js?v=6.75.3

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

57459fa13191028ca103c82db2e0b0a37aca6a9906dd5b78fe91da468b9407ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/dwde.min.js?v=6.75.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/dwde.min.js?v=6.75.3
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=165276
accept-ranges: bytes
content-length: 240114

GET
H2 200 b1Tao5yJ.js Show response
cdn.jwplayer.com/libraries/ 113 KB
37 KB 52ms
12ms Script
text/javascript 2600:9000:225e:1a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: fa6e99fe5fb1f02ff4d8eca02a9adc9c1929731dfcba7e54743a93a1367627f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:12 GMT
content-encoding: gzip
server: openresty
age: 25
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA60-P4
content-length: 37699
via: 1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
x-amz-cf-id: ABqnmWJo7ASAcUakznZZUt8ngIho40VMpxRTKjrax20cHi4zfXwpjg==
expires: Wed, 20 Oct 2021 10:37:42 GMT

GET
H2 200 dwskinfile.css
www.dw.com/css/jwplayer8/skins/DW/ 14 KB
2 KB 36ms
35ms Stylesheet
text/css 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4274f6d73039833b37a64aefae69559c3a1fac95460b2464f5ac2c3c0c669955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/dwskinfile.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/dwskinfile.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=165293
accept-ranges: bytes
content-length: 1734

GET
H2 200 desktop-additions.css
www.dw.com/css/jwplayer8/skins/DW/ 79 B
339 B 37ms
36ms Stylesheet
text/css 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/desktop-additions.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85f083d8cd1336fe3a60c24dc734b9c40a7eec9e68a2b30df146fb25a4f57640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/desktop-additions.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/desktop-additions.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=162669
accept-ranges: bytes
content-length: 74

GET
H2 200 jquery.ui.datepicker-en.min.js Show response
www.dw.com/js/datepicker/ 676 B
650 B 37ms
36ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/datepicker/jquery.ui.datepicker-en.min.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

810498673af1c6e2284b739f367fbad0bdc1ccf1b8c1746172d4ea4f608e693d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/datepicker/jquery.ui.datepicker-en.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/datepicker/jquery.ui.datepicker-en.min.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=444193
accept-ranges: bytes
content-length: 373

GET
H2 200 loader.js Show response
player.h-cdn.com/ 12 KB
4 KB 60ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.h-cdn.com/loader.js?customer=deutschewelle
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 5305f48cf9ac97787eb4e81c828daf5e005f11953beec1c651c67f05583e8402

Request headers

Referer: https://www.dw.com/
Origin: https://www.dw.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
age: 136
x-cache: HIT, HIT
x-hola-original-content-length: 12062
access-control-max-age: 600
content-length: 3988
x-request-id: 10e00aa54333173b814546a12f3b39b3a7937ea2
x-served-by: cache-ewr18121-EWR, cache-hhn4020-HHN
access-control-allow-origin: *
server: nginx/1.15.9 (Ubuntu)
x-timer: S1634726138.751829,VS0,VE0
etag: W/"md5-1000667-002c59c8-6a129354"
vary: Origin, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Date, Cache-Control, ETag, Content-Length, X-Hola-Original-Content-Length
cache-control: public,max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 11

GET
H2 200 clickPerformance.desktop.articles.min.js Show response
www.dw.com/js/advertisement/ 310 KB
94 KB 13ms
11ms Script
application/javascript 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60bc6a9870fc33fce5220d27895b6c3043bb48771c8ac5505865dfe7afca6771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/advertisement/clickPerformance.desktop.articles.min.js
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/advertisement/clickPerformance.desktop.articles.min.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=75536
accept-ranges: bytes
content-length: 95861

GET
H2 200 smarttag.js Show response
commons.dw.com/tracking/ 56 KB
17 KB 90ms
20ms Script
application/javascript 104.111.250.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commons.dw.com/tracking/smarttag.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.147 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53a799ce5505ccfe5a0872989a681b09c23f1a4c7e6b6655cc290b7b12ad7f75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 10:36:33 GMT
x-backend: staticcontent
etag: W/"615ad931-e076"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16746

GET
H2 200 smarttagJwPlayerPlugin.js Show response
commons.dw.com/tracking/ 4 KB
2 KB 95ms
25ms Script
application/javascript 104.111.250.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commons.dw.com/tracking/smarttagJwPlayerPlugin.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.147 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81f24f92b7a47056ec009b29d244eec11e2515b8e359fa945eb9fb116bd69cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 10:36:33 GMT
x-backend: staticcontent
etag: W/"615ad931-e01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1491

GET
H2 200 dwlogo-print.gif
www.dw.com/cssi/ 3 KB
3 KB 20ms
19ms Image
image/gif 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/dwlogo-print.gif

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c44e55ded4b4ce6fdb49e33d6219fdf547ecdad69913b9eab6578d07012814af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/dwlogo-print.gif
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/dwlogo-print.gif
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=447391
accept-ranges: bytes
content-length: 2725

GET
H2 200 pym.v1.min.js Show response
pym.nprapps.org/ 9 KB
3 KB 50ms
8ms Script
application/javascript 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pym.nprapps.org/pym.v1.min.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:11:43 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:23:08 GMT
server: AmazonS3
age: 55435
etag: "dfb7091815cbff12a30bfad66911926f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3
content-length: 2818
x-amz-cf-id: 9MqUt2dEt5DL8U0L8dlJRPYLC-8aiJ2LzW4B-RvvCmFafbPyKVDiEw==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 188 KB
63 KB 48ms
9ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd408a5a042b26302422015b360c781e0a7f49de63198b53acedf20931c90b66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 12:36:51 GMT
etag: W/"2f1e2-IIs5eM92qw6rh9rBNZ8lWT9geoc"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 84d334e34e34d976863d483b7222b9e3
timing-allow-origin: *, *
content-length: 64092
expires: Wed, 20 Oct 2021 14:35:37 GMT

GET
H2 200 dw-print.css
www.dw.com/css/ 1 KB
712 B 20ms
19ms Stylesheet
text/css 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/dw-print.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e943aea4c1bfa037109388aec87b962d28432df3992a717774794add1495e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/dw-print.css
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/dw-print.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=95207
accept-ranges: bytes
content-length: 466

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
43 KB 51ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXHJH9T

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e786f4162bf81408a0a0d9fab38b52a18a035a7395f0adbb60f1fd845050b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43995
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 10:35:37 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
941 B 66ms
23ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?&render=explicit&hl=en

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/dwde.min.js?v=6.75.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1f5d857f44748899b754e1a73af371aa66783faa3511f124fa1d567e3d54d24

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Wed, 20 Oct 2021 10:35:37 GMT

GET
H2

200

hit.xiti
logs1242.xiti.com/
Redirect Chain

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137675&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&idp=1035376650540&jv=0&p=TOP+STORIES::World::Pandora+Papers%3A+...
https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137675&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&idp=1035376650540&jv=0&p=TOP+STORIES::World::Pandora+Papers%3A+...

35 B
150 B

9ms
9ms

Image
image/gif

3.127.122.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137675&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&idp=1035376650540&jv=0&p=TOP+STORIES::World::Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed&s2=2&vrn=1&x1=1&x2=2&x3=59376192&x4=1429&x5=[Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192]&x8=[]&x9=20211003&x10=[TOP+STORIES::World]&x11=&x12=&x13=1&x14=&x15=19990022&x16=19990032&x17=&x18=&x19=&x20=News&ref=&Rdt=On

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.122.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-122-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

Redirect headers

location: https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137675&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&idp=1035376650540&jv=0&p=TOP+STORIES::World::Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed&s2=2&vrn=1&x1=1&x2=2&x3=59376192&x4=1429&x5=[Pandora+Papers%3A+Secret+tax+havens+of+world+leaders%2C+celebrities+revealed]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192]&x8=[]&x9=20211003&x10=[TOP+STORIES::World]&x11=&x12=&x13=1&x14=&x15=19990022&x16=19990032&x17=&x18=&x19=&x20=News&ref=&Rdt=On
date: Wed, 20 Oct 2021 10:35:37 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
content-length: 795
strict-transport-security: max-age=15768000
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 i-b-grey-flat.png
www.dw.com/cssi/ 28 KB
28 KB 11ms
10ms Image
image/png 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/i-b-grey-flat.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

49ab757a8dcbda823248d1a0e11c40c6e10d0c077f4ba107eaf84c2f144b4761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/i-b-grey-flat.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/i-b-grey-flat.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=101354
accept-ranges: bytes
content-length: 28523

GET
H2 200 search-filter-icons-3.png
www.dw.com/cssi/ 3 KB
3 KB 11ms
11ms Image
image/png 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/search-filter-icons-3.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61d1dab01428240ad52f3ae3f8a819c550839e98c0a2ceb207cd1220f5f8b820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/search-filter-icons-3.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/search-filter-icons-3.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=162597
accept-ranges: bytes
content-length: 2889

GET
H2 200 schatten.jpg
www.dw.com/cssi/ 35 KB
36 KB 11ms
11ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/schatten.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3943a0fd4592088686323d6bd7acf8b23ec8799330a2e821eee41b938352e428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/schatten.jpg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/schatten.jpg
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=165352
accept-ranges: bytes
content-length: 36256

GET
H2 200 dwlogo-all.png
www.dw.com/cssi/ 4 KB
5 KB 12ms
12ms Image
image/png 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/dwlogo-all.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

81d0aa06c9481b3fc7b1bbe36953211677503a168c0ac5f9b254396c42a64528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/dwlogo-all.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/dwlogo-all.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=95029
accept-ranges: bytes
content-length: 4395

GET
H2 200 search-icon.gif
www.dw.com/cssi/ 432 B
661 B 12ms
12ms Image
image/gif 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/search-icon.gif

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f199bcf746f615780a7271ca4ac6202dbed49df4c722a83aa787b26573fa47a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/search-icon.gif
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/search-icon.gif
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=101362
accept-ranges: bytes
content-length: 432

GET
H2 200 dw-social-icons-sprite.png
www.dw.com/cssi/ 33 KB
33 KB 12ms
10ms Image
image/png 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/dw-social-icons-sprite.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9c6df269a53dbf588a56b22ccf04bef7bfbf8d90313a21bb84e0cec23e246760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/dw-social-icons-sprite.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/dw-social-icons-sprite.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=98966
accept-ranges: bytes
content-length: 33752

GET
H2 200 i-solo-dwblue.png
www.dw.com/cssi/ 20 KB
20 KB 13ms
9ms Image
image/png 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/i-solo-dwblue.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

57f2238860a181a116c4374c0ee0343e3e8528ab8f7ef6fd76379cbd6c219bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/i-solo-dwblue.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/i-solo-dwblue.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=101288
accept-ranges: bytes
content-length: 20210

GET
H2 200 play.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
908 B 13ms
10ms Image
image/svg+xml 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/play.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ac0ee1a7e4042e72f3a0f0b89d3f92278ece91612a5fa599bff6cb3b758f45d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/play.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/play.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=157243
accept-ranges: bytes
content-length: 641

GET
H2 200 59396189_303.jpg
static.dw.com/image/ 46 KB
46 KB 76ms
60ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/59396189_303.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3af323aa9c3ac5ad07b2b377fa96396553b1fe5758eac1d3ee9bae9cb04d9c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 04 Oct 2021 07:39:59 GMT
etag: "d38fef994db536a8b7412cb7e5283013"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2075
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 47146

GET
H2 200 59377266_401.jpg
static.dw.com/image/ 23 KB
24 KB 71ms
55ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/59377266_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60262fc87ea4197a41751e994d9432b0488a04993374590a72bd87a2564f31ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 01 Oct 2021 12:10:57 GMT
etag: "a571954aa22c5519a20bc8ebfec5b7d2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=267
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 23858

GET
H2 200 59377202_401.jpg
static.dw.com/image/ 24 KB
25 KB 61ms
46ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/59377202_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3caf04790c67dc801c927ba648611c29f71f1a12df4be245e060303568b10bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 01 Oct 2021 12:10:05 GMT
etag: "c54d02edc63726df6ff5d078f83ee199"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=810
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 25029

GET
H2 200 59377227_401.jpg
static.dw.com/image/ 25 KB
25 KB 65ms
50ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/59377227_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3bb42e4feb8a4c753c72eb00bde6c4ad8462bd14cf50fc032ccdef87f1a0ba05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 01 Oct 2021 12:10:26 GMT
etag: "55f716f0cf5fb5c75d8dab9bb88e456a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=238
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 25701

GET
H2 200 59377167_401.jpg
static.dw.com/image/ 35 KB
35 KB 67ms
52ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/59377167_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a14c9e5d8fe48f05822731b7d6a3f360cf02d4397521a676985952144d787f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 01 Oct 2021 12:10:05 GMT
etag: "cdca3da800635c2b34a9b58526a6504d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2059
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 35626

GET
H2 200 59376987_401.jpg
static.dw.com/image/ 32 KB
32 KB 72ms
57ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/59376987_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

914e6844354db3deaf74b1ae0efb6c901338f6b67eab447b3fc93b09cdb50293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 01 Oct 2021 13:46:18 GMT
etag: "fa35084d17e2e1620f10ed7dff383778"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=230
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 32446

GET
H2 200 52236520_401.jpg
static.dw.com/image/ 48 KB
48 KB 44ms
44ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/52236520_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

69ea67ff706971e6ec2c0ee4f84c3757f1d2918955be9edb1a6a1648349262a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 01 Oct 2021 12:17:26 GMT
etag: "d4f8a6ded24d6c3a8a4f6caf6bd2049a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2799
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 48859

GET
H2 200 18477367_401.jpg
static.dw.com/image/ 47 KB
47 KB 53ms
53ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/18477367_401.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b2f6d846e2a99e9172f8adb66e9a745546a14827859a489ecbeab8c0e2bdb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 05 Oct 2020 15:13:25 GMT
etag: "472e3a414229cae4269ba3a73fa5b5bc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3567
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 47856

GET
H/1.1 200
OK newsletter-form Show response
system.promio-connect.com/register/16401/default/en/ Frame 483C 24 KB
2 KB 404ms
351ms Document
text/html 151.106.66.199
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
Requested by: Host: pym.nprapps.org
URL: https://pym.nprapps.org/pym.v1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.106.66.199 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: srv6199.mailer-service.de
Software: Apache / PHP/5.6.40
Resource Hash: 4bb0e6b538b7615fd2cf56d7b5c04523fc0e3581284fee9ae5156b8f255e11f8

Request headers

Host: system.promio-connect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Date: Wed, 20 Oct 2021 10:35:37 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2127
Keep-Alive: timeout=10, max=900
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 footer-verlauf.gif
www.dw.com/cssi/ 1 KB
2 KB 13ms
13ms Image
image/gif 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/footer-verlauf.gif

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9996703f7c12ee4173def798d748bb36721c85d3033965d6431b671614264097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/footer-verlauf.gif
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.75.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:37 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/footer-verlauf.gif
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=92873
accept-ranges: bytes
content-length: 1311

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 343 KB
134 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76906cc7ea630184754d7a22bbf929abaf26d8f68da993d3c552efb353c57cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Origin: https://www.dw.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 08:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 136469
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 20 Oct 2022 08:11:58 GMT

GET
H/1.1 200
OK d3d3LmR3LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 40ms
9ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmR3LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:37 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=33770
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 5418d5001fd55569bc5fa37a38a368c6
Content-Length: 16
Expires: Wed, 20 Oct 2021 19:58:27 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 20ms
12ms Image
image/gif 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.763783408351788
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 19 Nov 2021 10:35:37 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 56ms
25ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding: gzip
etag: e2b905aea413c4d7479fb2bb9cbc6c65
age: 180
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 06BY6G75FDVT2NWCNK03
date: Wed, 20 Oct 2021 10:33:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 474733f16f494ddb794b4f7dfd7de967.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: wHchK72srsR0jcayvrsYWXUXP3_SV4Enkk7Cas5gnAELy4JtjdF4iQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1019 / 758 of 1000 / last-modified: 1634725443"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:37 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 88ms
30ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211020

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

854b509ad4b6770e02d9c62318416c4dc26391d78e8187ec14835ddfd413c61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27275
x-jsd-version: 1.0.1135
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19175-FRA, cache-mxp6925-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-GdJu0kPXXIH+Te2quTcRH8iCjvM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a1199ba286659b9-MXP

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 254 B
1 KB 124ms
102ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6e8157cfa9918b4b4bc08fa0ebee434828b5b82c2e0abfa6b4ac10375329c071

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:38 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 04bbbdfc-5b20-47f4-b223-5b182dab67fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 254
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 157ms
77ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18884&site_id=210282&zone_id=1353596&size_id=2&rf=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&tk_flint=pbjs_lite_v3.19.0&x_source.tid=a4bce267-4361-4444-9963-cd9056a9971e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.032236944083406716
Requested by: Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a57e003f4cc00c5fbafcab669216dfcc8f8332bb2f21f23cec95d74f7ea0a11c

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
156 B 51ms
18ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1634726137846&src=pbjs
Requested by: Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 41525323_301.jpg
static.dw.com/image/ 2 KB
3 KB 18ms
17ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/41525323_301.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

69c4bf65bed08394756d35bcf69fe48d43c44650fc37e288cec206d5b7a260e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 05 Oct 2020 09:46:34 GMT
etag: "0516cd8cfc3275f37fc53c2d64bfc30b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=472
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 2516

GET
H2 200 41525319_301.jpg
static.dw.com/image/ 2 KB
3 KB 22ms
21ms Image
image/jpeg 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/41525319_301.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

