www.dw.com Open in urlscan Pro
2a02:26f0:6c00:285::2d63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Submission: On July 24 via api (July 24th 2021, 1:21:21 pm UTC) from IN

Summary HTTP 107 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 24 domains to perform 107 HTTP transactions. The main IP is 2a02:26f0:6c00:285::2d63, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.dw.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 3rd 2020. Valid for: a year.

This is the only time www.dw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2a02:26f0:6c0... 2a02:26f0:6c00:285::2d63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:8a00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	104.111.250.147 104.111.250.147	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 6	18.196.99.238 18.196.99.238	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.226.132.202 13.226.132.202	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	35.156.10.121 35.156.10.121	() ()
1	213.19.162.51 213.19.162.51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	2a04:4e42:3::626 2a04:4e42:3::626	54113 (FASTLY) (FASTLY)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	52.17.149.223 52.17.149.223	16509 (AMAZON-02) (AMAZON-02)
1	152.199.22.243 152.199.22.243	15133 (EDGECAST) (EDGECAST)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
4	100.25.32.123 100.25.32.123	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	34.207.24.140 34.207.24.140	14618 (AMAZON-AES) (AMAZON-AES)
107	36

32 2a02:26f0:6c00:285::2d63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:8a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.h-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.250.147 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-147.deploy.static.akamaitechnologies.com

commons.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.196.99.238 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-99-238.eu-central-1.compute.amazonaws.com

logs1242.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.132.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-202.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.10.121 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

peach-static.ebu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:3::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.149.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-149-223.eu-west-1.compute.amazonaws.com

pipe-collect.ebu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.243 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 100.25.32.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-32-123.compute-1.amazonaws.com

link.h-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.207.24.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-24-140.compute-1.amazonaws.com

perr.h-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	dw.com www.dw.com commons.dw.com static.dw.com	632 KB
10	googlesyndication.com e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	58 KB
10	h-cdn.com player.h-cdn.com link.h-cdn.com perr.h-cdn.com	296 KB
6	xiti.com 1 redirects logs1242.xiti.com	2 KB
6	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com	65 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	131 KB
5	google.com 1 redirects www.google.com adservice.google.com	2 KB
4	jwpcdn.com ssl.p.jwpcdn.com	239 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
3	ebu.io peach-static.ebu.io pipe-collect.ebu.io	33 KB
2	media.net hbx.media.net	19 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	789 B
2	jwplayer.com cdn.jwplayer.com entitlements.jwplayer.com	37 KB
2	googletagmanager.com www.googletagmanager.com	84 KB
1	google.de adservice.google.de	853 B
1	adnxs.com ib.adnxs.com	692 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	emxdgt.com hb.emxdgt.com	156 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagservices.com www.googletagservices.com	24 KB
1	gstatic.com www.gstatic.com	342 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	jquery.com code.jquery.com	6 KB
107	24

	Domain	Requested by
30	www.dw.com	www.dw.com player.h-cdn.com
6	logs1242.xiti.com	1 redirects www.dw.com
5	tpc.googlesyndication.com	www.dw.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	player.h-cdn.com	www.dw.com player.h-cdn.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	link.h-cdn.com	player.h-cdn.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.dw.com
4	ssl.p.jwpcdn.com	cdn.jwplayer.com
4	c.amazon-adsystem.com	www.dw.com c.amazon-adsystem.com
4	www.google.com	1 redirects www.dw.com tpc.googlesyndication.com
3	widgets.outbrain.com	www.dw.com widgets.outbrain.com
2	hbx.media.net	www.dw.com hbx.media.net
2	pipe-collect.ebu.io	peach-static.ebu.io
2	static.dw.com	www.dw.com
2	commons.dw.com	www.dw.com
2	www.googletagmanager.com	www.dw.com
1	perr.h-cdn.com	player.h-cdn.com
1	googleads.g.doubleclick.net	www.dw.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	odb.outbrain.com	widgets.outbrain.com
1	entitlements.jwplayer.com	cdn.jwplayer.com
1	log.outbrainimg.com	widgets.outbrain.com
1	peach-static.ebu.io	www.dw.com
1	ib.adnxs.com	www.dw.com
1	fastlane.rubiconproject.com	www.dw.com
1	hb.emxdgt.com	www.dw.com
1	cdn.jsdelivr.net	www.dw.com
1	www.googletagservices.com	www.dw.com
1	widget-pixels.outbrain.com	www.dw.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	www.gstatic.com	www.google.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.jwplayer.com	www.dw.com
1	code.jquery.com	www.dw.com
107	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.reddit.com
web.whatsapp.com
telegram.me
www.linkedin.com
dwadsales.com
m.dw.com

Subject Issuer	Validity	Valid
*.dw.com GeoTrust RSA CA 2018	`2020-07-03` - `2021-10-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
*.h-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-05` - `2022-07-18`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.xiti.com Thawte RSA CA 2018	`2020-02-27` - `2022-05-22`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.ebu.io Gandi Standard SSL CA 2	`2020-03-16` - `2022-04-02`	2 years	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
entitlements.jwplayer.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-30` - `2022-06-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Frame ID: 528927CC9EF94F3D3C74EDCCFA61A3CA
Requests: 86 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: C29FBA1FB1C9C8EF65AE7E66208A87B9
Requests: 2 HTTP requests in this frame

Frame: https://e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE9732799E3AD7BC14AD5E49075C88AA
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CU4LLB55&prvid=80%2C97%2C99%2C108%2C109%2C117%2C159%2C175%2C178%2C182%2C201%2C203%2C208%2C214%2C222%2C251%2C2025%2C2027%2C2028%2C2030%2C2034%2C3007%2C3010%2C3012%2C3014%2C3017%2C10000&usp_status=0&usp_consent=1&gdpr=1&gdprconsent=0&https=1
Frame ID: A2D5A3487F431A7F0C96B2AE0258AA1D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 3A2E9DF885F536A94B9F588B9021440F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 54F140FA6B6E72625B082EABCC2DF59B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C0C4C4AAF2AB7089D606FE4537DC961
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

107
Requests

100 %
HTTPS

49 %
IPv6

24
Domains

38
Subdomains

36
IPs

5
Countries

2129 kB
Transfer

6115 kB
Size

7
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-Facebook-sharing

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=webclient&text=Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack+https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-Twitter-sharing

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-reddit-sharing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?app_id=161807964535758&redirect_uri=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-Facebook%2BMessenger%2BWeb-sharing&link=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-Facebook%2BMessenger%2BWeb-sharing&display=popup

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-Whatsapp%2BWeb-sharing+Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-Telegram-sharing&text=Bayer%20hit%20by%20cyberattack

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fp.dw.com%2Fp%2F3GDyu%3Fmaca%3Den-linkedin-sharing&title=Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack&source=DW.COM

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-Facebook-sharing
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=webclient&text=Data%20theft%20and%20cyber%20attacks%20+https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-Twitter-sharing
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-reddit-sharing
Title: reddit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?app_id=161807964535758&redirect_uri=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-Facebook%2BMessenger%2BWeb-sharing&link=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-Facebook%2BMessenger%2BWeb-sharing&display=popup
Title: Facebook Messenger Web

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-Whatsapp%2BWeb-sharing+Data%20theft%20and%20cyber%20attacks%20
Title: Whatsapp Web

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-Telegram-sharing&text=
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fp.dw.com%2Fp%2F3BZEu%3Fmaca%3Den-linkedin-sharing&title=Data%20theft%20and%20cyber%20attacks%20&source=DW.COM
Title: linkedin

Search URL Search Domain Scan URL

URL: https://dwadsales.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://m.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Title: Mobile version

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860686&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&idp=1521007476147&jv=0&p=TOP+STORIES::Business::Bayer+points+finger+at+Wicked+Panda+in+cyberattack&s2=2&vrn=1&x1=1&x2=2&x3=48196004&x4=1431&x5=[Bayer+points+finger+at+Wicked+Panda+in+cyberattack]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&x8=[]&x9=20190404&x10=[TOP+STORIES::Business]&x11=&x12=&x13=1&x14=&x15=19990032&x16=&x17=&x18=&x19=&x20=&ref= HTTP 302
https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860686&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&idp=1521007476147&jv=0&p=TOP+STORIES::Business::Bayer+points+finger+at+Wicked+Panda+in+cyberattack&s2=2&vrn=1&x1=1&x2=2&x3=48196004&x4=1431&x5=[Bayer+points+finger+at+Wicked+Panda+in+cyberattack]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&x8=[]&x9=20190404&x10=[TOP+STORIES::Business]&x11=&x12=&x13=1&x14=&x15=19990032&x16=&x17=&x18=&x19=&x20=&ref=&Rdt=On

