www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Submission: On September 27 via manual (September 27th 2021, 7:45:23 am UTC) from DE — Scanned from DE

Summary HTTP 93 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 14 domains to perform 93 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:2:85, located in Germany and belongs to PLUSLINE, DE. The main domain is www.heise.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2020. Valid for: 2 years.

This is the only time www.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a02:2e0:3fe:... 2a02:2e0:3fe:1001:7777:772e:2:85	12306 (PLUSLINE) (PLUSLINE)
1	2606:4700:20:... 2606:4700:20::ac43:4832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	13.225.78.36 13.225.78.36	16509 (AMAZON-02) (AMAZON-02)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	104.85.5.87 104.85.5.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	161.156.47.59 161.156.47.59	36351 (SOFTLAYER) (SOFTLAYER)
1	78.46.61.107 78.46.61.107	24940 (HETZNER-AS) (HETZNER-AS)
1	188.40.65.103 188.40.65.103	24940 (HETZNER-AS) (HETZNER-AS)
1	185.54.150.22 185.54.150.22	60164 (WEBTREKK-AS) (WEBTREKK-AS)
2	2600:9000:20e... 2600:9000:20eb:c400:b:f730:9800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.85.1.56 104.85.1.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.85.5.185 104.85.5.185	16625 (AKAMAI-AS) (AKAMAI-AS)
3	67.216.91.19 67.216.91.19	35415 (WEBZILLA) (WEBZILLA)
2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.54.150.11 185.54.150.11	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2	157.90.164.138 157.90.164.138	24940 (HETZNER-AS) (HETZNER-AS)
3	104.85.5.56 104.85.5.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.122.89.210 3.122.89.210	16509 (AMAZON-02) (AMAZON-02)
2	185.54.150.27 185.54.150.27	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	185.54.150.12 185.54.150.12	60164 (WEBTREKK-AS) (WEBTREKK-AS)
2	2606:4700:20:... 2606:4700:20::681a:5e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4759	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:8e00:1c:1ac7:3e40:93a1	16509 (AMAZON-02) (AMAZON-02)
93	29

36 2a02:2e0:3fe:1001:7777:772e:2:85 (Germany)

ASN12306 (PLUSLINE, DE)

www.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4832 (United States)

ASN13335 (CLOUDFLARENET, US)

yxsu5ufd2m.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.78.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-36.fra2.r.cloudfront.net

cmp.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.85.5.87 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-5-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

87700970.de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.156.47.59 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 3b.2f.9ca1.ip4.static.sl-reverse.com

ssl-heise.met.vgwort.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.61.107 (Leipzig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser05.kameleoon.net

eu-tlp05.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.40.65.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser04.kameleoon.net

eu-tlp04.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)

responder.wt.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:c400:b:f730:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)

heise.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.85.1.56 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.5.185 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-5-185.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.216.91.19 (United States)

ASN35415 (WEBZILLA, NL)

cdn.thenewsbox.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.11 (Germany)

ASN60164 (WEBTREKK-AS, DE)

cdn.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.164.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.164.90.157.clients.your-server.de

hit-pool.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.85.5.56 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-5-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.89.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-89-210.eu-central-1.compute.amazonaws.com

rpe.dymatrix.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.27 (Germany)

ASN60164 (WEBTREKK-AS, DE)

prophet.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.54.150.12 (Germany)

ASN60164 (WEBTREKK-AS, DE)

r.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:5e3 (United States)

ASN13335 (CLOUDFLARENET, US)

content.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4759 (United States)

ASN13335 (CLOUDFLARENET, US)

cr_stats.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8e00:1c:1ac7:3e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

am.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	heise.de www.heise.de cmp.heise.de responder.wt.heise.de prophet.heise.de am.heise.de	982 KB
8	mateti.net cdn.mateti.net r.mateti.net	47 KB
7	upscore.com files.upscore.com hit-pool.upscore.com content.upscore.com cr_stats.upscore.com	23 KB
7	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com	92 KB
6	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	133 KB
4	doubleclick.net securepubads.g.doubleclick.net	260 KB
3	ioam.de 1 redirects script.ioam.de 87700970.de.ioam.de	10 KB
3	kameleoon.eu yxsu5ufd2m.kameleoon.eu eu-tlp05.kameleoon.eu eu-tlp04.kameleoon.eu	62 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	788 B
2	cloudimg.io heise.cloudimg.io	38 KB
2	vgwort.de 1 redirects ssl-heise.met.vgwort.de	771 B
1	googletagservices.com www.googletagservices.com	25 KB
1	dymatrix.cloud rpe.dymatrix.cloud	71 B
1	thenewsbox.net cdn.thenewsbox.net	4 KB
93	14