468273c5b8f10144d997793d71d58f784ea32b462040b933977f70e8d78ab064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 05 Oct 2020 09:46:34 GMT
etag: "e43644418f428b43c71c6d27c0708dba"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2162
date: Wed, 20 Oct 2021 10:35:37 GMT
accept-ranges: bytes
content-length: 2528

GET
H2 200 v-59391633 Show response
www.dw.com/playersources/ 156 B
398 B 45ms
45ms Fetch
application/json 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/playersources/v-59391633?hls=true

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/dwde.min.js?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9ab3518d3b437279cf1fde162d25c4cb0098206886f15fe3cf4a8ad612b765a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /playersources/v-59391633?hls=true
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/playersources/v-59391633?hls=true
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=120
accept-ranges: bytes
content-length: 161

GET
H2 200 v-59393619 Show response
www.dw.com/playersources/ 150 B
392 B 42ms
42ms Fetch
application/json 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/playersources/v-59393619?hls=true

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/dwde.min.js?v=6.75.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

57cb80bdcc3324bb229e9b3c3f8b2ce9b545ebfba4e9ec6762bfc84753bcd386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /playersources/v-59393619?hls=true
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.dw.com
referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 20 Oct 2021 10:35:37 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/playersources/v-59393619?hls=true
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=120
accept-ranges: bytes
content-length: 154

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109618266-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 2071
date: Wed, 20 Oct 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 20 Oct 2021 12:01:06 GMT

GET
H2 200 peach-collector-1.x.min.js Show response
peach-static.ebu.io/ 36 KB
37 KB 51ms
13ms Script
application/javascript 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peach-static.ebu.io/peach-collector-1.x.min.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fc44ca6f42bab7f2ba9e2b902c5dde018249448d25cd2e2185b9f441bb2e975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 02:58:45 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 07:48:37 GMT
server: AmazonS3
age: 33298
etag: "62122692a3e101365ccead6f9d70cb3f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 37121
x-amz-cf-id: xjVCT85zz4vE78Zkev5RfSUfR7kom3FVnRTVh7wzkZOBmNnv6vT74Q==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 374ms
87ms XHR
application/json 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1634726137889&sessionId=ad259ebc-d3c8-a081-843a-6de075785ba9&url=www.dw.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:38 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ce4483b481ef69c6bbdde7212569df0f
Content-Length: 4
Expires: 0

GET
H2 200 hit.xiti
logs1242.xiti.com/ 35 B
150 B 9ms
9ms Image
image/gif 3.127.122.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137901&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&ati=PUB-[Scroll]-[0%25]-[Desktop]-[Artikelseite]-[Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021]-[59376192]-[Englisch]-[https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192]&type=AT&stc=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.122.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-122-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

GET
H2 200 hit.xiti
logs1242.xiti.com/ 35 B
150 B 7ms
7ms Image
image/gif 3.127.122.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1634726137905&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x35x37&lng=en-US&ati=PUB-[Scroll]-[10%25]-[Desktop]-[Artikelseite]-[Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021]-[59376192]-[Englisch]-[https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192]&type=AT&stc=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.122.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-122-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:37 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

GET
H2 200 vast.js Show response
ssl.p.jwpcdn.com/player/plugins/vast/v/8.9.7/ 109 KB
31 KB 38ms
8ms Script
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/vast/v/8.9.7/vast.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ef94a635e88c7ff86a4ed8c0c2f5f9de69319cad89351c83c84ae7ca87c64f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
age: 2490850
x-cache: HIT
content-length: 31539
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
last-modified: Mon, 20 Sep 2021 21:30:34 GMT
server: AmazonS3
x-timer: S1634726138.005236,VS0,VE0
etag: "7aff03f66b354e633c62d3421a96592a"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 303552

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.23.1/ 58 KB
17 KB 60ms
29ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.23.1/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
age: 380
x-cache: HIT
content-length: 17499
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
last-modified: Fri, 08 Oct 2021 21:48:29 GMT
server: AmazonS3
x-timer: S1634726138.005422,VS0,VE0
etag: "fd28c0166cd7029ddfb10e5953b3f7f2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 670

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.23.1/ 305 KB
78 KB 45ms
19ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.23.1/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b372ba82431aa0eff7d94071558ba1bf9386a7193632cf501e98812904e5f598

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
age: 671410
x-cache: HIT
content-length: 79802
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
last-modified: Fri, 08 Oct 2021 21:48:22 GMT
server: AmazonS3
x-timer: S1634726138.005313,VS0,VE0
etag: "168485c84f61f3dce164a7df3f4e091a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 308341

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.23.1/ 409 KB
113 KB 55ms
29ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.23.1/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c72255901dfcec5f556681d91d28b283aebadd786d5502a5fcdcdc660ea906ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
age: 671410
x-cache: HIT
content-length: 115635
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
last-modified: Fri, 08 Oct 2021 21:48:25 GMT
server: AmazonS3
x-timer: S1634726138.005477,VS0,VE0
etag: "579ca51b4fb9fd747e0fc5cb338b5ab2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 221556

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 14ms
14ms XHR
text/plain 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&pubid=4e10e36d-ced5-49f8-b27a-8992090b10f1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 06:15:47 GMT
via: 1.1 474733f16f494ddb794b4f7dfd7de967.cloudfront.net (CloudFront)
server: Server
age: 15590
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.dw.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: ox_CZ7xC5ZYU9OfaKJSWEr0u_ty95yxe7Hey9yUu7nhj_dgFDSP1wg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 45ms
45ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&pid=dNEAnmqmXl2hh&cb=0&ws=1600x1200&v=7.69.01&t=700&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F228556409%2FDW_D_Articles_Leaderboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22200x200%22%5D%2C%22sn%22%3A%22%2F228556409%2FDW_D_Articles_Square%22%7D%5D&pubid=4e10e36d-ced5-49f8-b27a-8992090b10f1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
via: 1.1 474733f16f494ddb794b4f7dfd7de967.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: KCMD1PCBSBGRR7HTXTA1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.dw.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: E_eK391S0_EiRi63-KCqBV9Z7CY4l2_2VEEwCipDZ0D01qAEjal5iQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 27ms
9ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 67511
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Tue, 19 Oct 2021 15:54:35 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 6t0HS-2M-5B5MZOzAjVKewg-K0O9TpKi-84KqTmfXGKL_4zU6T8orw==

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 68ms
14ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:38 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 171 B
774 B 69ms
16ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dw.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

1446a5433914376b48019aeb64c17df122a5c7c173bde258fac8a6522177b048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Wed, 20 Oct 2021 10:35:38 GMT

POST
H2 201 collect Show response
pipe-collect.ebu.io/v3/ 2 B
462 B 32ms
31ms XHR
application/json 52.215.19.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipe-collect.ebu.io/v3/collect?s=dedw000000000047
Requested by: Host: peach-static.ebu.io
URL: https://peach-static.ebu.io/peach-collector-1.x.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.19.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-19-227.eu-west-1.compute.amazonaws.com
Software: Python/3.9 aiohttp/3.7.4.post0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Oct 2021 10:35:38 GMT
server: Python/3.9 aiohttp/3.7.4.post0
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 collect
pipe-collect.ebu.io/v3/ Frame 0
0 105ms
30ms Preflight 52.215.19.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipe-collect.ebu.io/v3/collect?s=dedw000000000047
Protocol: H2
Server: 52.215.19.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-19-227.eu-west-1.compute.amazonaws.com
Software: Python/3.9 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
server: Python/3.9 aiohttp/3.7.4.post0

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 MQ6cm06yQU+sdZphm7QZMg.json Show response
entitlements.jwplayer.com/ 70 B
246 B 52ms
8ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/MQ6cm06yQU+sdZphm7QZMg.json
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2C8) /
Resource Hash: 58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 07:05:59 GMT
server: ECAcc (frd/E2C8)
age: 12579
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=12900
accept-ranges: bytes
content-length: 75

GET
H2 200 close.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
924 B 10ms
10ms Image
image/svg+xml 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/close.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2ddb9d836a177c238be9b2808ac8fe356f3f838ac34c8625b05cf7219377e24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/close.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=574dd371-1ffa-65c9-79ed-0df5ddff4226; _pc_st=1634726137980; _pc_t=tracking_enabled; _pc_lr=1634726137982
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:38 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/close.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=95123
accept-ranges: bytes
content-length: 657

GET
H2 200 pause.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
926 B 10ms
10ms Image
image/svg+xml 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/pause.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

af40821acb69199682bfb93db61ad0f5ccf03da47cb272a4005a2c66506111b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/pause.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=574dd371-1ffa-65c9-79ed-0df5ddff4226; _pc_st=1634726137980; _pc_t=tracking_enabled; _pc_lr=1634726137982
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:38 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/pause.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=539548
accept-ranges: bytes
content-length: 658

GET
H2 200 rewind.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/rewind.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a2ed72b6d3aca711323a20fe6597ba24dbcf686d50dc0637e25eeca2d357f9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/rewind.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=574dd371-1ffa-65c9-79ed-0df5ddff4226; _pc_st=1634726137980; _pc_t=tracking_enabled; _pc_lr=1634726137982
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:38 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/rewind.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=92865
accept-ranges: bytes
content-length: 1052

GET
H2 200 volume-100.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/volume-100.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ca7286485a9dae12b7e6bb097a1d92709051492c554ad94c7f79fa2dba5eeb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/volume-100.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=574dd371-1ffa-65c9-79ed-0df5ddff4226; _pc_st=1634726137980; _pc_t=tracking_enabled; _pc_lr=1634726137982
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:38 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/volume-100.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=95074
accept-ranges: bytes
content-length: 874

GET
H2 200 fullscreen-on.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
957 B 9ms
9ms Image
image/svg+xml 2a02:26f0:6c00:1bd::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/fullscreen-on.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bd::2d63 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

264afb41c4f588ecf311eadd477ae782b0b2e3ead027ec1c26ea673997ac18b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/fullscreen-on.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=574dd371-1ffa-65c9-79ed-0df5ddff4226; _pc_st=1634726137980; _pc_t=tracking_enabled; _pc_lr=1634726137982
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 14:41:14 GMT
date: Wed, 20 Oct 2021 10:35:38 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/fullscreen-on.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=95182
accept-ranges: bytes
content-length: 684

GET
H/1.1 200
OK beng211003_001_insjulia_01i.jpg
tvdownloaddw-a.akamaihd.net/stills/images/vdt/2021/ 54 KB
54 KB 295ms
204ms Image
image/jpeg 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvdownloaddw-a.akamaihd.net/stills/images/vdt/2021/beng211003_001_insjulia_01i.jpg
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dbf7182fdcad2a2ffa1f0437c4189116faabbb86dc71c989118440f78dc3d684

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:38 GMT
Last-Modified: Sun, 03 Oct 2021 20:39:59 GMT
Server: nginx
ETag: "615a151f-d673"
Content-Type: image/jpeg
Cache-Control: max-age=30880268
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54899
Expires: Wed, 12 Oct 2022 20:26:46 GMT

GET html5
data.argosdata.io/ 0
0

GET
H/1.1 200
OK sonder20211003_PandoraPapersCORRECT_image_1024x576_3.jpg
tvdownloaddw-a.akamaihd.net/stills/images/sonder/ 46 KB
46 KB 128ms
37ms Image
image/jpeg 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvdownloaddw-a.akamaihd.net/stills/images/sonder/sonder20211003_PandoraPapersCORRECT_image_1024x576_3.jpg
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 825501098d8a79a2368d85a6d41867d882e5466a45c97139a71e270bf6c21561

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:38 GMT
Last-Modified: Sun, 03 Oct 2021 15:36:19 GMT
Server: nginx
ETag: "6159cdf3-b768"
Content-Type: image/jpeg
Cache-Control: max-age=30089004
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46952
Expires: Mon, 03 Oct 2022 16:39:02 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 33 KB
11 KB 564ms
528ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&idx=0&rand=28610&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=330&py=9582&vpd=8382&cw=720&settings=true&recs=true&version=2000476&sig=MiD02rHA&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5fc279084e063cdea24dbe0abdc6c61746ed239dae8475e6dcd007252eff5537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 167.82.174.20
x-cache-hits: 0, 0
x-traceid: 400c94dd11e74b72c97ba5bffddf0b54
content-encoding: gzip
content-length: 10594
x-served-by: cache-lga13620-LGA, cache-hhn4034-HHN
x-timer: S1634726138.245561,VS0,VE515
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 88ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 76ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
28 KB 615ms
614ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4404644136102338&correlator=2956839052663350&output=ldjh&impl=fifs&eid=31063194%2C31062221%2C31060888%2C31062526%2C31062931&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211020&iu_parts=228556409%2CDW_D_Articles_Leaderboard%2CDW_D_Articles_Square&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C200x200&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=URL%3D%252Fen%252Fpandorapapersworldleaderstonyblairke%26Language%3Den%26sp_case%3DX%26sp_day%3DWednesday%26thematicfocus%3D19990022%252C19990032&cookie_enabled=1&bc=31&abxe=1&lmt=1634726138&dt=1634726138231&dlt=1634726137280&idt=908&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=34759642%2C3945279944&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=453969464.1634726138&ga_sid=1634726138&ga_hid=1392386540&ga_fc=false&fws=132%2C132&ohw=980%2C1600&btvi=-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

64de332afcac3d5b8f343180c989707c2cb8b4b0a00c04cabd4bc86603416277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27876
x-xss-protection: 0
google-lineitem-id: 5799563886,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138365672052,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 69BA 6 KB
4 KB 92ms
24ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 10:35:38 GMT
expires: Thu, 20 Oct 2022 10:35:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
system.promio-connect.com/register/16401/default/assets/js/ Frame 483C 86 KB
30 KB 25ms
25ms Script
application/javascript 151.106.66.199
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://system.promio-connect.com/register/16401/default/assets/js/jquery-3.4.1.min.js
Requested by: Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.106.66.199 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: srv6199.mailer-service.de
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 09:41:59 GMT
Server: Apache
ETag: "15851-59d5844bab9a3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=899
Content-Length: 30677

GET
H/1.1 200
OK styles.css
system.promio-connect.com/register/16401/default/assets/css/ Frame 483C 17 KB
4 KB 49ms
16ms Stylesheet
text/css 151.106.66.199
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://system.promio-connect.com/register/16401/default/assets/css/styles.css
Requested by: Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.106.66.199 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: srv6199.mailer-service.de
Software: Apache /
Resource Hash: 6d468f2c3380854a62e207c1403da5f3c263a13a1d297c0726e36638e56b6e1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 08:54:57 GMT
Server: Apache
ETag: "4424-5bb7041c66738-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=898
Content-Length: 4107
Expires: Wed, 20 Oct 2021 11:35:38 GMT

GET
H/1.1 200
OK scripts.js Show response
system.promio-connect.com/register/16401/default/assets/js/ Frame 483C 6 KB
2 KB 65ms
15ms Script
application/javascript 151.106.66.199
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://system.promio-connect.com/register/16401/default/assets/js/scripts.js
Requested by: Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.106.66.199 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: srv6199.mailer-service.de
Software: Apache /
Resource Hash: 1b5c9268a630de4bf245c9735be9ca6050d6a7090618652c28a3143972d943d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 08:15:43 GMT
Server: Apache
ETag: "167e-5a6383c4c7341-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=897
Content-Length: 1389

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 483C 850 B
645 B 24ms
23ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

323918625ed889cc03e90584b2e4d6b680222ea1c2cd7572e1e2ea4ba7f993be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Wed, 20 Oct 2021 10:35:38 GMT

GET
H2 200 pym.v1.min.js Show response
pym.nprapps.org/ Frame 483C 9 KB
3 KB 8ms
8ms Script
application/javascript 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pym.nprapps.org/pym.v1.min.js
Requested by: Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/en/newsletter-form?initialWidth=700&childId=promio-pym-container&parentTitle=Pandora%20Papers%3A%20Secret%20tax%20havens%20of%20world%20leaders%2C%20celebrities%20revealed%20%7C%20World%20%7C%20Breaking%20news%20and%20perspectives%20from%20around%20the%20globe%20%7C%20DW%20%7C%2003.10.2021&parentUrl=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:11:43 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:23:08 GMT
server: AmazonS3
age: 55436
etag: "dfb7091815cbff12a30bfad66911926f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3
content-length: 2818
x-amz-cf-id: wypGt21JbyFK1PFOSm8s8UvotAcn2WGBrQHm5g5PE4Wozz6oq1CciQ==

GET
H2 200 css
fonts.googleapis.com/ Frame 483C 10 KB
2 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/assets/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f94aacf47637a0f0d939df3f8533e28a5048e5e87890bb9a081d564e037424a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:32:10 GMT
server: ESF
date: Wed, 20 Oct 2021 10:35:38 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 10:35:38 GMT

GET
H2 200 notonaskharabic.css
fonts.googleapis.com/earlyaccess/ Frame 483C 2 KB
455 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notonaskharabic.css

Requested by

Host: system.promio-connect.com
URL: https://system.promio-connect.com/register/16401/default/assets/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