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

107 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request a-48196004 Show response
www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/ 57 KB
19 KB 25ms
9ms Document
text/html 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

038dc4e55b454501f83333e87abc889bd52d609d99eb3389511295bf9df7e6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.dw.com
:scheme: https
:path: /en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-ua-compatible: IE=EmulateIE8; IE=EmulateIE9; IE=EmulateIE10; IE=Edge
content-type: text/html;charset=UTF-8
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
content-encoding: gzip
access-control-allow-origin: *
accept-ranges: bytes
content-length: 19435
cache-control: max-age=120
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
www.dw.com/js/ 86 KB
30 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/jquery-3.4.1.min.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6905187bf215fe6b8c4afe16c84847674297ffb073b8f1b614c4342b125663b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/jquery-3.4.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/jquery-3.4.1.min.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 30741

GET
H2 200 jquery-migrate-3.0.1.js Show response
code.jquery.com/ 17 KB
6 KB 26ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.0.1.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2017 00:42:14 GMT
server: nginx
etag: W/"59caf3e6-4595"
vary: Accept-Encoding
x-hw: 1627132860.dop097.fr8.t,1627132860.cds276.fr8.hn,1627132860.cds168.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5802

GET
H2 200 dsgvo_utils.js Show response
www.dw.com/js/dsgvo/ 1 KB
847 B 14ms
11ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/dsgvo/dsgvo_utils.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5afab78ca0a323f72103635fcdb92c7da0db7babf8ea34731547aa419c12152f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/dsgvo/dsgvo_utils.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/dsgvo/dsgvo_utils.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 587

GET
H2 200 accessToROAD_Beta.js Show response
www.dw.com/js/beta_ROAD/ 2 KB
850 B 14ms
12ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/beta_ROAD/accessToROAD_Beta.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a0ed83fa87627f79c564eaa0757c056ac3323b610baeea75a97b33cc5dbc935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/beta_ROAD/accessToROAD_Beta.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/beta_ROAD/accessToROAD_Beta.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 582

GET
H2 200 de.dw.cdaLanguage.min.js Show response
www.dw.com/js/ 16 KB
6 KB 14ms
12ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/de.dw.cdaLanguage.min.js?v=6.72.1

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b73e4257f71e27b3fdac7a891b0d3b2cd8d4ac80e59b546d570219c0a7a443d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/de.dw.cdaLanguage.min.js?v=6.72.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/de.dw.cdaLanguage.min.js?v=6.72.1
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 5883

GET
H2 200 dwde-ltr.min.css
www.dw.com/css/ 261 KB
35 KB 10ms
8ms Stylesheet
text/css 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2ae8cfcb07ab054d42b12d486f73ea7f963a84bdcc8f542dc06970bc82312668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/dwde-ltr.min.css?v=6.72.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/dwde-ltr.min.css?v=6.72.1
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 35118

GET
H2 200 dw-fonts-latin.css
www.dw.com/css/ 9 KB
2 KB 14ms
11ms Stylesheet
text/css 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/dw-fonts-latin.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

384d20e371aeb0bab889b7b57269da1b67de7890d0288ec2aea8533d3b721935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/dw-fonts-latin.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/dw-fonts-latin.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1742

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109618266-1

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efd00ac923e1af152768679ef52a3c1a6f1c892c1ef9785513e43af80c01a678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39979
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Jul 2021 13:21:00 GMT

GET
H2 200 dwde.min.js Show response
www.dw.com/js/ 918 KB
234 KB 20ms
17ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/dwde.min.js?v=6.72.1

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae9b8a6fa119ecf9d684ee5c1b82d80dfc6fbe61b3fd8424e7fa0eafb5414b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/dwde.min.js?v=6.72.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/dwde.min.js?v=6.72.1
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 239100

GET
H2 200 b1Tao5yJ.js Show response
cdn.jwplayer.com/libraries/ 112 KB
37 KB 39ms
9ms Script
text/javascript 2600:9000:2182:8a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 3c416a3cbc9adb63f32125d99d64ce70689510225a2d92caf8707e029c923382

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:19:36 GMT
content-encoding: gzip
server: openresty
age: 84
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: DUS51-C1
content-length: 37339
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
x-amz-cf-id: V83eqmF2Y7VaM-JpuOWyqYI6q-6yuwbm1MjyxqypWReAa7TOO8Mm0Q==
expires: Sat, 24 Jul 2021 13:20:22 GMT

GET
H2 200 dwskinfile.css
www.dw.com/css/jwplayer8/skins/DW/ 14 KB
2 KB 15ms
13ms Stylesheet
text/css 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4274f6d73039833b37a64aefae69559c3a1fac95460b2464f5ac2c3c0c669955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/dwskinfile.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/dwskinfile.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1734

GET
H2 200 desktop-additions.css
www.dw.com/css/jwplayer8/skins/DW/ 79 B
338 B 18ms
16ms Stylesheet
text/css 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/desktop-additions.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85f083d8cd1336fe3a60c24dc734b9c40a7eec9e68a2b30df146fb25a4f57640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/desktop-additions.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/desktop-additions.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 74

GET
H2 200 jquery.ui.datepicker-en.min.js Show response
www.dw.com/js/datepicker/ 676 B
648 B 21ms
19ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/datepicker/jquery.ui.datepicker-en.min.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

810498673af1c6e2284b739f367fbad0bdc1ccf1b8c1746172d4ea4f608e693d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/datepicker/jquery.ui.datepicker-en.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/datepicker/jquery.ui.datepicker-en.min.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 373

GET
H2 200 loader.js Show response
player.h-cdn.com/ 12 KB
4 KB 22ms
6ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.h-cdn.com/loader.js?customer=deutschewelle
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: df844ee00772eb6a9bcd2d68102012560ae8c6ac426281807cbcca5d1754391a

Request headers

Origin: https://www.dw.com
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
age: 219
x-cache: HIT, HIT
x-hola-original-content-length: 11890
access-control-max-age: 600
content-length: 3909
x-request-id: 4a63b2f5cc75a3a9cf710aece3b1d0ff74adbbd7
x-served-by: cache-ewr18150-EWR, cache-fra19142-FRA
access-control-allow-origin: *
server: nginx/1.15.9 (Ubuntu)
x-timer: S1627132861.679120,VS0,VE0
etag: W/"md5-960736-3a2c1237-6e6448a6"
vary: Origin, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Date, Cache-Control, ETag, Content-Length, X-Hola-Original-Content-Length
cache-control: public,max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 6

GET
H2 200 clickPerformance.desktop.articles.min.js Show response
www.dw.com/js/advertisement/ 310 KB
94 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60bc6a9870fc33fce5220d27895b6c3043bb48771c8ac5505865dfe7afca6771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /js/advertisement/clickPerformance.desktop.articles.min.js
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/js/advertisement/clickPerformance.desktop.articles.min.js
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 95861

GET
H2 200 smarttag.js Show response
commons.dw.com/tracking/ 56 KB
17 KB 28ms
6ms Script
application/javascript 104.111.250.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commons.dw.com/tracking/smarttag.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53a799ce5505ccfe5a0872989a681b09c23f1a4c7e6b6655cc290b7b12ad7f75

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:23:02 GMT
x-backend: staticcontent
etag: W/"60f97136-e076"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16746

GET
H2 200 smarttagJwPlayerPlugin.js Show response
commons.dw.com/tracking/ 4 KB
2 KB 31ms
9ms Script
application/javascript 104.111.250.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commons.dw.com/tracking/smarttagJwPlayerPlugin.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81f24f92b7a47056ec009b29d244eec11e2515b8e359fa945eb9fb116bd69cda

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:23:02 GMT
x-backend: staticcontent
etag: W/"60f97136-e01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1491