	Domain	Requested by
36	www.heise.de	www.heise.de cdn.thenewsbox.net yxsu5ufd2m.kameleoon.eu
8	cmp.heise.de	www.heise.de cmp.heise.de
6	r.mateti.net	cdn.mateti.net
4	widgets.outbrain.com	www.heise.de widgets.outbrain.com
4	securepubads.g.doubleclick.net	www.heise.de securepubads.g.doubleclick.net www.googletagservices.com
3	t.teads.tv	www.heise.de
2	content.upscore.com	cdn.thenewsbox.net
2	prophet.heise.de	www.heise.de
2	hit-pool.upscore.com	files.upscore.com
2	cdn.mateti.net	responder.wt.heise.de cdn.mateti.net
2	files.upscore.com	www.heise.de files.upscore.com
2	a.teads.tv	www.heise.de s8t.teads.tv
2	heise.cloudimg.io	www.heise.de
2	ssl-heise.met.vgwort.de	1 redirects www.heise.de
2	87700970.de.ioam.de	1 redirects www.heise.de
1	am.heise.de
1	cr_stats.upscore.com	cdn.thenewsbox.net
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	www.googletagservices.com	a.teads.tv
1	rpe.dymatrix.cloud	responder.wt.heise.de
1	odb.outbrain.com	widgets.outbrain.com
1	s8t.teads.tv	a.teads.tv
1	log.outbrainimg.com	widgets.outbrain.com
1	cdn.thenewsbox.net	www.heise.de
1	widget-pixels.outbrain.com	www.heise.de
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	responder.wt.heise.de	www.heise.de
1	eu-tlp04.kameleoon.eu	yxsu5ufd2m.kameleoon.eu
1	eu-tlp05.kameleoon.eu	yxsu5ufd2m.kameleoon.eu
1	script.ioam.de	www.heise.de
1	yxsu5ufd2m.kameleoon.eu	www.heise.de
93	31

This site contains links to these domains. Also see Links.

Domain
www.techstage.de
bildung.heise.de
business-services.heise.de
tarifrechner.heise.de
spiele.heise.de
shop.heise.de
abo.heise.de
heise-gruppe.de
www.heise-gruppe.de
getpocket.com
app-eu.readspeaker.com
www.guardicore.com
www.blackhat.com
www.zdnet.com
github.com
pubads.g.doubleclick.net
www.facebook.com
twitter.com
heise.de
www.outbrain.com
plarium.com
enterjs.de
jobs.heise.de
www.heise-events.de
www.cyberport.de
it-jobtag.de
www.interred.de
www.plusline.net

Subject Issuer	Validity	Valid
www.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh
cmp.heise.de R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.de.ioam.de Thawte TLS RSA CA G1	`2021-07-12` - `2022-07-20`	a year	crt.sh
*.met.vgwort.de Thawte RSA CA 2018	`2020-03-13` - `2022-04-01`	2 years	crt.sh
kameleoon.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-24` - `2022-04-23`	2 years	crt.sh
responder.wt.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-07-17` - `2022-10-15`	2 years	crt.sh
*.cloudimg.io GeoTrust RSA CA 2018	`2020-06-01` - `2022-06-01`	2 years	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
cdn.thenewsbox.net R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.upscore.com Go Daddy Secure Certificate Authority - G2	`2020-01-27` - `2022-01-27`	2 years	crt.sh
*.mateti.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-23` - `2022-01-23`	a year	crt.sh
rpe.dymatrix.cloud Amazon	`2020-11-20` - `2021-12-19`	a year	crt.sh
prophet.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-01-07` - `2022-04-06`	2 years	crt.sh
upscore.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
am.heise.de Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Frame ID: 1C4F0FB090D8CF360A12594B612BBFC6
Requests: 80 HTTP requests in this frame

Frame: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
Frame ID: A91B366A3AEEC6B2DB81F8314E47BE0D
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B71A281BF1269F95BBCB1110B47296BC
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 43510FF673A4B84CCB157EB837620B82
Requests: 1 HTTP requests in this frame