336bc9acd2fa3b61fa837418864e37bb1fc2836de3cc9f2c8b7048bee0a28141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system.promio-connect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:42:56 GMT
server: ESF
date: Wed, 20 Oct 2021 10:35:38 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 10:35:38 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame 483C 343 KB
133 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76906cc7ea630184754d7a22bbf929abaf26d8f68da993d3c552efb353c57cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://system.promio-connect.com/
Origin: https://system.promio-connect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 08:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 136469
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 20 Oct 2022 08:11:58 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 483C 16 KB
16 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://system.promio-connect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:44:02 GMT
x-content-type-options: nosniff
age: 60696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Oct 2022 17:44:02 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 483C 16 KB
16 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://system.promio-connect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:44:02 GMT
x-content-type-options: nosniff
age: 60696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Oct 2022 17:44:02 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 8ms
7ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
last-modified: Wed, 06 Oct 2021 07:35:16 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1633514861.171153"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Fri, 19 Nov 2021 10:35:38 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 9ms
9ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
last-modified: Wed, 06 Oct 2021 07:35:16 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1633514840.382535"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 19 Nov 2021 10:35:38 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 362ms
92ms Fetch
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f846fc8b30c6a7e884c14b5fbfbcb876_37023_1634726138704&tm=940&eT=0&widgetWidth=700&widgetHeight=243&widgetX=330&widgetY=10097&wRV=2000476&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=571&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
X-TraceId: 4f3c149ad9f3a45e582ad87326af2632
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000476/module/ 56 KB
18 KB 12ms
12ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000476/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 27b09941b35ac66529f0911975b1b47b9ef34ae76193f5228c5f20d113665c74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 12:36:07 GMT
server: AkamaiNetStorage
etag: "585a1a6f540076b0f8ad940a34477d0d:1634563726.093117"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18521

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 25 KB
9 KB 177ms
170ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000476&apv=true&sig=MiD02rHA&format=html&rand=14797&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=Zjg0NmZjOGIzMGM2YTdlODg0YzE0YjVmYmZiY2I4NzY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&pcer=p%3DFypFuQq0okKkO1YypN97ICti_iaZk5LzWso7c-W39KQ%26c%3D21aa3c60%26v%3D3&dpr=1&cw=700
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000476/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d876cc3e60e2a3283a9a3378d3bdc8ad624b51dbf58523f6b49797708ec90afc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.38
x-cache-hits: 0, 0
x-traceid: dc34f643d6469b34367979c9b6034915
content-encoding: gzip
content-length: 8978
x-served-by: cache-lga21938-LGA, cache-hhn4034-HHN
x-timer: S1634726139.832249,VS0,VE164
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 42ms
42ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrTtgKaW0xHsrf5-RGYLZsTXGRAVKzXmAgqrG3twKCbNH5JYRdtRBBtygmTfNsWdxUerwIqj3xUS_yJk33KTc0W5r6xbzTc27HK90_ixDQxLANxDQl4-z5XLcQC4PgLB1yyS86ACGijo3GwxedQoCx0fU3X9c79W3jH7p1kiaVFWBCIvdCR_MFvbThwhJf5nV3mTKNHkvpDmLehlzfzcH1mOuIncGFbD1KmmNFnW99KEd3sqg9LTnZWLb3CLdN3cZtf9V06X2HB2hJ1GzgUEJMr1iitl8U_Auoa1LZdVqH_D8B2Nk-tYmqTuLIE39D_--9onKMjbmDdKllvLrV5pU&sai=AMfl-YS3_AfwFRsP-kwtJFcRWX6qkwcJRc9QawdRcdM9skodH8q3A5FqwJkP__8_yvmW3O37eX3qTau2HJwiV0rgnjVyuTcX20wiNzrYxsFL_YBuziiMxPCgShA2X_DuD5g&sig=Cg0ArKJSzJ8mLYQup_P-EAE&urlfix=1&adurl=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Oct 2021 10:35:38 GMT

GET
H2 200 index.js Show response
cdn.marphezis.com/cmpp/ 92 KB
93 KB 43ms
12ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.marphezis.com/cmpp/index.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: CloudStorage /
Resource Hash: fb6609e6ff90ab14c9a7496b648fe3d275445b317062e094502ebaf6777abe58

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 20 Oct 2021 10:35:38 GMT
age: 60400
x-agile-checksum: fb6609e6ff90ab14c9a7496b648fe3d275445b317062e094502ebaf6777abe58
x-agile-brick-id: 480527977
x-agile-request-id: a3f6edd1c4bdd7c092a2faf5648705a8, 1f167e0da376a2c669aa5f865d55cf4a
content-length: 94388
last-modified: Mon, 04 Oct 2021 17:48:07 GMT
server: CloudStorage
etag: "615b3e57-170b4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-agile-source: 185.178.53.186:1987
x-llid: 7d36319b8cda44d2a924cbc93e05bf9d
expires: Wed, 20 Oct 2021 17:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 122 KB
37 KB 329ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 10:35:39 GMT

GET
H2 200 wf Show response
compass-v2.deliverimp.com/ 25 KB
6 KB 339ms
102ms XHR
application/json 3.220.202.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://compass-v2.deliverimp.com/wf?tagId=31731&domain=dw.com&tdomain=www.dw.com&size=728x90&pu=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&aurl=www.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&uid=544214870&pubPlacement=&cb=1266205057
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.220.202.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-202-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 77fc466eb7bc3ae49a5b405639a9802f2fc7def00052e75517606cd441fbf341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000476/module/ 550 B
833 B 7ms
7ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000476/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 403cea8095f7c63dbad7fa344ee0077ff3ab8af037ea6c8ff9bebff740662015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
last-modified: Mon, 18 Oct 2021 12:36:07 GMT
server: AkamaiNetStorage
etag: "bf1dc0a082dfc25e069328057fe013c4:1634563721.837991"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 550

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 232ms
91ms Fetch
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=2a09bb477616fe0de40da131e797f0e2_37023_1634726138940&tm=1177&eT=0&wRV=2000476&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=196&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
X-TraceId: b113635ed79e42bdde9954cf5d4032f6
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 75ms
60ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNWBBfSPOS_0myb1zz5mj9Hn94-1bcc0gjq3DmWRqXr4itKvmTtKsOlZ_mftKJZZUG8pC_swJonEF1za_02C6WMEdmjrphe9O5zTKMI5VeISyHAbDnM1xNWJ7pyzh6bBhDseDVnXrcPg1Crmaq3nu5q7ZKwpakB454c4udpwpUvy5nNUoa720dNJeDVD66tt0StmHeo7-19WS3pUMknOdv2Uf5v9howno68E_aPpiA6Tfzxu4Ez3gHMN1pE2j5T8bRiEKprxiz-VXgeWSKBBWSmeMWP4uzJpO8Bsh3RTZtIUtRw90TV2OjbKo5RgayzF00Miw&sai=AMfl-YQv2fn4Fzm-_AMYm-I5-M3zvGyt4v1F0JwiXHKrjgcSIpRAXptfwRDNLRW8UXPpkyfmppSXxRdU-HihGLEYNYvuhmQaBUqiLK5Y3glFIJp57lS_pkvKfKyOk4WydxE&sig=Cg0ArKJSzBdck6QX0TMHEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Oct 2021 10:35:39 GMT

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9ccc0d6aae4327aaf65fc7e5d2d4750409e6bcfbe4182f936bfe3e30b01604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebid4.43.4.js Show response
cdn.marphezis.com/cmpp/ Frame 78F5 443 KB
444 KB 8ms
8ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: CloudStorage /
Resource Hash: 66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
age: 16593
x-agile-checksum: 66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8
x-agile-brick-id: 480526378
x-agile-request-id: 8182c18f8925edf275476a1782a09603, 97b59841999b16fa450f3e18b4807d05
content-length: 453931
last-modified: Tue, 14 Sep 2021 10:14:25 GMT
server: CloudStorage
etag: "61407601-6ed2b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-agile-source: 185.178.53.185:1987
x-llid: 8aa03c3c39e1fd48403a2d64b7fc56a2
expires: Thu, 21 Oct 2021 05:59:06 GMT

GET
H2 204 report
compass-events.deliverimp.com/ 0
44 B 326ms
96ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=adaptmx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=575894&entityId=1062&demandTag=YnJpZ2h0Y29tLmNvbQ&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&parentRequest=true&firstDemand=true&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1419935593&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 328ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=pubmaticsparc&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=575896&entityId=1053&demandTag=31731_DE_728x90_dw.com_dkt_DE_36786&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1999955654&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 328ms
99ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile%20bcm&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=575942&entityId=1066&demandTag=8a9690f3017c7c08339e094ca2ad0126%7C8a96956c017a7acf1586ddd4e89300cd&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1313928410&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 329ms
99ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=smartlimp&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=585271&entityId=1008&demandTag=465142%7C1471651&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=2081469577&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 329ms
100ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=586912&entityId=1012&demandTag=8a9694b50178788e10f29bb3e2fa0084%7C8a9695240177778171a9832be5ff00d9&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1334129402&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 334ms
105ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=openx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=587391&entityId=1015&demandTag=545708339%7C39dfba0efb&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=284000838&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 107ms
104ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=rubicon&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=587809&entityId=1017&demandTag=389024%7C2166504&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1643952764&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 175ms
172ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=pubmaticwhildey&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=588970&entityId=1056&demandTag=4071391&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=687662515&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 175ms
172ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexus&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=588998&entityId=1041&demandTag=22876953&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=436958885&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 176ms
173ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexusbrave&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=589000&entityId=1054&demandTag=22877033&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=10032740&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 177ms
174ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexustailwind&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=589006&entityId=1055&demandTag=22877081&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=891165790&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 177ms
174ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexusaudienciad&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=588999&entityId=1057&demandTag=22877172&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1207788516&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 178ms
175ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=smartsparc&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=590752&entityId=1009&demandTag=465545%7C1474662&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=904715917&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 178ms
175ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=sovrnlimpid&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=591441&entityId=1020&demandTag=969018&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1697328941&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 179ms
176ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=index%20latam&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=591456&entityId=1010&demandTag=729039&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=478869912&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 179ms
177ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=152medianew&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=596232&entityId=10041&demandTag=22959377&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1981793822&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 78F5 240 B
1 KB 77ms
77ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20416&site_id=389024&zone_id=2166504&size_id=2&rp_schain=1.0,1!onomagic.com,205441,1,,,&eid_pubcid.org=f6f56f55-489d-4554-bdc8-ad4ff4960ee4%5E1&rf=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&tk_flint=pbjs_lite_v4.43.4&x_source.tid=c80e2702-3b65-474e-a628-84ac15ccb661&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39860307824657637
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 981a57a87730e2551bbf340b6d36add99e542b08495a0db72042036b5f6130f3

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 78F5 94 B
739 B 126ms
58ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 5888b0e849d0f7a7211636f8079eecf94f7557fd758ad521ac7bca80435568ac

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78F5 144 B
1 KB 105ms
105ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

66ccc38eebb02ebf54db2807930d263d434177a733865c29a825b2cde42e8e50

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:39 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 09a6fb3a-1030-4d29-a7fc-085effa1ac95
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 78F5 0
57 B 251ms
204ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 78F5 0
374 B 312ms
107ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:39 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 7
vary: origin, Accept-Encoding

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 78F5 0
318 B 103ms
23ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dw.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78F5 145 B
1 KB 119ms
104ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9f720d646d63c468a4ae01e825de374f52f08d936ad58daf2d417b557fd2cbc5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:39 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c01d5955-b014-4041-b4eb-1abf15f6525a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 78F5 25 B
369 B 147ms
121ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=729039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22159426256257b45%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216801c7090405e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22729039%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 459d4dce97768ea5cc0d264c2389e222892c5ccde3267a2792555d2072f0ff3d

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.184], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.dw.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 43
x-ak-client-geo: 12
expires: Wed, 20 Oct 2021 10:35:39 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78F5 145 B
1 KB 111ms
97ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

666624da7003c0fe6411560cfe3fc499f7b8370854ca390d2e3cec0376784962

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:39 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8eb3f614-8b94-4c60-a1a2-ad87f563de05
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78F5 145 B
1 KB 155ms
141ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ad97a73bed7cd7445d81ef54574d6d9a912368338d5d155817174230098bb319

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:39 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4ee8f5ff-2bac-4e23-8e92-548fe3fe83a6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame 78F5 62 B
470 B 93ms
55ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96956c017a7acf1586ddd4e89300cd&pos=8a9690f3017c7c08339e094ca2ad0126&cmd=bid&secure=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: f3059173de349aa887cab229fe6901aa30507c542d014c5c69590b0f8d542d35

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:39 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 78F5 0
318 B 95ms
22ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dw.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78F5 144 B
1 KB 128ms
113ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a340b22ffe24f196605b0e3700c94ed12509a9cbe3588939a98b9946555447b3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:39 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9e8a0e60-85d8-41a2-af35-1009840421ef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 78F5 0
113 B 63ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame 78F5 5 KB
5 KB 126ms
90ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695240177778171a9832be5ff00d9&pos=8a9694b50178788e10f29bb3e2fa0084&cmd=bid&secure=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: cfd1277404eaf8953236dc1f463fcaf2e7290ec74ac3ab6c19c645320d936e32

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:39 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4762

GET
H2 200 arj Show response
brightcom-d.openx.net/w/1.0/ Frame 78F5 172 B
557 B 42ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcom-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c80e2702-3b65-474e-a628-84ac15ccb661&nocache=1634726139417&pubcid=f6f56f55-489d-4554-bdc8-ad4ff4960ee4&schain=1.0%2C1!brightcom.com%2C20544%2C1%2C%2C%2C&aus=728x90&divids=hb_if_1078936745&aucs=&auid=545708339&aumfs=50
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 216365c77deb14b330dc3f3ecab406f22ea82734c149f0d5a0e2bf2b9bf434af

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.dw.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FFCB 80 KB
27 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1019 / 971 of 1000 / last-modified: 1634725443"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:39 GMT

GET
H2 204 allbids
compass-allbids.deliverimp.com/ 0
44 B 303ms
98ms Image
text/plain 52.70.89.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-allbids.deliverimp.com/allbids?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=586912&entityId=1012&demandTag=8a9694b50178788e10f29bb3e2fa0084%7C8a9695240177778171a9832be5ff00d9&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&cpm=0.05289&winning=true&ttl=3600&adId=345f82396250ee6&auctionId=9aaa182a-3205-4727-b6d5-82cad2406f9a&floor=0.05&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1636420117&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.70.89.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-89-158.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 98ms
97ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=dfp%20latam&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=586909&entityId=127&demandTag=&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1126401192&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
server: awselb/2.0

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FFCB 361 KB
122 KB 17ms
17ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame FFCB 107 B
165 B 326ms
24ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dw.com

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFCB 107 B
165 B 327ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dw.com

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FFCB 17 KB
8 KB 189ms
189ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1348142839878403&correlator=2940148623057800&output=ldjh&impl=fif&eid=31060032%2C31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211020&iu_parts=78655843%2C31731_575891_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_bidder%3Donemobile%26hb_adid%3D345f82396250ee6%26hb_pb%3D0.05%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dpramac.com%26cmp_perm%3Donemobile_de_windows%26cmp_loop%3D0%26hb_bucket%3D0.05&eri=2&cookie=ID%3D196e84e50ced87f3-221137b3fbca0027%3AT%3D1634726138%3AS%3DALNI_MZSpf0Q-cXWYjekr-UxeHXd_mZ9ZA&cdm=www.dw.com&bc=31&abxe=1&lmt=1634726139&dt=1634726139866&dlt=1634726139324&idt=538&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=0&adys=0&adks=2096858425&ucis=g48awop90rlv&ifi=1&ifk=1576542817&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&top=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1625424312.1634726140&ga_sid=1634726140&ga_hid=1891497557&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