GET
H2 200 dwlogo-print.gif
www.dw.com/cssi/ 3 KB
3 KB 16ms
14ms Image
image/gif 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/dwlogo-print.gif

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c44e55ded4b4ce6fdb49e33d6219fdf547ecdad69913b9eab6578d07012814af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/dwlogo-print.gif
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/dwlogo-print.gif
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 2725

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 181 KB
61 KB 25ms
6ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa2ad1661d4fbc0e301956134d7db296be39ef5ab5a66617df0f9be0ec6aa498

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 12:16:10 GMT
etag: W/"2d5a0-Zc9FGGCAGBk7U/rbhitAQmmx+ls"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 95d7b212cb59479ce0860312eac5e227
timing-allow-origin: *, *
content-length: 61651
expires: Sat, 24 Jul 2021 17:21:00 GMT

GET
H2 200 dw-print.css
www.dw.com/css/ 1 KB
711 B 17ms
16ms Stylesheet
text/css 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/css/dw-print.css

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e943aea4c1bfa037109388aec87b962d28432df3992a717774794add1495e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/dw-print.css
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/dw-print.css
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 466

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
45 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXHJH9T

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d314e2222be8f3bcce3d92f2183a236fb4d67a9d9089b4866110da30a5e51d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45664
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Jul 2021 13:21:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
762 B 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&hl=en

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/dwde.min.js?v=6.72.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56be50c65116b3cd231b8b69068d647b03aa9a0e15de26b31f4e3aba35175251

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Sat, 24 Jul 2021 13:21:00 GMT

GET
H2

200

hit.xiti
logs1242.xiti.com/
Redirect Chain

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860686&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&idp=1521007476147&jv=0&p=TOP+STORIES::Business::Bayer+points+fin...
https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860686&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&idp=1521007476147&jv=0&p=TOP+STORIES::Business::Bayer+points+fin...

35 B
150 B

7ms
7ms

Image
image/gif

18.196.99.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860686&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&idp=1521007476147&jv=0&p=TOP+STORIES::Business::Bayer+points+finger+at+Wicked+Panda+in+cyberattack&s2=2&vrn=1&x1=1&x2=2&x3=48196004&x4=1431&x5=[Bayer+points+finger+at+Wicked+Panda+in+cyberattack]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&x8=[]&x9=20190404&x10=[TOP+STORIES::Business]&x11=&x12=&x13=1&x14=&x15=19990032&x16=&x17=&x18=&x19=&x20=&ref=&Rdt=On

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.99.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-99-238.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

Redirect headers

location: https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860686&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&idp=1521007476147&jv=0&p=TOP+STORIES::Business::Bayer+points+finger+at+Wicked+Panda+in+cyberattack&s2=2&vrn=1&x1=1&x2=2&x3=48196004&x4=1431&x5=[Bayer+points+finger+at+Wicked+Panda+in+cyberattack]&x6=&x7=[http%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&x8=[]&x9=20190404&x10=[TOP+STORIES::Business]&x11=&x12=&x13=1&x14=&x15=19990032&x16=&x17=&x18=&x19=&x20=&ref=&Rdt=On
date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
content-length: 708
strict-transport-security: max-age=15768000
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 i-b-grey-flat.png
www.dw.com/cssi/ 28 KB
28 KB 6ms
6ms Image
image/png 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/i-b-grey-flat.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

49ab757a8dcbda823248d1a0e11c40c6e10d0c077f4ba107eaf84c2f144b4761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/i-b-grey-flat.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/i-b-grey-flat.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 28523

GET
H2 200 search-filter-icons-3.png
www.dw.com/cssi/ 3 KB
3 KB 7ms
6ms Image
image/png 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/search-filter-icons-3.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61d1dab01428240ad52f3ae3f8a819c550839e98c0a2ceb207cd1220f5f8b820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/search-filter-icons-3.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/search-filter-icons-3.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 2889

GET
H2 200 schatten.jpg
www.dw.com/cssi/ 35 KB
36 KB 7ms
7ms Image
image/jpeg 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/schatten.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3943a0fd4592088686323d6bd7acf8b23ec8799330a2e821eee41b938352e428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/schatten.jpg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/schatten.jpg
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 36256

GET
H2 200 dwlogo-all.png
www.dw.com/cssi/ 4 KB
5 KB 8ms
8ms Image
image/png 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/dwlogo-all.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

81d0aa06c9481b3fc7b1bbe36953211677503a168c0ac5f9b254396c42a64528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/dwlogo-all.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/dwlogo-all.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4395

GET
H2 200 search-icon.gif
www.dw.com/cssi/ 432 B
660 B 9ms
8ms Image
image/gif 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/search-icon.gif

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f199bcf746f615780a7271ca4ac6202dbed49df4c722a83aa787b26573fa47a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/search-icon.gif
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/search-icon.gif
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 432

GET
H2 200 dw-social-icons-sprite.png
www.dw.com/cssi/ 33 KB
33 KB 7ms
6ms Image
image/png 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/dw-social-icons-sprite.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9c6df269a53dbf588a56b22ccf04bef7bfbf8d90313a21bb84e0cec23e246760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/dw-social-icons-sprite.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/dw-social-icons-sprite.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 33752

GET
H2 200 play.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
907 B 7ms
6ms Image
image/svg+xml 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/play.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ac0ee1a7e4042e72f3a0f0b89d3f92278ece91612a5fa599bff6cb3b758f45d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/play.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/play.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 641

GET
H2 200 48089814_303.jpg
static.dw.com/image/ 35 KB
35 KB 9ms
8ms Image
image/jpeg 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/48089814_303.jpg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6b7d661f5dd67739fa7879c2578fa00278e0de376f0b44b526239c79bca6532d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 05 Oct 2020 12:34:49 GMT
etag: "42f01870c7837a338d8a0a32fefb49e2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3454
date: Sat, 24 Jul 2021 13:21:00 GMT
accept-ranges: bytes
content-length: 35681

GET
H2 200 i-solo-dwblue.png
www.dw.com/cssi/ 20 KB
20 KB 6ms
6ms Image
image/png 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/i-solo-dwblue.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

57f2238860a181a116c4374c0ee0343e3e8528ab8f7ef6fd76379cbd6c219bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/i-solo-dwblue.png
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/i-solo-dwblue.png
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 20210

GET
H2 200 footer-verlauf.gif
www.dw.com/cssi/ 1 KB
2 KB 7ms
7ms Image
image/gif 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/cssi/footer-verlauf.gif

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9996703f7c12ee4173def798d748bb36721c85d3033965d6431b671614264097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /cssi/footer-verlauf.gif
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/dwde-ltr.min.css?v=6.72.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 13 Jul 2021 15:50:02 GMT
date: Sat, 24 Jul 2021 13:21:00 GMT
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/cssi/footer-verlauf.gif
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1311

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109618266-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1801
date: Sat, 24 Jul 2021 12:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 24 Jul 2021 14:50:59 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ 341 KB
342 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dw.com
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 09:58:22 GMT
x-content-type-options: nosniff
age: 12158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 349415
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 04:06:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 09:58:22 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C29F 416 B
798 B 7ms
7ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1626958298.691844"
last-modified: Thu, 22 Jul 2021 12:15:18 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sat, 24 Jul 2021 13:21:00 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1627132860~rv=9~id=31de5832365a15e35b07f60080e86e9f; path=/; Expires=Sat, 24 Jul 2021 13:21:00 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmR3LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 19ms
6ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmR3LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Jul 2021 13:21:00 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=11330
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 1608369932e7c33f41cdc930b694bb86
Content-Length: 16
Expires: Sat, 24 Jul 2021 16:29:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 44ms
43ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=3.899535718367712
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 23 Aug 2021 13:21:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 31ms
10ms Script
application/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding: gzip
server: Server
age: 340
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Sat, 24 Jul 2021 13:15:19 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IA8Gy80D3UklFmjnhxc0KHUNWVwP-k0cfGn2L3nX2VgMvVfGF44elw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "938 / 161 of 1000 / last-modified: 1627080183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24037
x-xss-protection: 0
expires: Sat, 24 Jul 2021 13:21:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 17ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210724