Frame: https://www.heise.de/kameleoon-iframe.html
Frame ID: 7264460E294D960D25395D0AEC50350F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Autodiscover: Exchange-Protokoll leakt Windows-Anmeldedaten ins öffentliche Netz | heise online heise online Logoheise-BotPush Nachrichtenheise online Logoheise-BotPush Nachrichtencomments_outline_whiteheise-BotPush Nachrichten

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Page Statistics

93
Requests

100 %
HTTPS

29 %
IPv6

14
Domains

31
Subdomains

29
IPs

3
Countries

1676 kB
Transfer

4581 kB
Size

19
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techstage.de/
Title: TechStage

Search URL Search Domain Scan URL

URL: https://bildung.heise.de/
Title: Weiterbildung

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/
Title: Whitepaper/Webcasts

Search URL Search Domain Scan URL

URL: https://tarifrechner.heise.de/dsl/
Title: DSL-Vergleich

Search URL Search Domain Scan URL

URL: https://spiele.heise.de/
Title: Spielen bei Heise

Search URL Search Domain Scan URL

URL: https://shop.heise.de/
Title: heise Shop

Search URL Search Domain Scan URL

URL: https://abo.heise.de/
Title: Abo

Search URL Search Domain Scan URL

URL: https://heise-gruppe.de/-1812545
Title: Arbeiten bei Heise

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/presse/
Title: Presse

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/specials/online-marketing/home/?source=topthemen
Title: Online-Marketing

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Title: In Pocket speichern

Search URL Search Domain Scan URL

URL: https://app-eu.readspeaker.com/cgi-bin/rsent?customerid=4407&lang=de_de&readid=meldung&url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html%3Fseite%3Dall
Title: vorlesen

Search URL Search Domain Scan URL

URL: https://www.guardicore.com/labs/autodiscovering-the-great-leak/
Title: dokumentierten nun erfolgreiche Versuche, über Autodiscover solche Anmeldedaten auszuspionieren

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/docs/asia-17/materials/asia-17-Nesterov-All-Your-Emails-Belong-To-Us-Exploiting-Vulnerable-Email-Clients-Via-Domain-Name-Collision-wp.pdf
Title: eine detaillierte Abhandlung zu ähnlichen Autodiscover-Problemen in mobilen Mail-Programmen

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/design-flaw-in-microsoft-autodiscover-abused-to-leak-windows-domain-credentials/
Title: gab Microsoft allerdings zu Protokoll

Search URL Search Domain Scan URL

URL: https://github.com/guardicore/labs_campaigns/tree/master/Autodiscover
Title: eine Liste entsprechender gefährlicher Domains

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5793846841&iu=/6514/www.heise.de/clicktracking/usAd
Title: <img src="https://heise.cloudimg.io/width/300/q50.png-lossy-50.webp-lossy-50.foil1/_www-heise-de_/security/imgs/07/3/1/7/2/6/4/6/mpu_ZF__002_-cabc199c819a00e3.jpg" srcset=" https://heise.cloudimg.io/width/336/q30.png-lossy-30.webp-lossy-30.foil1/_www-heise-de_/security/imgs/07/3/1/7/2/6/4/6/mpu_ZF__002_-cabc199c819a00e3.jpg 336w, https://heise.cloudimg.io/width/1008/q30.png-lossy-30.webp-lossy-30.foil1/_www-heise-de_/security/imgs/07/3/1/7/2/6/4/6/mpu_ZF__002_-cabc199c819a00e3.jpg 1008w, https://heise.cloudimg.io/width/600/q30.png-lossy-30.webp-lossy-30.foil1/_www-heise-de_/security/imgs/07/3/1/7/2/6/4/6/mpu_ZF__002_-cabc199c819a00e3.jpg 2x " alt="" width="300" height="250" class="legacy-img " loading="lazy" decoding="async" >

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5782590630&iu=/6514/www.heise.de/clicktracking/textlink
Title: Bundeswehr erkundet virtuellen Raum

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5703669547&iu=/6514/www.heise.de/clicktracking/textlink
Title: So holen Sie mehr aus Microsoft Outlook heraus

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5758398637&iu=/6514/www.heise.de/clicktracking/textlink
Title: Professionelle Videobearbeitung

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5719259448&iu=/6514/www.heise.de/clicktracking/textlink
Title: Mehr Chancen durch Remote Work – und Gefahren?