75729522280e9b44063f95578029a3c786af75f1125291d995a4413caf322a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8159
x-xss-protection: 0
google-lineitem-id: 5803158224
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138366034479
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC16 6 KB
3 KB 49ms
22ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 10:35:39 GMT
expires: Thu, 20 Oct 2022 10:35:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FFCB 0
0 46ms
46ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxQFD1yDxGXZ_X4FN0hYwDiuoyd4LfCUFJKGlVH3ujFBmgnIMyMcqq9jmsjeD_-GWBxUkvzoaKY9U6qMPAA5U2fPxqH9lun_CRMvtwCxrWTX8WFnXVOAOxPVIbdRPpKx16fRJOHrBzPGjiOP8QMTF1mrnAqQANuynNGpCTiNcJ2yAWPDZQMdvBnulAOiXxN_RAQVm7PnzpWObFw6QLfaguDyV1GM4QQQnDQYsU7auAOt0laNUUIpvo2cvPqNHosHi1IOyggp1fXvrC30Iz25QdB_u1wuB8IN-iGE6zk9kYQvjN5KkBdnRS&sig=Cg0ArKJSzKwDI8QqwPEyEAE&urlfix=1&adurl=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 prebid4.43.4.js Show response
cdn.marphezis.com/cmpp/ Frame FFCB 443 KB
444 KB 8ms
8ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: CloudStorage /
Resource Hash: 66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
age: 16594
x-agile-checksum: 66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8
x-agile-brick-id: 480526378
x-agile-request-id: 8182c18f8925edf275476a1782a09603, 97b59841999b16fa450f3e18b4807d05
content-length: 453931
last-modified: Tue, 14 Sep 2021 10:14:25 GMT
server: CloudStorage
etag: "61407601-6ed2b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-agile-source: 185.178.53.185:1987
x-llid: fc9f27ce9e017006de881a085f24bc9b
expires: Thu, 21 Oct 2021 05:59:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFCB 122 KB
37 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 98ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=adaptmx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=575893&entityId=1062&demandTag=YnJpZ2h0Y29tLmNvbQ&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&parentRequest=true&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1966387183&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 passback
compass-events.deliverimp.com/ 0
43 B 100ms
99ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/passback?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=adaptmx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=0&loop=0&compassInternalId=575894&entityId=1062&demandTag=YnJpZ2h0Y29tLmNvbQ&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575891&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1732916747&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 100ms
99ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=pubmaticsparc&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=575895&entityId=1053&demandTag=31731_DE_728x90_dw.com_dkt_DE_36786&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1658778336&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 100ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile%20bcm&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=575943&entityId=1066&demandTag=8a9690f3017c7c08339e094ca2ad0126%7C8a96956c017a7acf1586ddd4e89300cd&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=927037029&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 102ms
100ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=smartlimp&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=585272&entityId=1008&demandTag=465142%7C1471651&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=2106762063&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 103ms
100ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=586907&entityId=1012&demandTag=8a9694b50178788e10f29bb3e2fa0084%7C8a9695240177778171a9832be5ff00d9&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=494946734&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 103ms
100ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=openx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=587393&entityId=1015&demandTag=545708339%7C39dfba0efb&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1763638033&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 103ms
101ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=rubicon&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=587811&entityId=1017&demandTag=389024%7C2166504&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=24073707&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 103ms
101ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=pubmaticwhildey&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=588971&entityId=1056&demandTag=4071391&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=195763399&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 108ms
106ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexus&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=589002&entityId=1041&demandTag=22876953&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1912293365&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 108ms
106ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexusbrave&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=589001&entityId=1054&demandTag=22877033&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1765007909&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 108ms
106ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexustailwind&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=589003&entityId=1055&demandTag=22877081&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1962971610&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 108ms
106ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexusaudienciad&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=589004&entityId=1057&demandTag=22877172&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1666379261&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 108ms
107ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=smartsparc&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=590754&entityId=1009&demandTag=465545%7C1474662&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1833019381&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 113ms
112ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=sovrnlimpid&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=591442&entityId=1020&demandTag=969018&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1288445829&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 113ms
112ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=index%20latam&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=591457&entityId=1010&demandTag=729039&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=2075713715&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 113ms
113ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=152medianew&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=596233&entityId=10041&demandTag=22959377&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=423790428&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FFCB 144 B
1 KB 182ms
181ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e37a2c3e803cf3fa74ded1a6c0d61acdfc4ace3eb5a008d761bad04c6dec1515

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9e450372-5645-4bd3-813f-e2e43368f75c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame FFCB 5 KB
5 KB 89ms
89ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695240177778171a9832be5ff00d9&pos=8a9694b50178788e10f29bb3e2fa0084&cmd=bid&secure=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 8ad147850a9ebc9fd14b66c90afb0434a2e4735dacd552e45f4508eb20c8b155

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4774

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FFCB 13 KB
7 KB 174ms
174ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

29f9a9d5211bb7d91c38fadcccb6adb6b12e9a8e5ad2e3ac7c39fd73b4eafb79

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2344791c-1f22-434e-8eac-effc1d68f212
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FFCB 0
57 B 40ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FFCB 240 B
1 KB 84ms
84ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20416&site_id=389024&zone_id=2166504&size_id=2&rp_schain=1.0,1!onomagic.com,205441,1,,,&eid_pubcid.org=f6f56f55-489d-4554-bdc8-ad4ff4960ee4%5E1&rf=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&tk_flint=pbjs_lite_v4.43.4&x_source.tid=97829e1b-d69b-4246-80f2-8fe1d173e946&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7649250127977754
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 277673599eea6df5e08b14086f43c7c2d73593ab207d0c085bc7e2c4eac7dfe0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame FFCB 94 B
739 B 48ms
48ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: a7e857903cf6f1c85eafd5b342002ac9a2095e4ee9028bc0a50c28dd2418e087

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FFCB 0
318 B 21ms
21ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dw.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FFCB 145 B
1 KB 99ms
99ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

745c1952468c387b4e806fd00d1bc0b475729650b29eb9e4b03045d32acd5ae7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1251bd07-329b-4864-8123-b7d5460eac36
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FFCB 145 B
1 KB 200ms
200ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e0ed0681a90ff59687939f7c4bdeda8f5d85a67f1c32a839916670af101472cc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5866489c-fa45-4a71-b554-a48fd23b1f3f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame FFCB 25 B
371 B 72ms
71ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=729039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219c29b3788c6d4c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220590bfcad58a73%22%2C%22ext%22%3A%7B%22siteID%22%3A%22729039%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6162aa5fe63812d7f1fba2d61b4d84b0e10982fa205f2cbb7692bc9dbc397ea1

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.184], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.dw.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Wed, 20 Oct 2021 10:35:40 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FFCB 0
57 B 120ms
120ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
brightcom-d.openx.net/w/1.0/ Frame FFCB 172 B
356 B 18ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcom-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97829e1b-d69b-4246-80f2-8fe1d173e946&nocache=1634726140146&pubcid=f6f56f55-489d-4554-bdc8-ad4ff4960ee4&schain=1.0%2C1!brightcom.com%2C20544%2C1%2C%2C%2C&aus=728x90&divids=hb_if_341887644&aucs=&auid=545708339&aumfs=50
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: ad9f3e600942ea62777712059dbbcee4eec0848339b4d5212c4f6daf488ca7e2

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.dw.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame FFCB 0
140 B 114ms
113ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:40 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 16
vary: origin, Accept-Encoding

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame FFCB 62 B
470 B 66ms
65ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96956c017a7acf1586ddd4e89300cd&pos=8a9690f3017c7c08339e094ca2ad0126&cmd=bid&secure=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 836c11e39462315069d4f5c7aa596f426d5312f2ac21155c7eede9e3b698c658

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FFCB 0
318 B 23ms
22ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dw.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FFCB 145 B
1 KB 141ms
140ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

30b2e99d5b26be6706eb819a37c8e180ab0e59ec5c5759ecaa4dd9825414b19e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9cd29d59-7142-4613-94ed-b070d774644f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FFCB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c93ff765e3de73bc9280be34cd9fdb85c55d9fc639da20a67e7aa7d4be2974f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FFCB 11 KB
9 KB 88ms
35ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82c4f8c821c0e86fc78205feec2f1ae074b6bd40dc6a5acb2ea275840b583dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8525
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FFCB 0
0 42ms
42ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuo-EB8Xk5xuFfZU1hCVbm5zdR4JR1C26ritXf0_QvgtF-l9UpFD9xdzqo77hZwwDfU8mIpdz4bclgAiZo1GBSz2q4It8ZHg0NsgvKHEbRaD_7mJZXb9pX1N1Cjs5Dj1gnd6sIKpw9q8vijxs4bJqT_q9icZy7zwsZP1KZO7bAAsXnU934P4z33y2DhIGL2XcNMSjDKfHPF0Q2IEHsjhdums3KeflHMAKxLf4IdEOSsSpc6W86kqxmHivTXqY12_qLN48rQckuJfqRJtX_fYxjIr0e3OddiM7Ld75d6ZZREZbpQb-MNlNG-EAQ&sig=Cg0ArKJSzAi0CoamtUP3EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FFCB 17 KB
7 KB 117ms
79ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
174 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumilMcwwqZchgbdVeJZorJLThZwtZ1kiEtD102lPx6qD3sZekhjGmyV-yaIVDlsifE2bNM7jCkQ0XYZ4qp-xPH2s7OmXvxICjU0ciZZ_p7nFKrhwfU&sig=Cg0ArKJSzIEH-R1r7e-2EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=34759642&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634726137206&rpt=2080&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 542B 80 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1019 / 934 of 1000 / last-modified: 1634725443"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 204 allbids
compass-allbids.deliverimp.com/ 0
43 B 99ms
97ms Image
text/plain 52.70.89.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-allbids.deliverimp.com/allbids?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=586907&entityId=1012&demandTag=8a9694b50178788e10f29bb3e2fa0084%7C8a9695240177778171a9832be5ff00d9&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&cpm=0.038088&winning=true&ttl=3600&adId=34a977ea733ba89&auctionId=cc995ed6-ff39-4c86-97aa-e3d2650add2b&floor=0.05&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=103956192&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.70.89.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-89-158.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 allbids
compass-allbids.deliverimp.com/ 0
43 B 100ms
98ms Image
text/plain 52.70.89.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-allbids.deliverimp.com/allbids?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=152medianew&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=596233&entityId=10041&demandTag=22959377&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&cpm=0.0265472&winning=false&ttl=300&adId=356ac6b395a92e5&auctionId=cc995ed6-ff39-4c86-97aa-e3d2650add2b&floor=0.05&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=445040653&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.70.89.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-89-158.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 98ms
97ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=dfp&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=586908&entityId=110&demandTag=&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=567722618&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 542B 361 KB
122 KB 19ms
19ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C97C 12 KB
5 KB 308ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 20 Oct 2021 10:24:25 GMT
expires: Thu, 20 Oct 2022 10:24:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5D15 783 B
944 B 25ms
24ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

468e830c62e254d982ba0662d6b65826300a8f07aa5480753cc3e1d8e34c375c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cQNbXJz1I4P6LNuufKL2Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 20 Oct 2021 10:35:40 GMT
date: Wed, 20 Oct 2021 10:35:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cQNbXJz1I4P6LNuufKL2Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 542B 107 B
165 B 325ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dw.com

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 542B 107 B
165 B 33ms
33ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dw.com

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 542B 16 KB
8 KB 195ms
195ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1293125346522895&correlator=2685322156797680&output=ldjh&impl=fif&eid=31063213%2C31062525&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211020&iu_parts=76043757%3A228556409%2C31731_575892_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_bidder%3Donemobile%26hb_adid%3D34a977ea733ba89%26hb_pb%3D0.03%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dpramac.com%26cmp_perm%3Donemobile_de_windows%26cmp_loop%3D0%26hb_bucket%3D0.00&eri=2&cookie=ID%3D196e84e50ced87f3%3AT%3D1634726138%3AS%3DALNI_MYwghkP0vEVJ1B-Hci4aFoxMdWtiQ&cdm=www.dw.com&bc=31&abxe=1&lmt=1634726140&dt=1634726140468&dlt=1634726140087&idt=378&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=0&adys=0&adks=3835631701&ucis=2nm9fetotjgq&ifi=1&ifk=1576542817&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&top=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1531650173.1634726140&ga_sid=1634726140&ga_hid=113506484&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

b6a3a5d202fa351952986f89afba5e7ce474ea3007cc385f72cd392914eaf73a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8056
x-xss-protection: 0
google-lineitem-id: 5803158203
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138366034437
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C42 6 KB
3 KB 37ms
23ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 10:35:40 GMT
expires: Thu, 20 Oct 2022 10:35:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5D15 0
0 89ms
54ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=1348142839878403&rc=
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 542B 0
0 42ms
42ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTVRMB_tsiJAKrDMYY7mEeECJvU5Pq4qK4sZpkwlBLGPkrLGrT45s8oFHVHTLsDetATypIzCe2zDF_jF2vRLleefwty18t-JmIAby40wKg2H5LnwYP8gFIzaVAZfudo5cjx4A8qeBNgsNrXCTIMskHr-YCzxKKOb7k20XAE1QnnN9ed1xHYV-PlVSA9mEx2qaz0hvgJAbvnwiG8jp8xefPXySGGUC-wwpR4LgtwioGpJu7Nln9IVGHRYB6uboxCCgx62Ihi4M4gAMyWsGyMhSb1RV4tMxWbArcf6N8HAhmRsCygvBevkA&sig=Cg0ArKJSzKYv8GwgqHpHEAE&urlfix=1&adurl=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 prebid4.43.4.js Show response
cdn.marphezis.com/cmpp/ Frame 542B 443 KB
444 KB 8ms
7ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: CloudStorage /
Resource Hash: 66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
age: 16594
x-agile-checksum: 66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8
x-agile-brick-id: 480526378
x-agile-request-id: 8182c18f8925edf275476a1782a09603, 97b59841999b16fa450f3e18b4807d05
content-length: 453931
last-modified: Tue, 14 Sep 2021 10:14:25 GMT
server: CloudStorage
etag: "61407601-6ed2b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-agile-source: 185.178.53.185:1987
x-llid: cef58626943bfe49577f61ec462ff7f8
expires: Thu, 21 Oct 2021 05:59:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 542B 122 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 98ms
97ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=adaptmx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=575899&entityId=1062&demandTag=YnJpZ2h0Y29tLmNvbQ&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&parentRequest=true&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=477046258&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 passback
compass-events.deliverimp.com/ 0
43 B 99ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/passback?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=adaptmx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=1&loop=0&compassInternalId=575893&entityId=1062&demandTag=YnJpZ2h0Y29tLmNvbQ&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1000&parentInternalId=575892&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1595372046&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 99ms
97ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=pubmaticsparc&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=575898&entityId=1053&demandTag=31731_DE_728x90_dw.com_dkt_DE_36786&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1485226807&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 101ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile%20bcm&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=575944&entityId=1066&demandTag=8a9690f3017c7c08339e094ca2ad0126%7C8a96956c017a7acf1586ddd4e89300cd&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=279007534&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 101ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=smartlimp&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=585273&entityId=1008&demandTag=465142%7C1471651&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1156606233&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 101ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=586910&entityId=1012&demandTag=8a9694b50178788e10f29bb3e2fa0084%7C8a9695240177778171a9832be5ff00d9&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1648582763&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 101ms
98ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=openx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=587392&entityId=1015&demandTag=545708339%7C39dfba0efb&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=304543337&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 106ms
103ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=rubicon&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=587810&entityId=1017&demandTag=389024%7C2166504&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=2057150996&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 106ms
103ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=pubmaticwhildey&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=588972&entityId=1056&demandTag=4071391&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=303741941&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 106ms
103ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexus&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=589005&entityId=1041&demandTag=22876953&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=107996381&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 106ms
103ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexusbrave&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=589009&entityId=1054&demandTag=22877033&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=2087583695&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 106ms
103ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexustailwind&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=589007&entityId=1055&demandTag=22877081&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=789806761&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 106ms
103ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=appnexusaudienciad&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=589008&entityId=1057&demandTag=22877172&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=869967552&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 111ms
108ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=smartsparc&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=590753&entityId=1009&demandTag=465545%7C1474662&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1149686960&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 111ms
109ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=sovrnlimpid&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=591443&entityId=1020&demandTag=969018&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1598311503&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 111ms
109ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=index%20latam&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=591458&entityId=1010&demandTag=729039&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=99401276&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 111ms
109ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=152medianew&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=596234&entityId=10041&demandTag=22959377&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1351215123&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
server: awselb/2.0

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame C97C 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 10:16:59 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 542B 0
57 B 43ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
brightcom-d.openx.net/w/1.0/ Frame 542B 172 B
356 B 23ms
21ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcom-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f1870942-9421-45d7-85f1-5f2ff36fc5c6&nocache=1634726140763&pubcid=f6f56f55-489d-4554-bdc8-ad4ff4960ee4&schain=1.0%2C1!brightcom.com%2C20544%2C1%2C%2C%2C&aus=728x90&divids=hb_if_1156828414&aucs=&auid=545708339&aumfs=50
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 87c5f3f0c3e146c4445f34ca457ad9ba999b67382c093f360b1bb53e77fd91a6

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.dw.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame 542B 62 B
470 B 69ms
68ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96956c017a7acf1586ddd4e89300cd&pos=8a9690f3017c7c08339e094ca2ad0126&cmd=bid&secure=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 7dce1d6998e7beefbbf1b5192af933d4ad64de39a68f4b732a87d4698e383804

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 542B 144 B
1 KB 174ms
174ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ea582fa76b016f804e438e65e2d778547071e5654407771ec0387b5d9ec8020b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 97e256df-01ad-4743-95b7-d4702ece7135
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 542B 0
318 B 22ms
22ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dw.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 542B 0
318 B 24ms
23ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:40 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dw.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 542B 94 B
741 B 71ms
70ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 7f354252bf7fae9cd2a6b735b3bf4e55874eea6b64f7d582f6c28d559962c935

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 542B 145 B
1 KB 131ms
131ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3c871b83c791225148ce216bc87b82a3f480357b69c0f91a88618f17e1846237

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9eb1ef96-5a53-410b-b681-a2bf8b4886e6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 542B 145 B
1 KB 121ms
121ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4f959cdb499753edc913979b526b7648c35923f508af5a64109135f2b4d183f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f42bd682-2590-4f74-85f9-4e0d1736d8ba
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame 542B 5 KB
5 KB 84ms
84ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695240177778171a9832be5ff00d9&pos=8a9694b50178788e10f29bb3e2fa0084&cmd=bid&secure=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 1a84c60e2582d337c8bea1a18799beb94d44b36a3cffe6676d45a0d45f033a0e

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4774

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 542B 240 B
1 KB 96ms
96ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20416&site_id=389024&zone_id=2166504&size_id=2&rp_schain=1.0,1!onomagic.com,205441,1,,,&eid_pubcid.org=f6f56f55-489d-4554-bdc8-ad4ff4960ee4%5E1&rf=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&tk_flint=pbjs_lite_v4.43.4&x_source.tid=f1870942-9421-45d7-85f1-5f2ff36fc5c6&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24813813678170593
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a80140bea9769e8d21b4fa7de432bc0ec8c974e7360fdfb5c2cba71a13bf3380

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 542B 145 B
1 KB 101ms
101ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8b89aeb6e3aa5c2a5b3358eb6beef39650a84d4bb48b95c2d1a75ab13f986b97

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:40 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 154beff2-e512-4d0e-b068-7ac209b9f613
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 542B 25 B
371 B 94ms
94ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=729039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225e82e284087606%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226be8c99b7602f6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22729039%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f8a69f2ce2af50755d73d1991a6a0c6eef17d4f2abb0d223ac00f5fb6380c104