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8bde7c7a3fd076f2f3076d0ff5e64175eed9e5c04da1cac762d26af87dfba9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36760
x-jsd-version: 1.0.1047
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 949
etag: W/"69d-qY4v2JWSh19UTryHASLxR0XAkck"
x-served-by: cache-fra19132-FRA
x-jsd-version-type: version
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 / Show response
hb.emxdgt.com/ 0
156 B 39ms
16ms XHR
text/plain 35.156.10.121

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1627132860862&src=pbjs
Requested by: Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN (),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dw.com
date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 77ms
23ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18884&site_id=210282&zone_id=1353596&size_id=2&rf=https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004&tk_flint=pbjs_lite_v3.19.0&x_source.tid=fdea07c8-ef96-471a-b01f-737cc9a1fd4c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6259055256026993
Requested by: Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5a0d608acfd6425eb94b0bf3d691835255071ac7ee60d9000f823ba06d57ae3d

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 24 Jul 2021 13:21:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
692 B 44ms
31ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/advertisement/clickPerformance.desktop.articles.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 24 Jul 2021 13:21:00 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 824e7ca0-e2e8-4a90-8138-29a6af2b6e78
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dw.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v-47086080 Show response
www.dw.com/playersources/ 133 B
383 B 9ms
9ms Fetch
application/json 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/playersources/v-47086080?hls=true

Requested by

Host: www.dw.com
URL: https://www.dw.com/js/dwde.min.js?v=6.72.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

375e282d14235d0e47e9310de72e17427fd1f33c507bfa575f9719408731c289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /playersources/v-47086080?hls=true
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 24 Jul 2021 13:21:00 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/playersources/v-47086080?hls=true
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=120
accept-ranges: bytes
content-length: 146

GET
H2 200 peach-collector-1.x.min.js Show response
peach-static.ebu.io/ 32 KB
32 KB 66ms
6ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peach-static.ebu.io/peach-collector-1.x.min.js
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ff4a72caca60a7670fc5df47fa7c4bfcd6896baf4dda5c15303ee87ee0c2e8b

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 09:13:31 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jun 2021 13:37:44 GMT
server: AmazonS3
age: 14851
etag: "e27e6c543c48d5291407cfa49393aa85"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 32556
x-amz-cf-id: Dg7T4hzx5PUUSMTRUJgZ04xTB134SJ_HDKYwdT8hB3rUXtgAgw0Pbg==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 350ms
87ms XHR
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1627132860891&sessionId=0c88d35c-cd4d-e013-cf2f-66eaf6701fbc&url=www.dw.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jul 2021 13:21:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f26903394031bcfbd9378702c8e6067e
Content-Length: 4
Expires: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 16ms
16ms XHR
text/plain 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004&pubid=4e10e36d-ced5-49f8-b27a-8992090b10f1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:19:01 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server: Server
age: 119
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.dw.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 98NEmCof2K44A72pjHslvLlyPjaDy1kDRmaC7H3aY7IxCvYeZHh7vQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
367 B 43ms
43ms XHR
text/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004&pid=hkMWBecLpJyg1&cb=0&ws=1600x1200&v=7.67.00&t=700&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F228556409%2FDW_D_Articles_Leaderboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22200x200%22%5D%2C%22sn%22%3A%22%2F228556409%2FDW_D_Articles_Square%22%7D%5D&cfgv=0&pubid=4e10e36d-ced5-49f8-b27a-8992090b10f1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.dw.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ucdbzu4rFjJlk0-3xxxNjPsy9c7APSg82-HlcToB6Ut3b6aVRUXo_g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
9ms XHR
application/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 77904
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Fri, 23 Jul 2021 15:42:37 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: uXdkJ6WvKzaoDFNxIwK4s5X2lYG0We635ZdsthR-bIG5CoIBD13n0w==

GET
H2 200 hit.xiti
logs1242.xiti.com/ 35 B
150 B 7ms
7ms Image
image/gif 18.196.99.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860932&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&ati=PUB-[Scroll]-[0%25]-[Desktop]-[Artikelseite]-[Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack%20%7C%20Business%7C%20Economy%20and%20finance%20news%20from%20a%20German%20perspective%20%7C%20DW%20%7C%2004.04.2019]-[48196004]-[Englisch]-[https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&type=AT&stc=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.99.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-99-238.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

GET
H2 200 hit.xiti
logs1242.xiti.com/ 35 B
150 B 7ms
6ms Image
image/gif 18.196.99.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860936&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&ati=PUB-[Scroll]-[10%25]-[Desktop]-[Artikelseite]-[Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack%20%7C%20Business%7C%20Economy%20and%20finance%20news%20from%20a%20German%20perspective%20%7C%20DW%20%7C%2004.04.2019]-[48196004]-[Englisch]-[https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&type=AT&stc=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.99.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-99-238.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

GET
H2 200 hit.xiti
logs1242.xiti.com/ 35 B
150 B 7ms
7ms Image
image/gif 18.196.99.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860942&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&ati=PUB-[Scroll]-[20%25]-[Desktop]-[Artikelseite]-[Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack%20%7C%20Business%7C%20Economy%20and%20finance%20news%20from%20a%20German%20perspective%20%7C%20DW%20%7C%2004.04.2019]-[48196004]-[Englisch]-[https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&type=AT&stc=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.99.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-99-238.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C29F 610 B
992 B 108ms
108ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1626958299.773307"
last-modified: Thu, 22 Jul 2021 12:15:18 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sat, 24 Jul 2021 13:21:01 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1627132861~rv=55~id=cb44066e3c47846bfd839e67c5113aff; path=/; Expires=Sat, 24 Jul 2021 13:21:01 GMT; Secure; SameSite=None

GET
H2 200 vast.js Show response
ssl.p.jwpcdn.com/player/plugins/vast/v/8.9.5/ 108 KB
31 KB 20ms
5ms Script
text/plain 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/vast/v/8.9.5/vast.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72c36aa2bbf4f8f221c8d53d6cfeac8a9dd4638fa7c48c52e081235409111993

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
age: 407358
x-cache: HIT
content-length: 31301
via: 1.1 varnish
x-served-by: cache-fra19177-FRA
last-modified: Fri, 16 Jul 2021 20:31:24 GMT
server: AmazonS3
x-timer: S1627132861.966143,VS0,VE0
etag: "e7aa58590f3099e9bdf324b584435941"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 43744

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.21.1/ 57 KB
17 KB 30ms
16ms Script
application/javascript 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.21.1/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
age: 281
x-cache: HIT
content-length: 17364
via: 1.1 varnish
x-served-by: cache-fra19177-FRA
last-modified: Fri, 16 Jul 2021 21:39:28 GMT
server: AmazonS3
x-timer: S1627132861.966288,VS0,VE0
etag: "2d642e2770c705fe7a30a5a3a28396ea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 379

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.21.1/ 306 KB
78 KB 20ms
7ms Script
application/javascript 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a3ff7771f08235593585de5c567352c79ccf4da67dde2cfc9b37013faed93e9

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
age: 407576
x-cache: HIT
content-length: 79944
via: 1.1 varnish
x-served-by: cache-fra19177-FRA
last-modified: Fri, 16 Jul 2021 21:39:21 GMT
server: AmazonS3
x-timer: S1627132861.966255,VS0,VE0
etag: "010e17bd5ebef3ac5d51bed68080215f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 118699

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.21.1/ 409 KB
113 KB 26ms
16ms Script
application/javascript 2a04:4e42:3::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.21.1/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65cec34b3d60fdcb098eae1a552d3f4a7568f22ae8bd989aa45b264ab8bab154

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
age: 407575
x-cache: HIT
content-length: 115620
via: 1.1 varnish
x-served-by: cache-fra19177-FRA
last-modified: Fri, 16 Jul 2021 21:39:24 GMT
server: AmazonS3
x-timer: S1627132861.966270,VS0,VE0
etag: "cca80809ef0cbbcc4f041e58f4247d4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 96389

GET
H2 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 35ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Sat, 24 Jul 2021 13:21:00 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 147 B
764 B 34ms
14ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dw.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5e1d9d947993df2736cf54d13c952c05bf60218e97c78eaec953a4ee4db87da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Sat, 24 Jul 2021 13:21:00 GMT