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5629469164&iu=/6514/www.heise.de/clicktracking/textlink
Title: Die Zukunft der Mobilität mitgestalten

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5686044209&iu=/6514/www.heise.de/clicktracking/textlink
Title: Security Operations – Trumpf gegen Cyberattacken

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5736338159&iu=/6514/www.heise.de/clicktracking/textlink
Title: Wie Bots/Roboter IT-Mitarbeiter unterstützen

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5703000128&iu=/6514/www.heise.de/clicktracking/textlink
Title: Unbefugter Firmenzugriff mit fatalen Folgen

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5701334310&iu=/6514/www.heise.de/clicktracking/textlink
Title: Sicherheit für Ihre Digitalisierungsprojekte

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5598369803&iu=/6514/www.heise.de/clicktracking/textlink
Title: Zukunftssichere IT für KMU

Search URL Search Domain Scan URL

URL: https://shop.heise.de/ct-30611-ct000012?LPID=30611_CT000012_19321_3_57&wt_mc=intern.abo.ct.ct_2021_raspi.dmp_cam.teaser.teaser

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html&text=Autodiscover%3A+Exchange-Protokoll+leakt+Windows-Anmeldedaten+ins+%C3%B6ffentliche+Netz+%7C+Security

Search URL Search Domain Scan URL

URL: https://heise.de/-6199548
Title: https://heise.de/-6199548

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/de
Title: empfohlen von

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/de/desktop/raid/replica_vik_rdoapp?plid=530761&pxl=outbrain&PublisherID=$publisher_name$_$section_id$&placement=000eb229b34b25ca92ab9085d548ba0dcb&adpartnerset=006b3ab5a8ff37bb0551041a5dd46f044a&clickID=$ob_click_id$&obOrigUrl=true
Title: Anzeige Dieses Spiel ist so schön. Wenn Sie einen Computer haben, ist es ein Muss. Raid: Shadow Legends

Search URL Search Domain Scan URL

URL: https://enterjs.de/?obOrigUrl=true
Title: Heise-Angebot enterJS 2021 – Die Konferenz für Enterprise-JavaScript am 29. und 30. September: Jetzt Ticket sichern. enterJS 2021

Search URL Search Domain Scan URL

URL: https://jobs.heise.de/Job/IT-Support-Analyst-m-w-d.654346915.html?obOrigUrl=true
Title: Anzeige heise.de - IT Support Analyst (m/w/d) - Pinsent Masons Rechtsanwälte Steuerberater Solicitors Partnerschaft mbB | Jobs jobs.heise.de

Search URL Search Domain Scan URL

URL: https://www.heise-events.de/workshops/ios-entwickler?wt_mc=intern.events.ho.ws_ios-sbp.outbrain.teaser.teaser&obOrigUrl=true
Title: Heise-Angebot Welche OS-Sicherheits-Bordmittel können Sie in Ihrer App verwenden? Jetzt anmelden für den Mac & i Workshop am 28. + 29. Oktober. heise-events.de

Search URL Search Domain Scan URL

URL: https://www.cyberport.de/angebote/kaufberatung/notebooks/move2modern.html?APID=369&wt_cc2=coma_m2m_21q3_desktopcategory_nv-ads&obOrigUrl=true
Title: Anzeige Neues Notebook? Windows Notebooks mit Intel Cyberport

Search URL Search Domain Scan URL

URL: https://it-jobtag.de/stuttgart/?obOrigUrl=true
Title: Anzeige IT-Jobtagin Stuttgart - Die exklusive Jobmesse von heise jobs und Jobware | PRÄSENZVERANSTALTUNG! it-jobtag.de

Search URL Search Domain Scan URL

URL: http://www.interred.de/
Title: Content Management by InterRed

Search URL Search Domain Scan URL

URL: https://www.plusline.net/
Title: Hosted by Plus.line

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/heise-medien.html
Title: Copyright © 2021 Heise Medien

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://87700970.de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ecf434a307958561517684&ep=1656929199&vr=434&id=kjg5ef&i3=nocookie&n1=1&dntt=0&lt=1632728708499&ev=&cs=vfvizm&mo=1 HTTP 302
https://87700970.de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ecf434a307958561517684&ep=1656929199&vr=434&id=kjg5ef&i3=nocookie&n1=1&dntt=0&lt=1632728708499&ev=&cs=vfvizm&mo=1&sr=71