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.184], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.dw.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Wed, 20 Oct 2021 10:35:40 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 542B 0
57 B 17ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 542B 0
116 B 118ms
118ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Wed, 20 Oct 2021 10:35:40 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 20
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 542B 13 KB
7 KB 144ms
144ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e71ef2f83b82f57192673c0c1947f50c29fdae2e2769f6c97f8b6b8e17fe268f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 10:35:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f6058c30-2932-49f2-a1cd-b7b8964acf84
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 542B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b530360436e08e1676d90ffa4f4d4155ba2ea542f30ad225be1fd8d5b1385d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 542B 11 KB
8 KB 28ms
28ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec4040e0c0c7e5a12cf9519d368c068117713789a48888f37062c79bb0566338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8578
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 542B 0
0 42ms
42ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuD1lnrjchjHdRcVqNc5kW1fJf163DDL7kGPHLMmrsYWrDYohevq2WcJE1c-_8jKItxTJ1u4h4QLtQ3sgb5brpppk5hx9IsXo_9tVXgvmc8mu3HK1-uHDiopTrL8fSb7lCKSXCz9IZ2vb9_CU7JtKoxu_jce_W6CCmh4vhyFFug_2KSb975USnH3izOi9Yhp650leSf2msW3CwC4xbqFXKh9husg7caBb-KTA4JML0FFKMDiCWelK4RAK1CA_XN99zENsHBDArT_aHld_gkHd5M0wA3zGRPwWhjoc3lzGWorM-YQ8CLv5wNg&sig=Cg0ArKJSzLPj9uezPviXEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 542B 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 10:35:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BE5E 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 20 Oct 2021 10:24:25 GMT
expires: Thu, 20 Oct 2022 10:24:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66D7 783 B
739 B 23ms
23ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30c9e0b140f8d1337aaf29d940ad33a4f2094ec5ef66ace21215d66f1f1059cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wSEMUa+EA46XdqmKkPy1rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 20 Oct 2021 10:35:40 GMT
date: Wed, 20 Oct 2021 10:35:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-wSEMUa+EA46XdqmKkPy1rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D1E2 80 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1019 / 822 of 1000 / last-modified: 1634725443"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:41 GMT

GET
H2 204 allbids
compass-allbids.deliverimp.com/ 0
43 B 98ms
98ms Image
text/plain 52.70.89.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-allbids.deliverimp.com/allbids?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=onemobile&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=586910&entityId=1012&demandTag=8a9694b50178788e10f29bb3e2fa0084%7C8a9695240177778171a9832be5ff00d9&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&cpm=0.036184&winning=true&ttl=3600&adId=34bda381381f616&auctionId=0b240531-7248-49d6-a2cf-77f80ffa320d&floor=0.05&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1082744363&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.70.89.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-89-158.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
server: awselb/2.0

GET
H2 204 allbids
compass-allbids.deliverimp.com/ 0
43 B 99ms
99ms Image
text/plain 52.70.89.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-allbids.deliverimp.com/allbids?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=152medianew&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=596234&entityId=10041&demandTag=22959377&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&cpm=0.0265472&winning=false&ttl=300&adId=35f9a6bc7e33c3d&auctionId=0b240531-7248-49d6-a2cf-77f80ffa320d&floor=0.05&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1569950618&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.70.89.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-89-158.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
server: awselb/2.0

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 98ms
97ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=dfp%20latam&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=586911&entityId=127&demandTag=&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1744148469&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
server: awselb/2.0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66D7 0
0 50ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=1293125346522895&rc=
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame BE5E 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 10:16:59 GMT

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D1E2 361 KB
122 KB 20ms
19ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 10:35:41 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFCB 0
119 B 50ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=1348142839878403&bg=!ZGelZyPNAAao6lBpqOo7ACkAdvg8WtQQ5Uw0WqUdqgi5ZDKG2rJM8NhwIF6DEJsU7HdRl3aLT6CYWQIAAACUUgAAAAloAQeZAun6maz0F2soJ8JmD8SqeNjhzDIrf-KgKAzstpwB6qzSmmGYL4v_LUuZFHl-u_L97xzqgNZjk3qnWJYRnobiNqd-bu2-Ozdm4ArlM-PAKasG09-yUylIQIFtOd2ZfJcMp27l7n-jR-6M9nzYA_euZgcJfITymUx4bFt0ljwxOKAgMDMeBv-LMDRs2FN-VtX_EWksfjVfPJAw91sLMpysiVL9VNvHjiLrhDtLF23noUJGKJ9zHemOqWJhYGQ3HXr3qhcEV2aUCuwP0L6nFegOlSi1pZakAZDTCO6mO6uZfPHsBHpotiOFynIS5A0ASCysdbT0zRpUz_mY713PrXLhZyVkP1oYotypY1uIlyN0Jf8mY1GS6USwvAthYir5ZcjLVdKl-K4YlkDxZNtN3BeHXWpnVXHsjB6a6YRP4_wEHKl5R28Qk8aZy4ILssodbkRfBO7MAaZf8IRtx7c1zKkuGE-vYnbUh2_3col_NiqLxOCxfa9YZn6KSZqQBqFJgXj08qcT3RVI2ulPWLn8CgztC6iZRLpLp0Wku_kirtnaVR9rXTst7obYkSqHXCTA74ZrIvYraM6br0hnMLbYrTZkXcG5ktBiXBBQTUeYI_GSmZcdCP3S08ygaNr51XhpT2zIE1wUvfeQ-JW7jR_iC8l2ThNTmQ4tFkR9CEQvJ3-sb8wqMD9nlSaBwsfCKhvvgvw0oIFWk8cpt2vgaB2bPZG8-_FWdCSRjJNB8zJHVnAWxWu9kls0pQHd7Iw5VO1QwxM5N7D1CEkRDN4TyOfOSB19vvNAeNkS4eUEAyNMsIjOIOkq5JtgClNgy1JTUdn2ciYThKiHwtxFNqpP2fO6drCZloz29NVt3HNetdtCc1P6iJMi5nJTZqFif6TzwQ8W6yffh_tzpICEFnraQgmbz51tfKWMZNtnEkL5NnhqOlWCzcgBtwhzxsdINK3hU7BIgnUdJPDFXWrL9iwta5rDbXPwbMQNg6gVWaMCKjiu

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D1E2 107 B
165 B 23ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dw.com

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D1E2 107 B
165 B 22ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dw.com

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D1E2 17 KB
8 KB 180ms
180ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2271912176857124&correlator=766390540323101&output=ldjh&impl=fif&eid=31062525&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211020&iu_parts=78655843%2C31731_575897_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_bidder%3Donemobile%26hb_adid%3D34bda381381f616%26hb_pb%3D0.03%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dpramac.com%26cmp_perm%3Donemobile_de_windows%26cmp_loop%3D0%26hb_bucket%3D0.00&eri=2&cookie=ID%3D196e84e50ced87f3%3AT%3D1634726138%3AS%3DALNI_MYwghkP0vEVJ1B-Hci4aFoxMdWtiQ&cdm=www.dw.com&bc=31&abxe=1&lmt=1634726141&dt=1634726141056&dlt=1634726140725&idt=332&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=0&adys=0&adks=527916263&ucis=urmnoirg1bp5&ifi=1&ifk=1576542817&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=5&url=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&top=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1596516152.1634726141&ga_sid=1634726141&ga_hid=2005716623&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

b7cd76f324b33e031bf109bcd3dffca724b691af57a245abc007abaa88f6d706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8110
x-xss-protection: 0
google-lineitem-id: 5803158230
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138366012749
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F33B 6 KB
3 KB 37ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 10:35:41 GMT
expires: Thu, 20 Oct 2022 10:35:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 542B 0
56 B 50ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=1293125346522895&bg=!wMOlw4fNAAao6lBpqOo7ACkAdvg8WuZqRFniTa5Ojw8hrgJ03-aIJtDfuwexU6w2klVlrmdVbnSAzQIAAACjUgAAAAloAQcKAGMVVHEqCAclCreQ92EHBsODDtjZutUuigjpqyYqs0ijaJ-VOqweCTg7woEgbuw6Mn9ALQpvokZt7gqV7jh_8V8kfBfzx9rD9eeLfQIhCsRj_SVBtG7LIgEzzWlaTt4aCWSB3HKZAxlnyXFEWdWZgGSy9mpk5Ic0k7-ycMbI054KCy_bqIMzkP992_MDfFbNo7qO2ikmYkHQXjfHW16NPxwrPwgwlqdVOHeLxmaI3R1qvfoMuB19SCS0AHPXBEJBaR6b1Jk4i-65hu6dmwolFgGpP3xgRpQNkEcc35XTn0e7WLNNywUQjk2f82nErfGfl3JUzrXtaQGqu3STC9yJhR5VruHA_eFCVGK9GvWrQhdVpZG9-hXc209ng-TVzZ3rGe6E0bFob2XcSikK0VxZRUYVnOjfGIlV7b7hDI54NV4PGLqa33bL7cVpaEiwq03f8sl-7AT_rj4Cf8tNyrWdKmuGMYvpOrp47NViRDoTlQLn6AZfpF02DEwKQSvIe1SlRfwTWNnyIcEW2CmXq_dPcMpE2bw8uEGnZTytV5C8F7bIpv4qDIuaVVlbBKxU_0af7C3bRbjuIFG_RlXCe4iq197AtucGS9G2MohdoH89dg1WoyNk-qHzwKkcKcZAm8c8hZZoovF5OVqDggdcqjRtz-16zw_aZYYkO9MCAjmAmHFPFOZSEfO3-QUyhs_XZAaLHjA-La9bB6CBPNLvvsQ-m6sUxK5P7gO42n8mOFbtp5HrlLliTM-Re6eKgH4qNXsPdJbou8Kf7umdc16msplgIVOlfib6pyiRQzMM_UrohfSIzv5pToAPB6u6Tdw--EdnY8EUNbUoyP7rqGfrPu_HULmBoVLDeZNg39R0nUYFNmGDL9XYkffvOuPMInAV7hp6EuQULOLwVvUxPARglV5b6IK4A0qIFQlfL_I0D9l3-5JvrL0GL-pA4y2uuUzW6sRxS3CcW4KYepEOaCsM2Pxm0HmkdnFR-bNjVMKDwLJlbBDjnNI3g3zD9XbwHdbEzefP-0BUVcIQhdSghm66sMDrmB_lmyZlvlpDAdpU2Nq2o49y6EPPh80GyqkSZCnE5iN3oxtt8CVqt-R0GHWRV_a3aMpXd1EVX8AVfshbBuD7AX_CRLUOkdpDw99zL6BpFgJx3aH2iE2DtHW3tEZFKkLRDvwLuAT7gl4_806-wIjKqYc0

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFCB 42 B
108 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4bnW9yUnuaxxgdejC4YDUKTy8TT7YEVwG0_9Chzqav-woEQM633QMKHLL8SedgMfwlrJTqLZSwEqKuuw81cFW3r44hFLlLTppKBqAahCh0LZBlEnx&sig=Cg0ArKJSzArpc45S_Tx8EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2096858425&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634726139323&rpt=882&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D1E2 0
0 56ms
56ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVTSwYl8HBDCE20fzQ9RZhw9qBLgwgtfKbTvzEQcy9Gm0jAeDakWHQGY4moEvo3hHV1s8yc9HKzK31YrQEHcwWr5GhtFrbnyj4Mz8GKLgRBIdDeVcOA4VwvSi7gc3YIHq5mWotl7h3SDdGSDEMjyFnC57MGSxDtPtSiYssnY1O9nXNjSf2jOjE7jbWXk9YHVUKBoSta3Jh7H3E_vffu34JBWxpdju8FOFbZqVg9xTUcqHZ8I9oAFeybxG0LMvNAoOoVXCecaqJtyfk3Md_CC-tvI-kAY3QlgqmyJ3VzZZh8xyCDaRBQwU&sig=Cg0ArKJSzKCFpz0LZhxAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1E2 122 KB
37 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 10:35:41 GMT

GET
H2 204 report
compass-events.deliverimp.com/ 0
43 B 98ms
97ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/report?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=wf%20filler&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=3&loop=0&compassInternalId=575858&entityId=996&demandTag=&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=996&parentInternalId=575858&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&parentRequest=true&viewability_perc=n%2Fa&viewability_time=0&viewability_io=n%2Fa&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=1382792143&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
server: awselb/2.0

GET
H2 204 passback
compass-events.deliverimp.com/ 0
43 B 101ms
101ms Image
text/plain 3.85.70.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compass-events.deliverimp.com/passback?publisherId=20544&tagId=31731&size=728x90&domain=www.dw.com&tdomain=dw.com&demand=adaptmx&section=en%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&wfId=36786&level=2&loop=0&compassInternalId=575899&entityId=1062&demandTag=YnJpZ2h0Y29tLmNvbQ&country=de&os=windows&device=pc&browser=chrome&targetingId=36692&parentId=1001&parentInternalId=575897&impId=31731-728-90-kuzdqhjk090g4q6aa7j0&paymentType=CPM&pubPlacement=&page=https%3A%2F%2Fwww.dw.com%2Fen%2Fpandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks%2Fa-59376192&cb=447334494&version=4.4.65
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.85.70.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-70-67.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
server: awselb/2.0

GET
H2 200 perspective_728x90.jpg
cdn.marphezis.com/banners/ Frame D1E2 58 KB
59 KB 9ms
9ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marphezis.com/banners/perspective_728x90.jpg
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: CloudStorage /
Resource Hash: 3e79f161e9c050b63f3a596caaa90f509c39928ebd15ff907dec7ad1df4a1cdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
age: 333884
x-agile-checksum: 3e79f161e9c050b63f3a596caaa90f509c39928ebd15ff907dec7ad1df4a1cdc
x-agile-brick-id: 480526259
x-agile-request-id: 07175091290a60cff4f7bd87b6b932f2, aaf2e8f7f3e5bee44bf4918b76f41555, 2527645ed1371476bb99f13c4357d69a
content-length: 59844
last-modified: Tue, 31 Aug 2021 14:58:53 GMT
server: CloudStorage
etag: "612e43ad-e9c4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
x-agile-source: 178.79.224.65:1987
x-llid: f52db4fbbe67a52b76670b2ac5d77054
expires: Sat, 23 Oct 2021 13:50:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D1E2 0
0 43ms
42ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuncSkgOhuZDjwwYuxSENs4TELxK55oRaJd5EZli_kZCLbMgSIM-NOQ7bIaOMODpnfVn_-xG5vdO_pXxKPe1MjYxjzkajMOBweLi4GVG3-Ec51mMR2hpkWtkGSrgLIvluPuVlN8cKvkBjnurfyfanIUma8zRxRUIJa_geEJTgF3h-tKkSPDqxKgF3ioDJZ3BDnEPvAHu-ifn0uVWPazzhqih58AJ4QlMIyAAaDkcK3irj7-Eo3qelgK_ptrg-XZvK0CDBgmD9nsMkJI9yCNxq0UT3ddV2srEHpH4x5bwRJ7p2-LVO0FbmnllA&sig=Cg0ArKJSzLfp0IRjMouqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Oct 2021 10:35:41 GMT

GET
DATA 200
OK truncated
/ Frame D1E2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269ba0d914c60bf4142a1d5a19dfacd719c71c75d84eeebc9a0c45bae54b045e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D1E2 11 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106c02a0950852cdddb511be0b30261191680f6d72c3cb908cd45ebd634505db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8537
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D1E2 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 10:35:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B8B3 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 20 Oct 2021 10:24:25 GMT
expires: Thu, 20 Oct 2022 10:24:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 462F 783 B
763 B 32ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a9277beddaaa31a8eb347ee3249c0c0400a2a358f653515a855635e1be789ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A8USXTkAjche1KIJTlMquA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 20 Oct 2021 10:35:41 GMT
date: Wed, 20 Oct 2021 10:35:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-A8USXTkAjche1KIJTlMquA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame B8B3 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 10:16:59 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 462F 0
0 55ms
54ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2271912176857124&rc=
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1E2 0
56 B 49ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2271912176857124&bg=!p6SlpODNAAao6lBpqOo7ACkAdvg8WrHaifDojIY0VPzYnr7eaZ6yV2hJSYrf4sVzsaNjf9y7PHFtgwIAAACEUgAAAApoAQeZAxKgerMujmPfXYSIn2Ye7_iYN-x-6cWuJwtUhfC1PK2fI1S4CB7Eqt6-ub2jpmDinzSSLauw96uwO-1CWvgVWG8Dk-_CyWpSuXuIGBRBozQgkPf_FfEjoOzBGvu6TQAYp4I5as2Nx7hNuvNTQAameF1ToKvfO_To2VYfafQLUv_psTzha9bVeO6jmpgjSVt_molrcqfNDB37VkjWbW4beoPThpSJMj5B2Hg4DUYtVgYvCGKpxES-p96X5I6L2uu7pG3U00N3t1zFzRwES_QnGA6e1XVDiffhtz-yMbTtgDM0jsYIgn5rgDbFoe2xwtu0TLlnHHHl5TFMVvxs-IC-b5fyu597P5I_fKb8Or19lr02FLoSF08ecBtnfGCqmmPKU-hE4K2_MV9dCq-8iSY3Ms7v6znbxVrUPit371OH8Jbq6a3ddMZPODaKcNE_BBvf7NT4BOszzBo2Lb3hmWt5pbYerN2zZVqA50PAuPRS5spE42aWGKVbK6W7DmfvvX5A-alaRhnaI0XjRtIDudHz0ahaAmmzITIfNroCE3A3J_Kniz2OjoEdC2Eypj2oLz1LEXHplfueGatsZ32MDpQ-oqEVJiM8vLV_8Pzm-5LhglB8KzSqx_QRBbh-zYeRRcZV119zzVv0dTVx3r7cZDadphbFp-OtIW6fAWoE0xTIlMxpoOlON-biooLs1xE28zyMreDIbBKNx2LsoEwW43cV58OoPr9UuLIu0XB0F5lkI-WTh4cHqppOAaEmkXijCJD_6X77rcG2LBv3EV04OvH7SbaLAhCoAfjuVL6CPe0lhuOX-lwokUqr41i0m6YBRe8LoPkk6zTrhmN1PG0piG94NCwant5qTF7-P7yec2AyzBNXsHPN5zXbrPIGXNzJTcU6ajGlKMY4uURGdFNKyiAJRQGLBd_mD3FVNFoiqPIYBiftJpcBWDqJcE4NFcrC0OS0bjj9nyz38cQHFoU4fl3sLqK-Mj2lQY3gctgcTgfuTQYlnJHm_RxxIRtQCHsDG4PfzYGCfbK_lJxs3T2zPBghoHMSqgs