GET
H2 200 hit.xiti
logs1242.xiti.com/ 35 B
150 B 7ms
6ms Image
image/gif 18.196.99.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1242.xiti.com/hit.xiti?s=510544&ts=1627132860972&vtag=5.13.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x21x0&lng=en-US&ati=PUB-[Scroll]-[30%25]-[Desktop]-[Artikelseite]-[Bayer%20points%20finger%20at%20Wicked%20Panda%20in%20cyberattack%20%7C%20Business%7C%20Economy%20and%20finance%20news%20from%20a%20German%20perspective%20%7C%20DW%20%7C%2004.04.2019]-[48196004]-[Englisch]-[https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004]&type=AT&stc=

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.99.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-99-238.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:00 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

POST
H2 201 collect Show response
pipe-collect.ebu.io/v3/ 2 B
465 B 31ms
31ms XHR
application/json 52.17.149.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipe-collect.ebu.io/v3/collect?s=dedw000000000047
Requested by: Host: peach-static.ebu.io
URL: https://peach-static.ebu.io/peach-collector-1.x.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.149.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-149-223.eu-west-1.compute.amazonaws.com
Software: Python/3.9 aiohttp/3.7.4.post0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 24 Jul 2021 13:21:01 GMT
server: Python/3.9 aiohttp/3.7.4.post0
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 collect
pipe-collect.ebu.io/v3/ Frame 0
0 106ms
31ms Preflight 52.17.149.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipe-collect.ebu.io/v3/collect?s=dedw000000000047
Protocol: H2
Server: 52.17.149.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-149-223.eu-west-1.compute.amazonaws.com
Software: Python/3.9 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
server: Python/3.9 aiohttp/3.7.4.post0

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 MQ6cm06yQU+sdZphm7QZMg.json Show response
entitlements.jwplayer.com/ 70 B
245 B 37ms
8ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/MQ6cm06yQU+sdZphm7QZMg.json
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/b1Tao5yJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2C8) /
Resource Hash: 58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
last-modified: Sat, 24 Jul 2021 11:24:11 GMT
server: ECAcc (frd/E2C8)
age: 7010
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=17640
accept-ranges: bytes
content-length: 75

GET
H2 200 close.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
923 B 6ms
6ms Image
image/svg+xml 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/close.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2ddb9d836a177c238be9b2808ac8fe356f3f838ac34c8625b05cf7219377e24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/close.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=b00034dc-7156-9e9a-7798-b541969df2bd; _pc_st=1627132860986; _pc_t=tracking_enabled; _pc_lr=1627132860987
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/close.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 657

GET
H2 200 pause.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
924 B 8ms
8ms Image
image/svg+xml 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/pause.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

af40821acb69199682bfb93db61ad0f5ccf03da47cb272a4005a2c66506111b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/pause.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=b00034dc-7156-9e9a-7798-b541969df2bd; _pc_st=1627132860986; _pc_t=tracking_enabled; _pc_lr=1627132860987
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/pause.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 658

GET
H2 200 rewind.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 2 KB
1 KB 9ms
9ms Image
image/svg+xml 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/rewind.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a2ed72b6d3aca711323a20fe6597ba24dbcf686d50dc0637e25eeca2d357f9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/rewind.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=b00034dc-7156-9e9a-7798-b541969df2bd; _pc_st=1627132860986; _pc_t=tracking_enabled; _pc_lr=1627132860987
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/rewind.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1052

GET
H2 200 volume-100.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 2 KB
1 KB 9ms
9ms Image
image/svg+xml 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/volume-100.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ca7286485a9dae12b7e6bb097a1d92709051492c554ad94c7f79fa2dba5eeb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/volume-100.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=b00034dc-7156-9e9a-7798-b541969df2bd; _pc_st=1627132860986; _pc_t=tracking_enabled; _pc_lr=1627132860987
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/volume-100.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 874

GET
H2 200 fullscreen-on.svg
www.dw.com/css/jwplayer8/skins/DW/icons/ 1 KB
956 B 6ms
6ms Image
image/svg+xml 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dw.com/css/jwplayer8/skins/DW/icons/fullscreen-on.svg

Requested by

Host: www.dw.com
URL: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

264afb41c4f588ecf311eadd477ae782b0b2e3ead027ec1c26ea673997ac18b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /css/jwplayer8/skins/DW/icons/fullscreen-on.svg
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=b00034dc-7156-9e9a-7798-b541969df2bd; _pc_st=1627132860986; _pc_t=tracking_enabled; _pc_lr=1627132860987
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dw.com
referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dw.com/css/jwplayer8/skins/DW/dwskinfile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 15:50:00 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/css/jwplayer8/skins/DW/icons/fullscreen-on.svg
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 684

GET
H2 200 47084888_302.jpeg
static.dw.com/image/ 12 KB
12 KB 10ms
9ms Image
image/jpeg 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/47084888_302.jpeg

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3821743ba9236ba0289cdd3455784ad583c67e85132b28fbcf66f5655f8a6414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 05 Oct 2020 11:21:36 GMT
etag: "f40b9fab07bd6a80408df455fc2700e2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2327
date: Sat, 24 Jul 2021 13:21:01 GMT
accept-ranges: bytes
content-length: 12077

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 119ms
104ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004&idx=0&rand=19724&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=330&py=3013&vpd=1813&cw=720&settings=true&recs=true&version=2000388&sig=as7zIJ1a&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aad5c1c147b2f3837cffd997a5420f8bca570e77aeb7762bfae4218b990aaec0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1627132861.149456,VS0,VE98
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 167.82.174.27
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: ed679a34d560ea803ec5d3efd3926b34
content-encoding: gzip
content-length: 1072
x-served-by: cache-lga13627-LGA, cache-fra19128-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
15 KB 424ms
410ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=19201873394843&correlator=1217810442574437&output=ldjh&impl=fifs&eid=31061649%2C31061806%2C31061842%2C44741899%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=228556409%2CDW_D_Articles_Leaderboard%2CDW_D_Articles_Square&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C200x200&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=URL%3D%252Fen%252Fbayer-points-finger-at-wicked-panda-%26Language%3Den%26sp_case%3DX%26sp_day%3DSaturday%26thematicfocus%3D19990032&cookie_enabled=1&bc=31&abxe=1&lmt=1627132861&dt=1627132861148&dlt=1627132860543&idt=573&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C-9&adys=-12245933%2C-9&adks=34759642%2C3945279944&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dw.com%2Fen%2Fbayer-points-finger-at-wicked-panda-in-cyberattack%2Fa-48196004&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x-1&msz=0x0%7C0x-1&ga_vid=1292905389.1627132861&ga_sid=1627132861&ga_hid=2069018452&ga_fc=false&fws=132%2C2&ohw=980%2C0&btvi=-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

20862a52172fd9d21edba3c96f7dacbf3038075eb90c61bf547f81a8d8ba3eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15019
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dw.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE97 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Jul 2021 13:21:01 GMT
expires: Sun, 24 Jul 2022 13:21:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 377ms
96ms Fetch
text/plain 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=0e66294edb3c35bbaa2aaebc85389d34_37023_1627132861199&tm=422&eT=6&wRV=2000388&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
X-TraceId: 303a01abf878cd6d0e105f1a7d3185ff
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 loader.js Show response
player.h-cdn.com/ 938 KB
249 KB 19ms
6ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: d69f691e65e57e5657829476b10bb62524bc4bac158fa66a12b6e58af761f951

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
age: 506401
x-cache: HIT, HIT
x-hola-original-content-length: 960839
access-control-max-age: 600
content-length: 254222
x-request-id: 0d956116c75dc52e45c2006c0766cc50945da548
x-served-by: cache-ewr18150-EWR, cache-fra19152-FRA
access-control-allow-origin: *
server: nginx/1.15.9 (Ubuntu)
x-timer: S1627132861.272718,VS0,VE0
etag: W/"md5-960736-3a2c1237"
vary: Origin, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Date, Cache-Control, ETag, Content-Length, X-Hola-Original-Content-Length
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 config.js Show response
player.h-cdn.com/ 248 KB
31 KB 20ms
7ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.h-cdn.com/config.js?customer=deutschewelle&md5=251543-1339e577
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 29f21e43acd9c9d0dd21e22c7dca542acdf9926816f3767e98b8110df0c1201f