Request Chain 27

https://ssl-heise.met.vgwort.de/na/8955792cd3ce466c9cbd6007b528878b HTTP 302
https://ssl-heise.met.vgwort.de/blank.gif

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html Show response
www.heise.de/news/ 167 KB
36 KB 42ms
8ms Document
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

0b0eefe38b12c0854fb94a46bc6f5ee33d961cb51e9e33e2ca99263b543af81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.heise.de
:scheme: https
:path: /news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 27 Sep 2021 07:44:25 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 27 Sep 2021 07:44:25 GMT
content-encoding: gzip
age: 42
strict-transport-security: max-age=15768000
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: X-Export-Format, X-Export-Agent, Accept-Encoding
cache-control: no-store
accept-ranges: bytes
content-length: 36388

GET
H2 200 ssp4.96b.ltc.woff2
www.heise.de/assets/styles/fonts/ 16 KB
16 KB 9ms
8ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ssp4.96b.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/styles/fonts/ssp4.96b.ltc.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Origin: https://www.heise.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:39:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 07:39:12 GMT
server: nginx
age: 324
etag: "61498c20-3e24"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15908
x-xss-protection: 1; mode=block

GET
H2 200 ssp6.bd6.ltc.woff2
www.heise.de/assets/styles/fonts/ 15 KB
16 KB 10ms
9ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ssp6.bd6.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/styles/fonts/ssp6.bd6.ltc.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Origin: https://www.heise.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:39:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 07:39:11 GMT
server: nginx
age: 324
etag: "61498c1f-3da8"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15784
x-xss-protection: 1; mode=block

GET
H2 200 ssp4i.6b1.ltc.woff2
www.heise.de/assets/styles/fonts/ 15 KB
15 KB 14ms
14ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ssp4i.6b1.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/styles/fonts/ssp4i.6b1.ltc.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Origin: https://www.heise.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:39:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 07:39:11 GMT
server: nginx
age: 310
etag: "61498c1f-3a20"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 14880
x-xss-protection: 1; mode=block

GET
H2 200 comments_outline.9878.ltc.svg
www.heise.de/assets/heise/images/ 397 B
398 B 8ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/comments_outline.9878.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

93fbf778122ce32d81fe75212b2a6c4f6a14e61de070014b218096ccf4e545f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/comments_outline.9878.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:21 GMT
server: nginx
age: 397
etag: W/"614dd815-18d"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 268
x-xss-protection: 1; mode=block

GET
H2 200 qwant_q.svg
www.heise.de/icons/svg/icons/svg/ 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/svg/icons/svg/qwant_q.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

27ebfb38c9bcee8e9d0a07e5c7270268965af886fb485b5984ffaf28c66bce9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /icons/svg/icons/svg/qwant_q.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 13:29:34 GMT
server: nginx
age: 450
etag: W/"60c8ab3e-7bd"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 973
x-xss-protection: 1; mode=block

GET
H2 200 video_outline.5f13.ltc.svg
www.heise.de/assets/heise/images/ 426 B
375 B 10ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/video_outline.5f13.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

8b57c435a8f947fdb275a98825efaf70ac56a99a96f9777f00c85771797bd5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/video_outline.5f13.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:25 GMT
server: nginx
age: 395
etag: W/"614dd819-1aa"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 257
x-xss-protection: 1; mode=block

GET
H2 200 kameleoon.js Show response
yxsu5ufd2m.kameleoon.eu/ 307 KB
61 KB 74ms
29ms Script
application/javascript 2606:4700:20::ac43:4832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yxsu5ufd2m.kameleoon.eu/kameleoon.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16acc4a5c770692e4fcefee52c9e7d8f091eecfa60c6bb457eefb76acae94777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 13:10:08 GMT
server: cloudflare
age: 2054
etag: W/"614dce30-4cb32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtdFJuj9hPW%2F6LeCXRXEzq8%2FADabHxrhGzyyyzQx32r7c3V0Qg%2FOW2QDzkYXq3l1BEJphOulLmlhAthC9ViBzDThVX2Pd%2FJG1ehjx8XaTYYS%2FFAElA4qNWJVNLoORdhY0KP6uCjQCF0ZhMxo231cecV0L8ak"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69531c5bec5e4a79-FRA
expires: Mon, 27 Sep 2021 08:40:54 GMT