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 542B 42 B
108 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJw865huyJRdTFB6mxZAN6aADAEquh_IFG881VpVDI5wcdwEWbOYc0_8WQ0aJokZ_kgq5TdXK4xeOK33EtqDTsNgZ41pYZGyF7N34zQy6a7mZWcAbv&sig=Cg0ArKJSzGB_bf4mjpc-EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3835631701&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634726140087&rpt=758&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1E2 42 B
108 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXj7AZ5gWL6G1TbogWGkZ9LPWCy1c-BcpJLLSBXXG6ZyHSei2_bIWGCepy_Un7yxSPOr9VcazaQYWvYwJTcrt0mT2Pgqu8kff29hJ_zDWN8RKJQt_-&sig=Cg0ArKJSzLGIMOv_vN3YEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=527916263&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634726140725&rpt=632&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 443F 281 B
554 B 44ms
9ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=KUZDQGSC-1X-4VDR; rsid=1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f; audit=1|naVuGyos1qrbhjjrEXmZYAlE2IyiwyordnwCfVF8zn5D56xbDKRtwerrDslADDRjSTgtVFMv227ggJ3pD4CYm0foFfkPyU4c0A+VO7RH1E0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 10:35:42 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame A190 0
0 29ms
29ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13419622
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: nginx
Date: Wed, 20 Oct 2021 10:35:42 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 9994 668 B
730 B 24ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: a2a9e1296c1dcd5f59f4043dbd2bc4c85c9e11cde78d18d1b816d9a71a9b22bc

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
cookie: i=f6f56f55-489d-4554-bdc8-ad4ff4960ee4|1634726139
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=f6f56f55-489d-4554-bdc8-ad4ff4960ee4|1634726139; Version=1; Expires=Thu, 20-Oct-2022 10:35:42 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634726142|gekin0vNiygu; Version=1; Expires=Thu, 04-Nov-2021 10:35:42 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.217.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Oct 2021 10:35:42 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame D0A5 2 KB
1 KB 36ms
8ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 20 Oct 2021 10:35:42 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E49D 52 KB
17 KB 38ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3219152490918884758; icu=ChgInM9XEAoYASABKAEw-eG_iwY4AUABSAEKGAig9nsQChgBIAEoATD84b-LBjgBQAFIAQoYCKT2exAKGAEgASgBMPzhv4sGOAFAAUgBChgIqPZ7EAoYASABKAEw--G_iwY4AUABSAEQ_OG_iwYYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 20 Oct 2021 10:35:42 GMT
Age: 19731
X-Served-By: cache-lga21949-LGA, cache-hhn4079-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 400896
X-Timer: S1634726143.815926,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 9994
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 20 Oct 2021 10:35:42 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 10:35:41 GMT

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 9994 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 9994
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6112475634651975236

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6112475634651975236
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6112475634651975236
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 9994 70 B
265 B 103ms
33ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=2559500c-e11a-7aa3-e71e-65a790b13d19&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9994 170 B
523 B 44ms
17ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDkzNjgzYzYtMjg2ZC0yNDA3LWYyZmUtM2YxZTVhNTNmMzc5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9994
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMrX3zXdkJSGnWoHVMlS9DY&google_cver=1

43 B
122 B

23ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMrX3zXdkJSGnWoHVMlS9DY&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMrX3zXdkJSGnWoHVMlS9DY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 9155
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

18ms
18ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fcae36ba6eaeffd584c219cb5829337f2f945c2c385e6ed5b406c56bb8e8d4c0

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA; CMPS=5206
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|40|239|5|65
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1642
Expires: Wed, 20 Oct 2021 10:35:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:42 GMT
Connection: keep-alive
Set-Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:42 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:42 GMT CMPRO=1156;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:42 GMT CMST=YW-w-mFv8P4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Oct 2021 10:35:42 GMT CMRUM3=2d616ff0fe05a0&f1616ff0fe05a0&27616ff0fe0b40&28616ff0fe05a00&41616ff0fe05a0&ef616ff0fe05a0&05616ff0fe05a0&e6616ff0fe2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:42 GMT

Redirect headers

Server: Apache
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 20 Oct 2021 10:35:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:42 GMT
Connection: keep-alive
Set-Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:42 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:42 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E49D 0
733 B 7ms
7ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:42 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 453d4c33-1640-407c-b36a-9fbf5ea5ea2f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 443F 31 KB
9 KB 11ms
11ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 65f27dddbe99e4f806e8596f921ff8e7c347646aafa2b6b627cbca4d293b378b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52157
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Thu, 21 Oct 2021 01:04:59 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9155
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&dcc=t

43 B
645 B

102ms
101ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BR963J9FVP9VG9GZ9XN8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 78YJVEAXRD8K7VC4SD0R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9155
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECSHtJVHse_zARbgUOPgvvQ&google_cver=1

43 B
315 B

15ms
15ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECSHtJVHse_zARbgUOPgvvQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:42 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECSHtJVHse_zARbgUOPgvvQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9155
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YW-w-tGnc.u52GQu-mx7mgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHSYn3G5ZA8-1K3hPosed_Y&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

17ms
17ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHSYn3G5ZA8-1K3hPosed_Y&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:42 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHSYn3G5ZA8-1K3hPosed_Y&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9155 70 B
264 B 37ms
35ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 9155 43 B
727 B 121ms
36ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YW-w-tGnc.u52GQu-mx7mgAA%261156&gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1634726142997014-383
Expires: Wed, 20 Oct 2021 10:35:43 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 9155 0
0 74ms
27ms Image
text/html 2606:4700:3039::6815:c094
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c094 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 9155
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634812542&gdpr=1

43 B
315 B

45ms
12ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634812542&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:43 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634812542&gdpr=1
pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9155 43 B
424 B 8ms
7ms Image
image/gif 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YW-w-tGnc.u52GQu-mx7mgAA%261156
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:42 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=690
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:47:12 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 4E35
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

99ms
99ms

Document
text/html

52.45.237.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.237.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-237-203.compute-1.amazonaws.com
Software: /
Resource Hash: 081486958fa981fed9eba519a181dd8f56038b9ed11ae09c17e0d505653ea4f8

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
cookie: EQUser=UID=aa275c99-e718-4004-806d-e219cb279544
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Wed, 20 Oct 2021 10:35:43 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Wed, 20 Oct 2021 10:35:43 GMT
pragma: no-cache

Redirect headers

date: Wed, 20 Oct 2021 10:35:43 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=aa275c99-e718-4004-806d-e219cb279544; Path=/; Domain=eqads.com; Expires=Thu, 20 Jan 2022 10:35:43 GMT; Secure; SameSite=None

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 443F
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZDQGSC-1X-4VDR&sigv=1&esig=2~518a7bdf20c45de20abb97cb48be0c9ed14d2ade

0
445 B

29ms
8ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZDQGSC-1X-4VDR&sigv=1&esig=2~518a7bdf20c45de20abb97cb48be0c9ed14d2ade

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZDQGSC-1X-4VDR&sigv=1&esig=2~518a7bdf20c45de20abb97cb48be0c9ed14d2ade
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 443F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2IwMDE5ODFkNTBiNGJkYzk1YzdlMDExZTRkZjI4ZTk0NTY0YTM3OQ

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2IwMDE5ODFkNTBiNGJkYzk1YzdlMDExZTRkZjI4ZTk0NTY0YTM3OQ

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2IwMDE5ODFkNTBiNGJkYzk1YzdlMDExZTRkZjI4ZTk0NTY0YTM3OQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 443F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIngH-9tPyvu1FjzHrW9veg&google_cver=1

0
239 B

73ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIngH-9tPyvu1FjzHrW9veg&google_cver=1
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIngH-9tPyvu1FjzHrW9veg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 443F 70 B
264 B 32ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 443F 0
0 34ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 443F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&expires=28

0
239 B

69ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&expires=28
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

Date: Wed, 20 Oct 2021 10:35:42 GMT
Server: MT3 4033 f73cd20 master cdg-pixel-x1 config:1.0.1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 10:35:41 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 443F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/JplSWT2JpIMewWPuSbwkKsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8547631874180429792

0
239 B

10ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8547631874180429792
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Wed, 20 Oct 2021 10:35:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8547631874180429792
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 443F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YW-w-wAAAFcQhgAT
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW-w-wAAAFcQhgAT&_test=YW-w-wAAAFcQhgAT

0
239 B

8ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW-w-wAAAFcQhgAT&_test=YW-w-wAAAFcQhgAT
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/pandorapapersworldleaderstonyblairkenyattashakirasachintendulkartaxhavensleaks/a-59376192
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634726143.115512,VS0,VE0
x-served-by: cache-hhn4034-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW-w-wAAAFcQhgAT&_test=YW-w-wAAAFcQhgAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 4E35 43 B
1 KB 15ms
15ms Image
image/gif 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=aa275c99-e718-4004-806d-e219cb279544&expiration=1642674943
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:43 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 24DF 542 B
655 B 19ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 1b05cc070aad9dad76222c80efe59029a8a115e81e814e4f1dcdbbc6d6c53335

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
cookie: i=f6f56f55-489d-4554-bdc8-ad4ff4960ee4|1634726139; pd=v2|1634726142|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=f6f56f55-489d-4554-bdc8-ad4ff4960ee4|1634726139; Version=1; Expires=Thu, 20-Oct-2022 10:35:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634726142.1|kiiygevNgun0.gqsLommOnsgi; Version=1; Expires=Thu, 04-Nov-2021 10:35:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.217.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Oct 2021 10:35:43 GMT
content-type: text/html
content-length: 339
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 645A 52 KB
17 KB 11ms
10ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3219152490918884758; icu=ChgInM9XEAoYASABKAEw-eG_iwY4AUABSAEKGAig9nsQChgBIAEoATD84b-LBjgBQAFIAQoYCKT2exAKGAEgASgBMPzhv4sGOAFAAUgBChgIqPZ7EAoYASABKAEw--G_iwY4AUABSAEQ_OG_iwYYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 20 Oct 2021 10:35:43 GMT
Age: 19731
X-Served-By: cache-lga21949-LGA, cache-hhn4079-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 400918
X-Timer: S1634726143.411249,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 152C 281 B
554 B 14ms
10ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=KUZDQGSC-1X-4VDR; rsid=1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f; audit=1|naVuGyos1qrbhjjrEXmZYAlE2IyiwyordnwCfVF8zn5D56xbDKRtwerrDslADDRjSTgtVFMv227ggJ3pD4CYm0foFfkPyU4c0A+VO7RH1E0=; pux=1512%3D103450%262249%3D103450%262307%3D103450%262974%3D103450%263778%3D103450%26brx%3D103450%262249-DV360-Hosted%3D103450%26idl%3D103450%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 10:35:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame B7A4 0
0 32ms
28ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13419622
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: nginx
Date: Wed, 20 Oct 2021 10:35:43 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7E44 2 KB
1 KB 21ms
19ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 20 Oct 2021 10:35:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 645A 0
733 B 9ms
8ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4a5ba248-030d-4d4f-826a-3e95d8e709f2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

dds
rtb.openx.net/sync/ Frame 24DF
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-g_aMEicw40BaikQQ6gHow==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

17ms
16ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: 4g9j305n6qsma62o8392gin6vvgu37ev

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b19e3648-71b6-e8ea-d6c9-73526fe6f050
pr-bh.ybp.yahoo.com/sync/openx/ Frame 24DF 43 B
871 B 38ms
37ms Image
image/gif 2a05:d018:d29:3602:aed6:5140:ccda:f0b0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/b19e3648-71b6-e8ea-d6c9-73526fe6f050?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:aed6:5140:ccda:f0b0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 24DF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Ias4G2gR1MD8WH5

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Ias4G2gR1MD8WH5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-065a2c0959abd3492@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Ias4G2gR1MD8WH5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 24DF
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=8ece5112-4a5f-482a-b53f-5fc20a52d929
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=8ece5112-4a5f-482a-b53f-5fc20a52d929
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f9f64e76-8ffc-42f1-9148-1ffda83f5dab&user_group=1&ssp=openx&bsw_param=8ece5112-4a5f-482a-b53f-5fc20a52d929
https://us-u.openx.net/w/1.0/sd?id=537072968&val=8ece5112-4a5f-482a-b53f-5fc20a52d929

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=8ece5112-4a5f-482a-b53f-5fc20a52d929
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=8ece5112-4a5f-482a-b53f-5fc20a52d929
Date: Wed, 20 Oct 2021 10:35:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 24DF
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3219152490918884758

43 B
106 B

18ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3219152490918884758
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1a0cf64e-b7fa-467c-9813-1719e75b1a88
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3219152490918884758
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 24DF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGTXhFN0MzLUlBQURmMjRZVEN4UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMxE7C3-IAADf24YTCxQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFMxE7C3-IAADf24YTCxQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFMxE7C3-IAADf24YTCxQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFMxE7C3-IAADf24YTCxQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

84ms
21ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFMxE7C3-IAADf24YTCxQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:44 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFMxE7C3-IAADf24YTCxQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 152C 31 KB
9 KB 11ms
10ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 65f27dddbe99e4f806e8596f921ff8e7c347646aafa2b6b627cbca4d293b378b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52156
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Thu, 21 Oct 2021 01:04:59 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame E5A8 1 KB
3 KB 23ms
22ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dc20f732756cc442f2a9444f90d3a07dd0086379f30fb0b25f39806696783d06

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA; CMPS=5206; CMPRO=1156; CMST=YW-w-mFv8P8A; CMRUM3=05616ff0fe05a0&e6616ff0fe2760&ef616ff0fe05a0&41616ff0fe05a0&27616ff0fe0b40&28616ff0ff2760aa275c99-e718-4004-806d-e219cb279544&2d616ff0fe2760CAESEHSYn3G5ZA8-1K3hPosed_Y&f1616ff0fe05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|46|3|4|51|57|218|188
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1437
Expires: Wed, 20 Oct 2021 10:35:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Connection: keep-alive
Set-Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:43 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:43 GMT CMPRO=1156;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:43 GMT CMRUM3=39616ff0ff05a0&04616ff0ff05a0&27616ff0fe0b40&28616ff0ff2760aa275c99-e718-4004-806d-e219cb279544&33616ff0ff05a0&05616ff0fe05a0&49616ff0ff05a0&03616ff0ff05a0&f1616ff0fe05a0&2d616ff0fe2760CAESEHSYn3G5ZA8-1K3hPosed_Y&41616ff0fe05a0&da616ff0ff2760&bc616ff0ff05a00&e6616ff0fe2760&2e616ff0ff05a0&ef616ff0fe05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:43 GMT

GET
H2 200 YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E5A8 43 B
871 B 42ms
35ms Image
image/gif 2a05:d018:d29:3602:aed6:5140:ccda:f0b0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:aed6:5140:ccda:f0b0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame E5A8 0
0 32ms
10ms Image
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E5A8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&gdpr=1&gdpr_consent=

43 B
1 KB

25ms
25ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:43 GMT

Redirect headers

Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 10:35:42 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E5A8
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3883367226904300381

43 B
1 KB

28ms
14ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3883367226904300381
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:43 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3883367226904300381
pragma: no-cache
date: Wed, 20 Oct 2021 10:35:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E5A8 43 B
220 B 22ms
9ms Image
image/gif 18.194.90.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.90.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-90-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E5A8
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718546645417

43 B
1 KB

21ms
21ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718546645417
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:43 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718546645417
Date: Wed, 20 Oct 2021 10:35:43 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YW-w-tGnc.u52GQu-mx7mgAA%261156
dpm.demdex.net/ Frame E5A8 0
0 124ms
28ms Image
application/json 18.200.233.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YW-w-tGnc.u52GQu-mx7mgAA%261156?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.233.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-233-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame E5A8 0
88 B 405ms
98ms Image
text/plain 54.205.198.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.198.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-198-41.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame E5A8 43 B
424 B 11ms
7ms Image
image/gif 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YW-w-tGnc.u52GQu-mx7mgAA%261156
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:43 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=689
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:47:12 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E49D 0
733 B 7ms
7ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:43 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c84b8170-45f6-437a-af65-8de95095e8ec
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9072 52 KB
17 KB 10ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3219152490918884758; icu=ChgInM9XEAoYASABKAEw-eG_iwY4AUABSAEKGAig9nsQChgBIAEoATD84b-LBjgBQAFIAQoYCKT2exAKGAEgASgBMPzhv4sGOAFAAUgBChgIqPZ7EAoYASABKAEw--G_iwY4AUABSAEQ_OG_iwYYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 20 Oct 2021 10:35:44 GMT
Age: 19732
X-Served-By: cache-lga21949-LGA, cache-hhn4079-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 400927
X-Timer: S1634726144.007013,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 1833 587 B
712 B 19ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 7c953212ee2fdce1b0c9593262922d6cc41d6adc91af499db2ff2fc992ffed37