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
age: 506402
x-cache: HIT, HIT
x-hola-original-content-length: 253858
access-control-max-age: 600
content-length: 31702
x-request-id: f2d6c1b2dffb56b43cfc6bf5a8a58f9131056157
x-served-by: cache-ewr18167-EWR, cache-fra19152-FRA
access-control-allow-origin: *
server: nginx/1.15.9 (Ubuntu)
x-timer: S1627132861.272767,VS0,VE0
etag: W/"md5-251543-1339e577"
vary: Origin, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Date, Cache-Control, ETag, Content-Length, X-Hola-Original-Content-Length
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3372

GET
H2 200 bxl.js Show response
hbx.media.net/ 31 KB
11 KB 30ms
11ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bxl.js?cid=8CU4LLB55&dn=www.dw.com

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4e438795fbaf2ceb5b922ad6a8f67c15222f11c1a4e523d6977c88ca7cbe8185

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sat, 24 Jul 2021 13:21:01 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 10950
x-mnet-hl2: E
expires: Mon, 26 Jul 2021 13:21:01 GMT

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame A2D5 21 KB
8 KB 15ms
14ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CU4LLB55&prvid=80%2C97%2C99%2C108%2C109%2C117%2C159%2C175%2C178%2C182%2C201%2C203%2C208%2C214%2C222%2C251%2C2025%2C2027%2C2028%2C2030%2C2034%2C3007%2C3010%2C3012%2C3014%2C3017%2C10000&usp_status=0&usp_consent=1&gdpr=1&gdprconsent=0&https=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CU4LLB55&dn=www.dw.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ab5a8932b5523699316b35305126459a7194dbf929e4572713cb38bcc003b700

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CU4LLB55&prvid=80%2C97%2C99%2C108%2C109%2C117%2C159%2C175%2C178%2C182%2C201%2C203%2C208%2C214%2C222%2C251%2C2025%2C2027%2C2028%2C2030%2C2034%2C3007%2C3010%2C3012%2C3014%2C3017%2C10000&usp_status=0&usp_consent=1&gdpr=1&gdprconsent=0&https=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dw.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Tue, 25 Jan 2022 13:21:01 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 26 Jul 2021 13:21:01 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
content-length: 7883

OPTIONS
H/1.1 200
OK get
link.h-cdn.com/ Frame 0
0 294ms
98ms Preflight 100.25.32.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.h-cdn.com/get
Protocol: HTTP/1.1
Server: 100.25.32.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-32-123.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.15.9 (Ubuntu)
Date: Sat, 24 Jul 2021 13:21:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Expose-Headers: Content-Range, Date, ETag, X-Cache, X-Hola-Resp, X-Date, X-Hola-Fullsize, Content-Length
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Origin, Accept, Range, Cache-Control, X-Hola-Req
Access-Control-Max-Age: 600

GET
H2 200 ads.txt Show response
www.dw.com/ 17 KB
4 KB 7ms
6ms XHR
text/plain 2a02:26f0:6c00:285::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dw.com/ads.txt

Requested by

Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dae82c9fb206f18900935b4ce6023d941abd95e285d71e2fb153d4e8282e3797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /ads.txt
pragma: no-cache
cookie: ga-disable-UA-109618266-1=true; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; atidvisitor=%7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D; _pc_c=b00034dc-7156-9e9a-7798-b541969df2bd; _pc_st=1627132860986; _pc_t=tracking_enabled; _pc_lr=1627132860987
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: text/*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.dw.com
referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/*
Referer: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:23:02 GMT
etag: W/"60f97136-44ed"
vary: Accept-Encoding
onion-location: https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/advertisements/ads.txt
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=66569
date: Sat, 24 Jul 2021 13:21:01 GMT
accept-ranges: bytes
content-length: 4089

POST
H/1.1 200
OK get Show response
link.h-cdn.com/ 1 KB
1 KB 97ms
97ms XHR
application/json 100.25.32.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.h-cdn.com/get
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.32.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-32-123.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 53e0bad573ad8b7d8bc75e8a030dc70a61bb6abe2ace77250ee360a61941bb12

Request headers

Accept: application/json
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
Date: Sat, 24 Jul 2021 13:21:01 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 1033
Content-Type: application/json; charset=utf-8

GET
H2 200 widget.css
player.h-cdn.com/svc/cdn/pub/css/ 14 KB
4 KB 6ms
5ms Stylesheet
text/css 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.h-cdn.com/svc/cdn/pub/css/widget.css?md5=14051-2ca47f0e
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: b141a7524bb772ea57aaf05440bcae1e74fe44208644cad5bcd70f8a3c6e2ba4

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
via: 1.1 varnish, 1.1 varnish
age: 3985233
x-cache: HIT, HIT
content-encoding: gzip
content-length: 4352
x-request-id: 3579cfc6605af66149c5683c3aeab7300f9588bc
x-served-by: cache-ewr18130-EWR, cache-fra19152-FRA
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
server: nginx/1.15.9 (Ubuntu)
x-timer: S1627132861.407560,VS0,VE0
etag: W/"md5-14051-2ca47f0e"
vary: Origin, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 3880, 25579

GET
H2 200 playlist.css
player.h-cdn.com/svc/cdn/pub/css/ 25 KB
4 KB 6ms
6ms Stylesheet
text/css 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.h-cdn.com/svc/cdn/pub/css/playlist.css?md5=25204-04f9a1eb
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 42224d4aca0ff3faca9c8ff6dddfc649dfdda53c48cede3db38150b71190bf07

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
via: 1.1 varnish, 1.1 varnish
age: 3984209
x-cache: HIT, HIT
content-encoding: gzip
content-length: 4419
x-request-id: ad0974c3b4e0be6f5eab45efec5407cdcd16002f
x-served-by: cache-ewr18163-EWR, cache-fra19152-FRA
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
server: nginx/1.15.9 (Ubuntu)
x-timer: S1627132861.408349,VS0,VE0
etag: W/"md5-25204-04f9a1eb"
vary: Origin, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 3972, 25178

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 3A2E 188 KB
54 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3A2E 13 KB
6 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3A2E 87 KB
27 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3A2E 4 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3A2E 40 KB
13 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 172561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 18109843948634135083
tpc.googlesyndication.com/simgad/ Frame 3A2E 18 KB
19 KB 29ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18109843948634135083?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlsvGgljuPfVVrBhNyy7KKRL7TKLA

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f475912ba5e21741e42486f39fe01e3f6ada6bad3efca7864506952a2d8f357c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 10:57:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 04:31:44 GMT
server: sffe
age: 267793
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18897
x-xss-protection: 0
expires: Thu, 21 Jul 2022 10:57:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A2E 2 KB
3 KB 28ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 36103
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 25 Jul 2021 03:19:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A2E 295 B
776 B 27ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 800
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 25 Jul 2021 13:07:41 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3A2E 0
0 22ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7-r59udUtRR478uD1LBG9M4oilwEgKX3w41BrR3pU6InZbnOj247sP9NEffS0S6vORdsWB-Ef4S5-GBAwPGI71Zb9Pw
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3A2E 0
0 20ms
19ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsJPEvRP8YJ7ODOyFx_APnN2_6Amhs7z3Y9OQo-z8DZeH9f0IEAEgmbKONmCVAqABmsmT3ALIAQLgAgCoAwHIAwiqBKUCT9BlzzzQ_PVJT3v18tMPMqORQIIUD0OOiaQZGGf7FEyw6VygejzDOlTRyoiCONCMelPHOde57iI-kznTXqm3f7GugAkULnLa-YTcUBrq9so1yrGfXheGrau0RttbwV7iBTvzqSzui5BFiUjspBkPrGIJf1XK7P0DxTB5QXmae5uz88uN6xkANtCjs7vSazsxTG64CvXS6GlxYeSGLJI1rhq50gs4qM_PMFYjT-Imq_e7ufQb26CpNjySl0osKmTvFIaUU8uj01ykOyx-PIFAscLU0oHYjU68lbY7wGrB6AWq9Jn1lmvBJ_wVtTA_QA0-eUa7tUqqBImwld0LPpsyyVMMSzXnha7hq-iXjlfsQqqnbaSW_q7AuV5Vdg4TWfKRP6tusQzABLG-1ePZA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfOtuyjAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCBqwjSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItNzA2MjYzNDAyODU1NTYxMA&sigh=NqXqrUz8sfA
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3A2E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f22d68e5c6fd5d9e9551cbf9c49b284b22974fcfa09880006409f19c2e843b1