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmp.heise.de/ 152 KB
44 KB 66ms
9ms Script
application/javascript 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79ea6bea9dbe5d24763b0570ce68e4b0463f505d561315b0fb5aa4697c0e7ab9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 16:09:32 GMT
server: AmazonS3
age: 3167
etag: W/"3119535551542b69a3ba5a3c07a76a59"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Mon, 27 Sep 2021 06:52:21 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: n7aiQawD6N0JJwwS0DfAWLR9eMF5BgqViD1B1bsPcrwe8ya6fDg9Ng==

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 19 KB
8 KB 53ms
13ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js?m=1
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 001e
Resource Hash: c6e252dd4835af1650ac220e2c405536277dd48f324de339cf49d9716f4f1625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 07:45:08 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 001e
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 27 Sep 2021 09:45:08 GMT

GET
H2 200 ho.css
www.heise.de/assets/heise/ho/css/ 277 KB
42 KB 15ms
14ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

c86c937023f57eba6d9a3d8003d244227917260bec31ea7c9b7e7e6100fc14c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:23 GMT
server: nginx
age: 6736
etag: W/"614dd817-45341"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 42360
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
26 KB 48ms
22ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e6d688bc782b22a8af83a41efea822cfd4b5cc8f14d3d95b351e2f4e27d2f220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "999 / 778 of 1000 / last-modified: 1632522815"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25703
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 07:45:08 GMT

GET
H2 200 akwa.js Show response
www.heise.de/assets/akwa/v24/js/ 348 KB
93 KB 9ms
8ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

b2bb1f64d70d002efd9a71fef56144303c77f99e99aa3c5bde09cfdbc4e0e4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:11 GMT
server: nginx
age: 3219
etag: "614ccc9f-56e88"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 94302
x-xss-protection: 1; mode=block

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 183 KB
62 KB 98ms
15ms Script
application/x-javascript 104.85.5.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.5.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee9bcf40869defb2ba36f0398aafcdbe1c82715317c76a2fad2e8ae0a74f2225

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:14:17 GMT
etag: W/"2dd14-xHIYTyef9V4m9QpegRxijTiSwm4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: ff6494d9238ab28bb9b8423cfc14cda7
timing-allow-origin: *, *
content-length: 62421
expires: Mon, 27 Sep 2021 11:45:08 GMT

GET
H2 200 ho.js Show response
www.heise.de/assets/heise/ho/js/ 120 KB
38 KB 10ms
9ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/js/ho.js?.ltc.3951aac0737680412bbe

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

27b5760dcfa7a3e55149b1cceee0c9b749b9a03cc5061e1734c7bd5d8bb877f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/ho/js/ho.js?.ltc.3951aac0737680412bbe
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:23 GMT
server: nginx
age: 6739
etag: W/"614dd817-1e1aa"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 39097
x-xss-protection: 1; mode=block

GET
H2 200 Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
www.heise.de/ivw-bin/ivw/CP/news/ 43 B
232 B 17ms
16ms Image
image/gif 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/ivw-bin/ivw/CP/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /ivw-bin/ivw/CP/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2011 15:58:20 GMT
server: nginx
age: 0
etag: "4d385b9c-2b"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 27 Sep 2021 07:45:08 GMT

GET
H2 200 akwa.css
www.heise.de/assets/akwa/v24/css/ 35 KB
6 KB 16ms
15ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/css/akwa.css?.ltc.f682911876997725ea5d

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

7accf74563edaf54be93c4fa0d913e6648590f896d683f9b7693332381a92ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/css/akwa.css?.ltc.f682911876997725ea5d
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:10 GMT
server: nginx
age: 3221
etag: "614ccc9e-8da7"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 6086
x-xss-protection: 1; mode=block

GET
H2 200 hobell.css
www.heise.de/assets/heise/hobell/css/ 83 KB
15 KB 16ms
15ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/hobell/css/hobell.css?.ltc.56eabb1e54d0daa08791

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

77e192ce3398f557afc7b9dcf9ae30590ad250dccb49ecb4028ec120cda41f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/hobell/css/hobell.css?.ltc.56eabb1e54d0daa08791
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:20 GMT
server: nginx
age: 6748
etag: W/"614dd814-14d55"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 15221
x-xss-protection: 1; mode=block