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
cookie: i=f6f56f55-489d-4554-bdc8-ad4ff4960ee4|1634726139; pd=v2|1634726142.1|kiiygevNgun0.gqsLommOnsgi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=f6f56f55-489d-4554-bdc8-ad4ff4960ee4|1634726139; Version=1; Expires=Thu, 20-Oct-2022 10:35:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634726142.1.1|kiiygevNgun0.gqsLommOnsgi.j8mWfcsHqGiS; Version=1; Expires=Thu, 04-Nov-2021 10:35:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.217.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Oct 2021 10:35:44 GMT
content-type: text/html
content-length: 384
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3351 2 KB
1 KB 8ms
8ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 20 Oct 2021 10:35:44 GMT
Connection: keep-alive

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 371B 0
0 30ms
29ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13419622
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: nginx
Date: Wed, 20 Oct 2021 10:35:44 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 179C 281 B
554 B 7ms
7ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.marphezis.com
URL: https://cdn.marphezis.com/cmpp/prebid4.43.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dw.com/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=KUZDQGSC-1X-4VDR; rsid=1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f; audit=1|naVuGyos1qrbhjjrEXmZYAlE2IyiwyordnwCfVF8zn5D56xbDKRtwerrDslADDRjSTgtVFMv227ggJ3pD4CYm0foFfkPyU4c0A+VO7RH1E0=; pux=1512%3D103450%262249%3D103450%262307%3D103450%262974%3D103450%263778%3D103450%26brx%3D103450%262249-DV360-Hosted%3D103450%26idl%3D103450%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dw.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 10:35:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9072 0
733 B 9ms
8ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:44 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8c74d950-f214-47a0-b46f-19f531ab5db8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 8C81 2 KB
3 KB 19ms
18ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 70226b36e6ff6dc012d03043d76823c20dd876040a5b15199eeac96aad830ddd

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA; CMPS=5206; CMPRO=1156; CMST=YW-w-mFv8P8A; CMRUM3=33616ff0ff05a0&05616ff0fe05a0&49616ff0ff05a0&39616ff0ff05a0&28616ff0ff2760aa275c99-e718-4004-806d-e219cb279544&27616ff0fe0b40&04616ff0ff27603883367226904300381&bc616ff0ff05a00&41616ff0fe05a0&da616ff0ff2760&2e616ff0ff05a0&e6616ff0fe2760&ef616ff0fe05a0&03616ff0ff2760d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&2d616ff0fe2760CAESEHSYn3G5ZA8-1K3hPosed_Y&f1616ff0fe05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 206|130|88|81|31|39|195|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1629
Expires: Wed, 20 Oct 2021 10:35:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:44 GMT
Connection: keep-alive
Set-Cookie: CMID=YW-w-tGnc.u52GQu-mx7mgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:44 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:44 GMT CMPRO=1156;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 10:35:44 GMT CMST=YW-w-mFv8QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Oct 2021 10:35:44 GMT CMRUM3=39616ff0ff05a0&04616ff0ff27603883367226904300381&27616ff1000b40&82616ff100a8c0&28616ff0ff2760aa275c99-e718-4004-806d-e219cb279544&33616ff0ff05a0&ce616ff10005a0&05616ff0fe05a0&c3616ff10005a00&49616ff0ff05a0&6f616ff10005a0&03616ff0ff2760d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&f1616ff0fe05a0&2d616ff0fe2760CAESEHSYn3G5ZA8-1K3hPosed_Y&1f616ff10005a00&41616ff0fe05a0&da616ff0ff2760&bc616ff0ff05a00&e6616ff0fe2760&2e616ff0ff05a0&51616ff10005a0&58616ff10005a0&ef616ff0fe05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 10:35:44 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 179C 31 KB
9 KB 10ms
9ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 65f27dddbe99e4f806e8596f921ff8e7c347646aafa2b6b627cbca4d293b378b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52155
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Thu, 21 Oct 2021 01:04:59 GMT

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame 1833 0
103 B 25ms
14ms Image
text/plain 2a02:fa8:8806:13::1400
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Sweden, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1833
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=

43 B
106 B

20ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 ox
match.justpremium.com/match/ Frame 1833 43 B
323 B 40ms
8ms Image
image/gif 18.193.97.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/ox?ex_uid=6fd89efc-b6ab-40c9-b500-e39191c47e23
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.97.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-97-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:35:44 GMT
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1833
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW-w-wAAAFcQhgAT

43 B
106 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW-w-wAAAFcQhgAT
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634726144.057290,VS0,VE0
x-served-by: cache-hhn4034-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW-w-wAAAFcQhgAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1833
Redirect Chain

https://green.erne.co/openx/cm
https://pixel.onaudience.com/?mapped=e0fdp6heMSx2tX5NJ0dzXrY7&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4d553a6208b59afc4561288e0f77f9a9&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3De0fdp6heMSx2tX5NJ0dzXrY7
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=e0fdp6heMSx2tX5NJ0dzXrY7

43 B
106 B

19ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=e0fdp6heMSx2tX5NJ0dzXrY7
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=e0fdp6heMSx2tX5NJ0dzXrY7
date: Wed, 20 Oct 2021 10:35:44 GMT
server: openresty
strict-transport-security: max-age=0; includeSubDomains;
content-type: text/html; charset=UTF-8

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1833
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3883367226904300381&gdpr=1&gdpr_consent=&us_privacy=

43 B
106 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3883367226904300381&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=10db4b48-9601-4bd8-b7c5-d3e1fc7a558a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3883367226904300381&gdpr=1&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 20 Oct 2021 10:35:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 8C81 0
234 B 35ms
11ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YW_w_tGnc-u52GQu_mx7mgAABIQAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8C81
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFMxE7C3-IAADf24YTCxQ&expiration=1635935744&gdpr=1

43 B
1 KB

15ms
15ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFMxE7C3-IAADf24YTCxQ&expiration=1635935744&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:44 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFMxE7C3-IAADf24YTCxQ&expiration=1635935744&gdpr=1
Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 8C81 85 B
236 B 105ms
102ms Image
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634726144.094420,VS0,VE90
x-served-by: cache-hhn4034-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 8C81 0
0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 8C81
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6880125441633412732&uid=Q6880125441633412732&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

18ms
18ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8C81 70 B
264 B 34ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8C81
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ecc7643c-ba9e-4c2d-a52d-d24651bb5e5c

43 B
1 KB

17ms
16ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ecc7643c-ba9e-4c2d-a52d-d24651bb5e5c
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:35:44 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ecc7643c-ba9e-4c2d-a52d-d24651bb5e5c
date: Wed, 20 Oct 2021 10:35:44 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 8C81 0
330 B 22ms
21ms Image
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 10:35:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8C81 43 B
424 B 7ms
7ms Image
image/gif 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YW-w-tGnc.u52GQu-mx7mgAA%261156
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dw.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 10:35:44 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=688
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 10:47:12 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 645A 0
733 B 10ms
9ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:44 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 992f009c-da45-4d6f-b4e7-1b07f650a8f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9072 0
733 B 17ms
16ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 10:35:45 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d412fd8f-8191-4083-a9be-790451f6f6f3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: data.argosdata.io
URL: https://data.argosdata.io/html5?x=%7B%22bid%22%3A%22c372e28e-5d4a-2343-195d-bad43d59b95b%22%2C%22ri%22%3A0%2C%22t%22%3A0%2C%22e%22%3A%5B%7B%22t%22%3A0%2C%22et%22%3A%22ArgosHTML5%3A%20The%20provided%20argosMediaUrl%20is%20not%20valid%20or%20missing.%22%2C%22s%22%3A3%7D%5D%2C%22it%22%3A1634726138099%2C%22pk%22%3A%22RCcM3VVwGK%22%2C%22alv%22%3A%221.0.2%22%2C%22s%22%3A%22%22%2C%22mt%22%3A%22Pandora%20Papers%20point%20the%20finger%20at%20world%20leaders%3A%20Journalist%20Julia%20Wallace%20speaks%20to%20DW%22%7D

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dw.com/	1970-02-17 11:34:04	Name: ga-disable-UA-109618266-1 Value: true
www.dw.com/	1970-01-20 02:27:30	Name: atidvisitor Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
.xiti.com/	1970-01-20 07:35:40	Name: atid Value: 9D56D8E8-F381-4EB2-99AD-8B0DCE054D13
.dw.com/	1970-01-20 02:27:30	Name: atidvisitor Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
.adnxs.com/	1970-01-20 00:15:02	Name: uuid2 Value: 3219152490918884758
.dw.com/	1970-01-30 08:15:21	Name: _pc_c Value: 574dd371-1ffa-65c9-79ed-0df5ddff4226
.dw.com/	1969-12-31 23:59:59	Name: _pc_st Value: 1634726137980
.dw.com/	1970-01-30 08:15:21	Name: _pc_t Value: tracking_enabled
.dw.com/	1969-12-31 23:59:59	Name: _pc_lr Value: 1634726137982
.rubiconproject.com/	1970-01-20 06:51:02	Name: khaos Value: KUZDQGSC-1X-4VDR
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.doubleclick.net/	1970-01-20 07:27:02	Name: IDE Value: AHWqTUkNzWbPn4CnpCf2U7j-Zmyiyj7FW9sQsmlKXTbBPY93_T8xKtiwTDN2Hn_4h00
www.dw.com/	1970-01-19 22:48:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
.dw.com/	1970-01-20 02:24:38	Name: _pubcid Value: f6f56f55-489d-4554-bdc8-ad4ff4960ee4
.openx.net/	1970-01-20 06:51:02	Name: i Value: f6f56f55-489d-4554-bdc8-ad4ff4960ee4\|1634726139
.a-mo.net/	1970-01-20 06:51:02	Name: amuid2 Value: 8b12797a-91ec-493d-a0a0-78748bd5308a
.dw.com/	1970-01-20 07:27:02	Name: __gads Value: ID=196e84e50ced87f3:T=1634726138:S=ALNI_MYwghkP0vEVJ1B-Hci4aFoxMdWtiQ
.rubiconproject.com/	1970-01-20 06:51:02	Name: audit Value: 1\|naVuGyos1qrbhjjrEXmZYAlE2IyiwyordnwCfVF8zn5D56xbDKRtwerrDslADDRjSTgtVFMv227ggJ3pD4CYm0foFfkPyU4c0A+VO7RH1E0=
prebid.a-mo.net/	1970-01-20 06:51:02	Name: __amc Value: 3_1634726139_1634726140
.adnxs.com/	1970-01-20 00:15:02	Name: icu Value: ChgInM9XEAoYASABKAEw-eG_iwY4AUABSAEKGAig9nsQChgBIAEoATD84b-LBjgBQAFIAQoYCKT2exAKGAEgASgBMPzhv4sGOAFAAUgBChgIqPZ7EAoYASABKAEw--G_iwY4AUABSAEQ_OG_iwYYAw..
eus.rubiconproject.com/	1970-01-20 00:15:02	Name: pux Value: 1512%3D103450%262249%3D103450%262307%3D103450%262974%3D103450%263778%3D103450%26brx%3D103450%262249-DV360-Hosted%3D103450%26idl%3D103450%26
.casalemedia.com/	1970-01-20 06:51:02	Name: CMID Value: YW-w-tGnc.u52GQu-mx7mgAA
.casalemedia.com/	1970-01-20 00:15:02	Name: CMPS Value: 5206
.mathtag.com/	1970-01-20 07:31:21	Name: uuid Value: d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2
.adform.net/	1970-01-19 22:50:04	Name: C Value: 1
.casalemedia.com/	1970-01-20 00:15:02	Name: CMPRO Value: 1156
.adform.net/	1970-01-19 23:31:50	Name: uid Value: 6112475634651975236
.mathtag.com/	1970-01-19 22:48:38	Name: mt_mop Value: 9:1634726142
ads.stickyadstv.com/	1970-01-19 22:48:38	Name: UID Value: aa4b804e6b4815e84aaf3a49285b5e6c
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 6c798ea8bcfe94a0542f48a3cae71afd
ads.stickyadstv.com/	1970-01-19 22:48:38	Name: uid-bp-34673 Value: YW-w-tGnc.u52GQu-mx7mgAA&1156
.everesttech.net/	1970-01-20 06:51:02	Name: everest_g_v2 Value: g_surferid~YW-w-wAAAFcQhgAT
.yahoo.com/	1970-01-20 06:51:23	Name: A3 Value: d=AQABBP_wb2ECEM6lSOUXrUKlMTAFuu0vDVUFEgEBAQFCcWF5YQAAAAAA_SMAAA&S=AQAAAvl6HaR13hT9tfoUmPie3QA
.eqads.com/	1970-01-20 00:17:54	Name: EQUser Value: UID=aa275c99-e718-4004-806d-e219cb279544
.w55c.net/	1970-01-20 07:35:40	Name: wfivefivec Value: Ias4G2gR1MD8WH5
.bidswitch.net/	1970-01-20 06:51:02	Name: tuuid Value: 8ece5112-4a5f-482a-b53f-5fc20a52d929
.bidswitch.net/	1970-01-20 06:51:02	Name: c Value: 1634726143
.bidswitch.net/	1970-01-20 06:51:02	Name: tuuid_lu Value: 1634726143
.w55c.net/	1970-01-19 22:48:38	Name: matchopenx Value: 5
.rfihub.com/	1970-01-20 07:27:02	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDA1MTMzMTUxNBfiM9TVNXcKicrXLXHODcyQ4jU0MzYxNzIzNDE2MzQGADcj5Dg0AAAA
.rfihub.com/	1970-01-20 07:27:02	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmxibmRmaGIMxABhMuScEAAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDA1MTMzMTUxNBfiM9TVNXcKicrXLXHODcwAANSqv8olAAAA
.turn.com/	1970-01-20 02:24:38	Name: uid Value: 3883367226904300381
.bidr.io/	1970-01-20 07:33:59	Name: bito Value: AAFMxE7C3-IAADf24YTCxQ
.bidr.io/	1970-01-20 07:33:59	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-19 22:48:38	Name: KRTBCOOKIE_699 Value: 22727-AAFMxE7C3-IAADf24YTCxQ
.pubmatic.com/	1970-01-19 22:48:38	Name: PugT Value: 1634726142
.pubmatic.com/	1970-01-20 00:15:02	Name: PUBMDCID Value: 3
.openx.net/	1970-01-19 22:27:02	Name: pd Value: v2\|1634726142.1.1\|kiiygevNgun0.gqsLommOnsgi.j8mWfcsHqGiS
.casalemedia.com/	1970-01-19 22:06:52	Name: CMST Value: YW-w-mFv8QAA
.justpremium.com/	1970-01-19 22:50:04	Name: jpxumaster Value: um-3307573c-3744-4c02-8d21-be7503309762-1634726144
.justpremium.com/	1970-01-19 22:05:36	Name: jpxumatched Value: ox
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 17186d83fcf96eee
.erne.co/	1970-01-20 06:51:02	Name: u Value: e0fdp6heMSx2tX5NJ0dzXrY7
.onaudience.com/	1970-01-20 06:51:02	Name: cookie Value: 772fd18d11586cab
.onaudience.com/	1970-01-19 22:06:52	Name: done_redirects104 Value: 1
pool.admedo.com/	1970-01-20 06:51:02	Name: tuuid Value: f9f64e76-8ffc-42f1-9148-1ffda83f5dab
pool.admedo.com/	1970-01-20 06:51:02	Name: c Value: 1634726144
pool.admedo.com/	1970-01-20 06:51:02	Name: tuuid_lu Value: 1634726144
.crwdcntrl.net/	1970-01-20 04:34:12	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:34:12	Name: _cc_id Value: 4d553a6208b59afc4561288e0f77f9a9
.crwdcntrl.net/	1970-01-20 04:34:14	Name: _cc_cc Value: "ACZ4XmNQMEkxNTVONDMysEgytUxMSzYxNTM0srBINUgzN0%2BzTLRkAILE%2FI8gCgYASD8KVg%3D%3D"
.crwdcntrl.net/	1970-01-20 04:34:14	Name: _cc_aud Value: "ABR4XmNgYGBIzP8IJGEAABZPAcI%3D"
.casalemedia.com/	1970-01-20 06:51:02	Name: CMRUM3 Value: bc616ff0ff05a00&41616ff0fe05a0&da616ff0ff2760&2e616ff0ff05a0&e6616ff0fe2760&ef616ff0fe05a0&58616ff10005a0&51616ff10005a0&6f616ff10005a0&03616ff0ff2760d2f9616f-f0fe-4500-8cc7-1ba2ad432ca2&2d616ff0fe2760CAESEHSYn3G5ZA8-1K3hPosed_Y&f1616ff0fe05a0&1f616ff10005a00&ce616ff10005a0&33616ff0ff05a0&05616ff0fe05a0&c3616ff1002760av-ecc7643c-ba9e-4c2d-a52d-d24651bb5e5c&49616ff0ff05a0&39616ff0ff05a0&82616ff1002760AAFMxE7C3-IAADf24YTCxQ&27616ff1000b40&28616ff0ff2760aa275c99-e718-4004-806d-e219cb279544&04616ff0ff27603883367226904300381
.owneriq.net/	1970-01-20 15:36:38	Name: si Value: Q6880125441633412732
.owneriq.net/	1970-01-19 22:19:50	Name: p2 Value: cc