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 39ms
19ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f701aa8ed2c88c581792754e1ae0df9966a31ebf2fdc45aa13d177896d025ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8416
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 13:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 24 Jul 2021 13:21:01 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3A2E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

34ms
14ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.dw.com
URL: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sat, 24 Jul 2021 13:21:01 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 54F1 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 24 Jul 2021 12:33:36 GMT
expires: Sun, 24 Jul 2022 12:33:36 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8C0C 783 B
532 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19b9e565f4d96e6243a50e7709bc541f47f563d9c6ac28e6b6b4d0717bdbd53b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6eaGiKhsUteQIfZzKFZFqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dw.com/

Response headers

expires: Sat, 24 Jul 2021 13:21:01 GMT
date: Sat, 24 Jul 2021 13:21:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6eaGiKhsUteQIfZzKFZFqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js Show response
pagead2.googlesyndication.com/bg/ Frame 54F1 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13334
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 20:14:37 GMT

OPTIONS
H/1.1 200
OK get
link.h-cdn.com/ Frame 0
0 97ms
97ms Preflight 100.25.32.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.h-cdn.com/get
Protocol: HTTP/1.1
Server: 100.25.32.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-32-123.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.15.9 (Ubuntu)
Date: Sat, 24 Jul 2021 13:21:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Expose-Headers: Content-Range, Date, ETag, X-Cache, X-Hola-Resp, X-Date, X-Hola-Fullsize, Content-Length
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Origin, Accept, Range, Cache-Control, X-Hola-Req
Access-Control-Max-Age: 600

POST
H/1.1 200
OK get Show response
link.h-cdn.com/ 1 KB
1 KB 97ms
97ms XHR
application/json 100.25.32.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.h-cdn.com/get
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.32.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-32-123.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 53e0bad573ad8b7d8bc75e8a030dc70a61bb6abe2ace77250ee360a61941bb12

Request headers

Accept: application/json
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
Date: Sat, 24 Jul 2021 13:21:01 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 1033
Content-Type: application/json; charset=utf-8

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=19201873394843&bg=!ExClEFTNAAbnC78O5ws7ACkAdvg8WvEUWI-qIDAyCv__Sr4Hn0bbfMkVEm-JDWWtT3PRHdUlSA-qcAIAAAB6UgAAAA1oAQeZAnDERR9OcVOyvB-b5bANXpt1oNxomP9eULRVtcN3CF4XjOyrmsB5UOBDcXNLaqgopftkfihYrdvSE-Xs4gc7eGQtK9Q8EkgyRe1GHN9vanZ7GL9ruHZFjPFfRdbBRwcKJsYM4LLsXkn2-StJNthexUvVJtilK2o_uo6l7CagrNQnMIo7zCBcp3QBjHO3kRIJ3TTw28D3fNJlZt8Hw8pTmIBbbFvgv-9wDWKOu9XAZ_sXt6mI4HV0CYGz5cBBEJoThWCKNo-7lmbepsUeNATdhbX6txjty7hHCydxPZ9POXZui-2Q8rljWiT9_g8ATED13C1tdPYv9EDJuSGCmb3iOC4T19xlwvlTRrKuv2LEwJD6rm74A3jVyYsh9xATlmk6KRileNGxThLKubOyrVJqozEgjN51FEU3fXOpap_ktpraMvT5Q7KhoJClhnimYKQxBLUB9rARMxB9hJL55c0GvLIoaDSpA-uX7iPJQ8Et9Q8Qr6cx78neMEIaSIipCUnlGn8VYykC0mSH9ek5XCgVMrguK5kpR4ONn6WSlDFXGRmksdHR0NrKZf9wbVd_IR1hyRW-bikP9L3c_GiR4Ptn-1YlTHXOI82qlSdQw4QAcYiZ3sVGxI8uwiqLpemd8GRszX4jKEUD37iirqtyxLIYq8lGcEkycILjhPr_dr08EajHA-Tnxtl-w4VOC1nmRrxqs6x8MzBVc1hSV58KWKe3I5VPUeagpbnl6hxdUbloAd9fK28_Sg9_U_eHGd__Ce7l5gdtwuONwCRnpoWWUKIo851GQUe_n51_qWJwGy4Cdu68QAtmnFUlFLyMug4QKUu1TqQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 13:21:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3A2E 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFI1COHMN3R9hO8Qh1dSWpbSlRtwOUiTkbrc99WydktKB8KfgE3yHyRGTWcvDwtrW9cVuKGHiBEfGr0JR58Lq0z28I7CLgtjDth8DHS9gqCbVF25GpnYD2oUcb-g&sai=AMfl-YRNgGAA8MriuCoAgD6tBelyPKj_aa0ScJObPdrTeG47Nr_MNNa4XbTGpa6lVSN7eI7W-03Xe9LBrqxbTr7WeaSo4TSDMkRgig7gn0zNwFKFFoWm61xs6YM9fzWD7QU&sig=Cg0ArKJSzCkd7BledhYPEAE&id=ampim&o=436,255&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=62&tls=1062&g=100&h=100&tt=1063&r=v&avms=ampa&adk=34759642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 13:21:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK perr Show response
perr.h-cdn.com/be_client_cgi/ 19 B
262 B 304ms
101ms XHR
application/json 34.207.24.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://perr.h-cdn.com/be_client_cgi/perr?id=www_cdn_db_spark_stats&browser=chrome&browser_ver=89&customer=deutschewelle&tag_id=563&tag_date=1622555022997
Requested by: Host: player.h-cdn.com
URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.24.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-24-140.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 0373df4435dd56e813083406055ac208593c8bd3c1faeff1f9974f532d485abc

Request headers

Accept: text/*
Referer: https://www.dw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Jul 2021 13:21:11 GMT
Cache-Control: private,no-store
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 19
Content-Type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dw.com/	1970-01-30 08:15:21	Name: _pc_t Value: tracking_enabled
.dw.com/	1969-12-31 23:59:59	Name: _pc_st Value: 1627132860986
.dw.com/	1970-01-30 08:15:21	Name: _pc_c Value: b00034dc-7156-9e9a-7798-b541969df2bd
.dw.com/	1969-12-31 23:59:59	Name: _pc_lr Value: 1627132860987
www.dw.com/	1970-02-17 11:34:04	Name: ga-disable-UA-109618266-1 Value: true
.dw.com/	1970-01-20 00:20:57	Name: atidvisitor Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
www.dw.com/	1970-01-20 00:20:57	Name: atidvisitor Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-510544-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://code.jquery.com/jquery-migrate-3.0.1.js(Line 48) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api	log	URL: https://www.dw.com/js/dwde.min.js?v=6.72.1(Line 1) Message: JQMIGRATE: Migrate is installed, version 3.1.0
console-api	debug	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle(Line 13) Message: Spark loader: init load script event page_load
console-api	info	URL: https://www.dw.com/js/dwde.min.js?v=6.72.1(Line 1) Message: JWPlayer Initialized
console-api	debug	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle(Line 13) Message: Spark loader: load_script by on_page_load on top
console-api	log	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237(Line 216) Message: %cVideo enhancements powered by HolaSpark.com v1.163.741.T563 Zone l10n_en color: blue; font-size: 15px
console-api	log	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237(Line 216) Message: %chttp://holaspark.com/?cam=wm_devconsole color: blue
console-api	log	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237(Line 216) Message: %cGDPR-CCPA mode enabled color: green
console-api	log	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237(Line 216) Message: %cEnabled features: Floating player, Video preview, Watch next, Player thumbnails color: blue
console-api	log	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237(Line 216) Message: %cAvailable features: Image preview, Watch later, Position memory, Player auto play, Video search, Page sharing, TV video casting, YouTube-like controls, Video panel, Video heatmap, Newsreel, Sticky player, Top pages color: green
console-api	log	URL: https://player.h-cdn.com/loader.js?customer=deutschewelle&no_conf=true&md5=960736-3a2c1237(Line 216) Message: Embedded in deutschewelle frame: https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://www.dw.com/en/bayer-points-finger-at-wicked-panda-in-cyberattack/a-48196004