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.marphezis.com/cmpp/index.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.marphezis.com/cmpp/index.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

319747088b66a0f513f9f5b58d677230.safeframe.googlesyndication.com
54af078b32e113f2ba9aa5982346c71d.safeframe.googlesyndication.com
600dc34bc99f8861a646806f3feaa4f9.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
bh.contextweb.com
brightcom-d.openx.net
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.marphezis.com
cm.g.doubleclick.net
code.jquery.com
commons.dw.com
compass-allbids.deliverimp.com
compass-events.deliverimp.com
compass-v2.deliverimp.com
data.argosdata.io
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
entitlements.jwplayer.com
eu-u.openx.net
eus.rubiconproject.com
f94ee8268cd01204a51bad6555097979.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
js-sec.indexww.com
log.outbrainimg.com
logs1242.xiti.com
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
mcdp-nydc1.outbrain.com
mv.outbrain.com
nep.advangelists.com
odb.outbrain.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
peach-static.ebu.io
pipe-collect.ebu.io
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
player.h-cdn.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
px.owneriq.net
pym.nprapps.org
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.dw.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
system.promio-connect.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tvdownloaddw-a.akamaihd.net
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.dw.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
data.argosdata.io
pixel.quantserve.com
104.111.242.53
104.111.250.147
142.250.186.66
146.59.148.16
147.75.38.124
151.101.114.132
151.101.130.133
151.101.130.49
151.101.193.108
151.106.66.199
152.199.22.243
178.79.242.16
18.156.0.31
18.156.195.47
18.193.97.64
18.194.90.146
18.200.233.208
18.66.112.43
184.30.25.193
185.29.134.244
185.64.189.110
185.64.189.112
185.86.137.133
185.86.137.32
193.0.160.129
198.148.27.140
2.16.186.10
2.18.234.233
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
216.52.2.19
216.58.212.130
23.218.208.246
23.218.209.87
23.23.65.200
23.37.38.181
23.37.42.132
2600:9000:225e:1a00:1:a3fa:7cc0:93a1
2602:803:c003:200::41
2606:4700:3039::6815:c094
2606:4700::6810:5914
2a00:1288:80:800::7001
2a00:1450:4001:800::2004
2a00:1450:4001:801::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a02:26f0:6c00:1bd::2d63
2a02:fa8:8806:13::1400
2a04:4e42:600::626
2a05:d018:d29:3602:aed6:5140:ccda:f0b0
3.120.29.221
3.120.57.46
3.127.122.125
3.220.202.22
3.85.70.67
35.186.253.211
35.210.53.219
35.244.159.8
35.244.174.68
37.157.2.237
37.252.172.38
52.215.19.227
52.222.210.175
52.222.214.37
52.30.140.199
52.45.237.203
52.46.133.124
52.49.53.128
52.70.89.158
54.205.198.41
64.202.112.191
66.155.71.150
69.173.144.138
69.173.144.139
76.223.111.131
87.98.228.78
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081486958fa981fed9eba519a181dd8f56038b9ed11ae09c17e0d505653ea4f8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba5d8c544986c5c569299825c32c3d455721e7d6a988efb7b6a7cb85f2b958e
106c02a0950852cdddb511be0b30261191680f6d72c3cb908cd45ebd634505db
1446a5433914376b48019aeb64c17df122a5c7c173bde258fac8a6522177b048
170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f
1a84c60e2582d337c8bea1a18799beb94d44b36a3cffe6676d45a0d45f033a0e
1b05cc070aad9dad76222c80efe59029a8a115e81e814e4f1dcdbbc6d6c53335
1b2f6d846e2a99e9172f8adb66e9a745546a14827859a489ecbeab8c0e2bdb34
1b5c9268a630de4bf245c9735be9ca6050d6a7090618652c28a3143972d943d4
216365c77deb14b330dc3f3ecab406f22ea82734c149f0d5a0e2bf2b9bf434af
264afb41c4f588ecf311eadd477ae782b0b2e3ead027ec1c26ea673997ac18b3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269ba0d914c60bf4142a1d5a19dfacd719c71c75d84eeebc9a0c45bae54b045e
277673599eea6df5e08b14086f43c7c2d73593ab207d0c085bc7e2c4eac7dfe0
27b09941b35ac66529f0911975b1b47b9ef34ae76193f5228c5f20d113665c74
29f9a9d5211bb7d91c38fadcccb6adb6b12e9a8e5ad2e3ac7c39fd73b4eafb79
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ddb9d836a177c238be9b2808ac8fe356f3f838ac34c8625b05cf7219377e24a
2f94aacf47637a0f0d939df3f8533e28a5048e5e87890bb9a081d564e037424a
30b2e99d5b26be6706eb819a37c8e180ab0e59ec5c5759ecaa4dd9825414b19e
30c9e0b140f8d1337aaf29d940ad33a4f2094ec5ef66ace21215d66f1f1059cd
323918625ed889cc03e90584b2e4d6b680222ea1c2cd7572e1e2ea4ba7f993be
336bc9acd2fa3b61fa837418864e37bb1fc2836de3cc9f2c8b7048bee0a28141
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
3943a0fd4592088686323d6bd7acf8b23ec8799330a2e821eee41b938352e428
3a0ed83fa87627f79c564eaa0757c056ac3323b610baeea75a97b33cc5dbc935
3af323aa9c3ac5ad07b2b377fa96396553b1fe5758eac1d3ee9bae9cb04d9c1c
3bb42e4feb8a4c753c72eb00bde6c4ad8462bd14cf50fc032ccdef87f1a0ba05
3c871b83c791225148ce216bc87b82a3f480357b69c0f91a88618f17e1846237
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e79f161e9c050b63f3a596caaa90f509c39928ebd15ff907dec7ad1df4a1cdc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403cea8095f7c63dbad7fa344ee0077ff3ab8af037ea6c8ff9bebff740662015
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
4274f6d73039833b37a64aefae69559c3a1fac95460b2464f5ac2c3c0c669955
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459d4dce97768ea5cc0d264c2389e222892c5ccde3267a2792555d2072f0ff3d
468273c5b8f10144d997793d71d58f784ea32b462040b933977f70e8d78ab064
468e830c62e254d982ba0662d6b65826300a8f07aa5480753cc3e1d8e34c375c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ab757a8dcbda823248d1a0e11c40c6e10d0c077f4ba107eaf84c2f144b4761
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b530360436e08e1676d90ffa4f4d4155ba2ea542f30ad225be1fd8d5b1385d3
4bb0e6b538b7615fd2cf56d7b5c04523fc0e3581284fee9ae5156b8f255e11f8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f959cdb499753edc913979b526b7648c35923f508af5a64109135f2b4d183f8
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5305f48cf9ac97787eb4e81c828daf5e005f11953beec1c651c67f05583e8402
53a799ce5505ccfe5a0872989a681b09c23f1a4c7e6b6655cc290b7b12ad7f75
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e
57459fa13191028ca103c82db2e0b0a37aca6a9906dd5b78fe91da468b9407ff
57cb80bdcc3324bb229e9b3c3f8b2ce9b545ebfba4e9ec6762bfc84753bcd386
57f2238860a181a116c4374c0ee0343e3e8528ab8f7ef6fd76379cbd6c219bc5
5888b0e849d0f7a7211636f8079eecf94f7557fd758ad521ac7bca80435568ac
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
5afab78ca0a323f72103635fcdb92c7da0db7babf8ea34731547aa419c12152f
5c475b81b499b917e5f9da3cdf8bee817f7c40f097f5e1c77f0c8afb7a8de7b2
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
5fc279084e063cdea24dbe0abdc6c61746ed239dae8475e6dcd007252eff5537
5fc44ca6f42bab7f2ba9e2b902c5dde018249448d25cd2e2185b9f441bb2e975
60262fc87ea4197a41751e994d9432b0488a04993374590a72bd87a2564f31ed
60bc6a9870fc33fce5220d27895b6c3043bb48771c8ac5505865dfe7afca6771
6162aa5fe63812d7f1fba2d61b4d84b0e10982fa205f2cbb7692bc9dbc397ea1
61d1dab01428240ad52f3ae3f8a819c550839e98c0a2ceb207cd1220f5f8b820
64de332afcac3d5b8f343180c989707c2cb8b4b0a00c04cabd4bc86603416277
65f27dddbe99e4f806e8596f921ff8e7c347646aafa2b6b627cbca4d293b378b
666624da7003c0fe6411560cfe3fc499f7b8370854ca390d2e3cec0376784962
66bb692b3006bc1c4e815001d9338ea478407db6a2cbcad65235af83b5638bd8
66ccc38eebb02ebf54db2807930d263d434177a733865c29a825b2cde42e8e50
6905187bf215fe6b8c4afe16c84847674297ffb073b8f1b614c4342b125663b2
69c4bf65bed08394756d35bcf69fe48d43c44650fc37e288cec206d5b7a260e8
69ea67ff706971e6ec2c0ee4f84c3757f1d2918955be9edb1a6a1648349262a6
6a7aee5bf9610fb0126fcbbaf320b82659bf91096e5db1a3445ff2448acf0f10
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d468f2c3380854a62e207c1403da5f3c263a13a1d297c0726e36638e56b6e1c
6e8157cfa9918b4b4bc08fa0ebee434828b5b82c2e0abfa6b4ac10375329c071
70226b36e6ff6dc012d03043d76823c20dd876040a5b15199eeac96aad830ddd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745c1952468c387b4e806fd00d1bc0b475729650b29eb9e4b03045d32acd5ae7
75729522280e9b44063f95578029a3c786af75f1125291d995a4413caf322a23
77fc466eb7bc3ae49a5b405639a9802f2fc7def00052e75517606cd441fbf341
7c953212ee2fdce1b0c9593262922d6cc41d6adc91af499db2ff2fc992ffed37
7dce1d6998e7beefbbf1b5192af933d4ad64de39a68f4b732a87d4698e383804
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f354252bf7fae9cd2a6b735b3bf4e55874eea6b64f7d582f6c28d559962c935
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
810498673af1c6e2284b739f367fbad0bdc1ccf1b8c1746172d4ea4f608e693d
81d0aa06c9481b3fc7b1bbe36953211677503a168c0ac5f9b254396c42a64528
81f24f92b7a47056ec009b29d244eec11e2515b8e359fa945eb9fb116bd69cda
825501098d8a79a2368d85a6d41867d882e5466a45c97139a71e270bf6c21561
82c4f8c821c0e86fc78205feec2f1ae074b6bd40dc6a5acb2ea275840b583dc2
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
836c11e39462315069d4f5c7aa596f426d5312f2ac21155c7eede9e3b698c658
854b509ad4b6770e02d9c62318416c4dc26391d78e8187ec14835ddfd413c61f
85f083d8cd1336fe3a60c24dc734b9c40a7eec9e68a2b30df146fb25a4f57640
87c5f3f0c3e146c4445f34ca457ad9ba999b67382c093f360b1bb53e77fd91a6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9277beddaaa31a8eb347ee3249c0c0400a2a358f653515a855635e1be789ba
8ad147850a9ebc9fd14b66c90afb0434a2e4735dacd552e45f4508eb20c8b155
8b89aeb6e3aa5c2a5b3358eb6beef39650a84d4bb48b95c2d1a75ab13f986b97
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef94a635e88c7ff86a4ed8c0c2f5f9de69319cad89351c83c84ae7ca87c64f3
914e6844354db3deaf74b1ae0efb6c901338f6b67eab447b3fc93b09cdb50293
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
981a57a87730e2551bbf340b6d36add99e542b08495a0db72042036b5f6130f3
9996703f7c12ee4173def798d748bb36721c85d3033965d6431b671614264097
9ab3518d3b437279cf1fde162d25c4cb0098206886f15fe3cf4a8ad612b765a4
9c6df269a53dbf588a56b22ccf04bef7bfbf8d90313a21bb84e0cec23e246760
9cb70a891222ff4bfd17a7ca529c9d02c1ef9a976566d2c9fbbaf094bb975ede
9e786f4162bf81408a0a0d9fab38b52a18a035a7395f0adbb60f1fd845050b2c
9f720d646d63c468a4ae01e825de374f52f08d936ad58daf2d417b557fd2cbc5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14c9e5d8fe48f05822731b7d6a3f360cf02d4397521a676985952144d787f5b
a2a9e1296c1dcd5f59f4043dbd2bc4c85c9e11cde78d18d1b816d9a71a9b22bc
a2ed72b6d3aca711323a20fe6597ba24dbcf686d50dc0637e25eeca2d357f9b9
a340b22ffe24f196605b0e3700c94ed12509a9cbe3588939a98b9946555447b3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57e003f4cc00c5fbafcab669216dfcc8f8332bb2f21f23cec95d74f7ea0a11c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e857903cf6f1c85eafd5b342002ac9a2095e4ee9028bc0a50c28dd2418e087
a80140bea9769e8d21b4fa7de432bc0ec8c974e7360fdfb5c2cba71a13bf3380
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac0ee1a7e4042e72f3a0f0b89d3f92278ece91612a5fa599bff6cb3b758f45d8
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad97a73bed7cd7445d81ef54574d6d9a912368338d5d155817174230098bb319
ad9f3e600942ea62777712059dbbcee4eec0848339b4d5212c4f6daf488ca7e2
af40821acb69199682bfb93db61ad0f5ccf03da47cb272a4005a2c66506111b4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b372ba82431aa0eff7d94071558ba1bf9386a7193632cf501e98812904e5f598
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6a3a5d202fa351952986f89afba5e7ce474ea3007cc385f72cd392914eaf73a
b73e4257f71e27b3fdac7a891b0d3b2cd8d4ac80e59b546d570219c0a7a443d5
b7cd76f324b33e031bf109bcd3dffca724b691af57a245abc007abaa88f6d706
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
bd408a5a042b26302422015b360c781e0a7f49de63198b53acedf20931c90b66
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3caf04790c67dc801c927ba648611c29f71f1a12df4be245e060303568b10bf
c44e55ded4b4ce6fdb49e33d6219fdf547ecdad69913b9eab6578d07012814af
c72255901dfcec5f556681d91d28b283aebadd786d5502a5fcdcdc660ea906ba
c93ff765e3de73bc9280be34cd9fdb85c55d9fc639da20a67e7aa7d4be2974f5
ca7286485a9dae12b7e6bb097a1d92709051492c554ad94c7f79fa2dba5eeb0b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd1277404eaf8953236dc1f463fcaf2e7290ec74ac3ab6c19c645320d936e32
d1f5d857f44748899b754e1a73af371aa66783faa3511f124fa1d567e3d54d24
d76906cc7ea630184754d7a22bbf929abaf26d8f68da993d3c552efb353c57cd
d876cc3e60e2a3283a9a3378d3bdc8ad624b51dbf58523f6b49797708ec90afc
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
dbf7182fdcad2a2ffa1f0437c4189116faabbb86dc71c989118440f78dc3d684
dc20f732756cc442f2a9444f90d3a07dd0086379f30fb0b25f39806696783d06
dd9ccc0d6aae4327aaf65fc7e5d2d4750409e6bcfbe4182f936bfe3e30b01604
e0ed0681a90ff59687939f7c4bdeda8f5d85a67f1c32a839916670af101472cc
e37a2c3e803cf3fa74ded1a6c0d61acdfc4ace3eb5a008d761bad04c6dec1515
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71ef2f83b82f57192673c0c1947f50c29fdae2e2769f6c97f8b6b8e17fe268f
e943aea4c1bfa037109388aec87b962d28432df3992a717774794add1495e4c7
ea582fa76b016f804e438e65e2d778547071e5654407771ec0387b5d9ec8020b
ec4040e0c0c7e5a12cf9519d368c068117713789a48888f37062c79bb0566338
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199bcf746f615780a7271ca4ac6202dbed49df4c722a83aa787b26573fa47a8
f3059173de349aa887cab229fe6901aa30507c542d014c5c69590b0f8d542d35
f8a69f2ce2af50755d73d1991a6a0c6eef17d4f2abb0d223ac00f5fb6380c104
fa6e99fe5fb1f02ff4d8eca02a9adc9c1929731dfcba7e54743a93a1367627f3
fb6609e6ff90ab14c9a7496b648fe3d275445b317062e094502ebaf6777abe58
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fcae36ba6eaeffd584c219cb5829337f2f945c2c385e6ed5b406c56bb8e8d4c0

www.dw.com Open in urlscan Pro 2a02:26f0:6c00:1bd::2d63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

353 Requests

99 %HTTPS

26 %IPv6

63 Domains

100 Subdomains

69 IPs

13 Countries

4488 kBTransfer

9459 kBSize

66 Cookies

0 Outgoing links

Redirected requests

353 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dw.com Open in urlscan Pro
2a02:26f0:6c00:1bd::2d63 Public Scan

Screenshot
Live screenshot

Full Image

353
Requests

99 %
HTTPS

26 %
IPv6

63
Domains

100
Subdomains

69
IPs

13
Countries

4488 kB
Transfer

9459 kB
Size

66
Cookies

353 HTTP transactions
5 data transactions