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.amazon-adsystem.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.jwplayer.com
code.jquery.com
commons.dw.com
e756b3d50d2deed9cb8ed1adc19ed4f3.safeframe.googlesyndication.com
entitlements.jwplayer.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbx.media.net
ib.adnxs.com
link.h-cdn.com
log.outbrainimg.com
logs1242.xiti.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
peach-static.ebu.io
perr.h-cdn.com
pipe-collect.ebu.io
player.h-cdn.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
static.dw.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.dw.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
100.25.32.123
104.111.250.147
13.226.132.202
142.250.184.226
143.204.98.50
151.101.14.132
151.101.14.133
152.199.22.243
18.196.99.238
2.18.232.28
2.18.234.190
2.18.235.93
2001:4de0:ac18::1:a:1a
213.19.162.51
2600:9000:2182:8a00:1:a3fa:7cc0:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:6c00:285::2d63
2a04:4e42:3::485
2a04:4e42:3::626
34.207.24.140
35.156.10.121
37.252.173.62
52.17.149.223
70.42.32.95
0373df4435dd56e813083406055ac208593c8bd3c1faeff1f9974f532d485abc
038dc4e55b454501f83333e87abc889bd52d609d99eb3389511295bf9df7e6ec
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
19b9e565f4d96e6243a50e7709bc541f47f563d9c6ac28e6b6b4d0717bdbd53b
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
20862a52172fd9d21edba3c96f7dacbf3038075eb90c61bf547f81a8d8ba3eb5
264afb41c4f588ecf311eadd477ae782b0b2e3ead027ec1c26ea673997ac18b3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
29f21e43acd9c9d0dd21e22c7dca542acdf9926816f3767e98b8110df0c1201f
2ae8cfcb07ab054d42b12d486f73ea7f963a84bdcc8f542dc06970bc82312668
2ddb9d836a177c238be9b2808ac8fe356f3f838ac34c8625b05cf7219377e24a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
375e282d14235d0e47e9310de72e17427fd1f33c507bfa575f9719408731c289
3821743ba9236ba0289cdd3455784ad583c67e85132b28fbcf66f5655f8a6414
384d20e371aeb0bab889b7b57269da1b67de7890d0288ec2aea8533d3b721935
3943a0fd4592088686323d6bd7acf8b23ec8799330a2e821eee41b938352e428
3a0ed83fa87627f79c564eaa0757c056ac3323b610baeea75a97b33cc5dbc935
3c416a3cbc9adb63f32125d99d64ce70689510225a2d92caf8707e029c923382
3f22d68e5c6fd5d9e9551cbf9c49b284b22974fcfa09880006409f19c2e843b1
42224d4aca0ff3faca9c8ff6dddfc649dfdda53c48cede3db38150b71190bf07
4274f6d73039833b37a64aefae69559c3a1fac95460b2464f5ac2c3c0c669955
43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49ab757a8dcbda823248d1a0e11c40c6e10d0c077f4ba107eaf84c2f144b4761
4e438795fbaf2ceb5b922ad6a8f67c15222f11c1a4e523d6977c88ca7cbe8185
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53a799ce5505ccfe5a0872989a681b09c23f1a4c7e6b6655cc290b7b12ad7f75
53e0bad573ad8b7d8bc75e8a030dc70a61bb6abe2ace77250ee360a61941bb12
56be50c65116b3cd231b8b69068d647b03aa9a0e15de26b31f4e3aba35175251
56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e
57f2238860a181a116c4374c0ee0343e3e8528ab8f7ef6fd76379cbd6c219bc5
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15
5a0d608acfd6425eb94b0bf3d691835255071ac7ee60d9000f823ba06d57ae3d
5afab78ca0a323f72103635fcdb92c7da0db7babf8ea34731547aa419c12152f
5e1d9d947993df2736cf54d13c952c05bf60218e97c78eaec953a4ee4db87da5
5ff4a72caca60a7670fc5df47fa7c4bfcd6896baf4dda5c15303ee87ee0c2e8b
60bc6a9870fc33fce5220d27895b6c3043bb48771c8ac5505865dfe7afca6771
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61d1dab01428240ad52f3ae3f8a819c550839e98c0a2ceb207cd1220f5f8b820
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
65cec34b3d60fdcb098eae1a552d3f4a7568f22ae8bd989aa45b264ab8bab154
6905187bf215fe6b8c4afe16c84847674297ffb073b8f1b614c4342b125663b2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7d661f5dd67739fa7879c2578fa00278e0de376f0b44b526239c79bca6532d
72c36aa2bbf4f8f221c8d53d6cfeac8a9dd4638fa7c48c52e081235409111993
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
810498673af1c6e2284b739f367fbad0bdc1ccf1b8c1746172d4ea4f608e693d
81d0aa06c9481b3fc7b1bbe36953211677503a168c0ac5f9b254396c42a64528
81f24f92b7a47056ec009b29d244eec11e2515b8e359fa945eb9fb116bd69cda
85f083d8cd1336fe3a60c24dc734b9c40a7eec9e68a2b30df146fb25a4f57640
8a3ff7771f08235593585de5c567352c79ccf4da67dde2cfc9b37013faed93e9
8bde7c7a3fd076f2f3076d0ff5e64175eed9e5c04da1cac762d26af87dfba9a9
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9996703f7c12ee4173def798d748bb36721c85d3033965d6431b671614264097
9c6df269a53dbf588a56b22ccf04bef7bfbf8d90313a21bb84e0cec23e246760
a2ed72b6d3aca711323a20fe6597ba24dbcf686d50dc0637e25eeca2d357f9b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aad5c1c147b2f3837cffd997a5420f8bca570e77aeb7762bfae4218b990aaec0
ab5a8932b5523699316b35305126459a7194dbf929e4572713cb38bcc003b700
ac0ee1a7e4042e72f3a0f0b89d3f92278ece91612a5fa599bff6cb3b758f45d8
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92
ae9b8a6fa119ecf9d684ee5c1b82d80dfc6fbe61b3fd8424e7fa0eafb5414b73
af40821acb69199682bfb93db61ad0f5ccf03da47cb272a4005a2c66506111b4
b141a7524bb772ea57aaf05440bcae1e74fe44208644cad5bcd70f8a3c6e2ba4
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b73e4257f71e27b3fdac7a891b0d3b2cd8d4ac80e59b546d570219c0a7a443d5
c44e55ded4b4ce6fdb49e33d6219fdf547ecdad69913b9eab6578d07012814af
ca7286485a9dae12b7e6bb097a1d92709051492c554ad94c7f79fa2dba5eeb0b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d314e2222be8f3bcce3d92f2183a236fb4d67a9d9089b4866110da30a5e51d26
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d69f691e65e57e5657829476b10bb62524bc4bac158fa66a12b6e58af761f951
dae82c9fb206f18900935b4ce6023d941abd95e285d71e2fb153d4e8282e3797
df844ee00772eb6a9bcd2d68102012560ae8c6ac426281807cbcca5d1754391a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e943aea4c1bfa037109388aec87b962d28432df3992a717774794add1495e4c7
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd00ac923e1af152768679ef52a3c1a6f1c892c1ef9785513e43af80c01a678
f199bcf746f615780a7271ca4ac6202dbed49df4c722a83aa787b26573fa47a8
f475912ba5e21741e42486f39fe01e3f6ada6bad3efca7864506952a2d8f357c
f701aa8ed2c88c581792754e1ae0df9966a31ebf2fdc45aa13d177896d025ff4
fa2ad1661d4fbc0e301956134d7db296be39ef5ab5a66617df0f9be0ec6aa498
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

www.dw.com Open in urlscan Pro 2a02:26f0:6c00:285::2d63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

107 Requests

100 %HTTPS

49 %IPv6

24 Domains

38 Subdomains

36 IPs

5 Countries

2129 kBTransfer

6115 kBSize

7 Cookies

16 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dw.com Open in urlscan Pro
2a02:26f0:6c00:285::2d63 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

100 %
HTTPS

49 %
IPv6

24
Domains

38
Subdomains

36
IPs

5
Countries

2129 kB
Transfer

6115 kB
Size

7
Cookies

107 HTTP transactions
2 data transactions