GET
H2 200 common-icons.svg
www.heise.de/icons/ 16 KB
6 KB 16ms
16ms Other
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/icons/common-icons.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f19c10e93bc7fbff0bdb80d8e3b3e222ba26e5b3ea635d7f4aa40fa6d3c53041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /icons/common-icons.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 14:06:54 GMT
server: nginx
age: 454
etag: W/"610bf07e-3ee6"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5667
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ct_flat.eac7.ltc.svg
www.heise.de/assets/heise/images/ 684 B
576 B 13ms
11ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/ct_flat.eac7.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

1df4e66be0ca49bc4d82de7d06e86bceb1e64bc7d20c9706ac9ad55272b47913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/ct_flat.eac7.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:20 GMT
server: nginx
age: 400
etag: W/"614dd814-2ac"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 459
x-xss-protection: 1; mode=block

GET
H2 200 ix.bde1.ltc.svg
www.heise.de/assets/heise/images/ 586 B
527 B 14ms
12ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/ix.bde1.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

c1cf8769347c954fb5cb714ddb4c25948dde3469168851e0385135898d2a8859

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/ix.bde1.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:22 GMT
server: nginx
age: 396
etag: W/"614dd816-24a"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 409
x-xss-protection: 1; mode=block

GET
H2 200 mit_technology_review.2271.ltc.svg
www.heise.de/assets/heise/images/ 3 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/mit_technology_review.2271.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a08adf66364706967a0809e5409cbba6207dcfcfeacbf641cb1ce45c1dee15c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/mit_technology_review.2271.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:20 GMT
server: nginx
age: 396
etag: W/"614dd814-b52"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1331
x-xss-protection: 1; mode=block

GET
H2 200 foto.1ed3.ltc.svg
www.heise.de/assets/heise/images/ 3 KB
1 KB 13ms
11ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/foto.1ed3.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

75e425ff2c4c1b1e8c711b441ed964dc93e064b7692497bb73abdbd425d26ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/foto.1ed3.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:20 GMT
server: nginx
age: 400
etag: W/"614dd814-b52"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1318
x-xss-protection: 1; mode=block

GET
H2 200 mac.ef4e.ltc.svg
www.heise.de/assets/heise/images/ 2 KB
1 KB 20ms
11ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/mac.ef4e.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

3b900d1bd9278077b58c6dd6f9199268bb05ebf9771d0beca8fc0c1601ae9fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/mac.ef4e.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:23 GMT
server: nginx
age: 401
etag: "614dd817-7f9"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1128
x-xss-protection: 1; mode=block

GET
H2 200 make.5fd7.ltc.svg
www.heise.de/assets/heise/images/ 1 KB
856 B 19ms
10ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/make.5fd7.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

2a77c40fb9b1b438a2436728719cf8ad3065c924abce24865c8662a657e525de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/make.5fd7.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:22 GMT
server: nginx
age: 400
etag: W/"614dd816-4d2"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 739
x-xss-protection: 1; mode=block

GET
H2 200 magazine_v1.457e.ltc.svg
www.heise.de/assets/heise/images/ 2 KB
940 B 19ms
11ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/magazine_v1.457e.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/magazine_v1.457e.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:20 GMT
server: nginx
age: 400
etag: W/"614dd814-622"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 823
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

tx.io Show response
87700970.de.ioam.de/
Redirect Chain

https://87700970.de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ecf434a307958561517684&ep=1656929...
https://87700970.de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ecf434a307958561517684&ep=1656929...

0
717 B

15ms
15ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://87700970.de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ecf434a307958561517684&ep=1656929199&vr=434&id=kjg5ef&i3=nocookie&n1=1&dntt=0&lt=1632728708499&ev=&cs=vfvizm&mo=1&sr=71
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 003c
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 003c
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 003c
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 27 Sep 2021 07:45:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ecf434a307958561517684&ep=1656929199&vr=434&id=kjg5ef&i3=nocookie&n1=1&dntt=0&lt=1632728708499&ev=&cs=vfvizm&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 27 Sep 2020 07:45:08 GMT

GET
H/1.1

200
OK

blank.gif
ssl-heise.met.vgwort.de/
Redirect Chain

https://ssl-heise.met.vgwort.de/na/8955792cd3ce466c9cbd6007b528878b
https://ssl-heise.met.vgwort.de/blank.gif

43 B
329 B

12ms
12ms

Image
image/gif

161.156.47.59
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-heise.met.vgwort.de/blank.gif
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.156.47.59 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 3b.2f.9ca1.ip4.static.sl-reverse.com
Software: keen /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 27 Sep 2021 07:45:08 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: keen
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
Last-Modified: Mon, 27 Sep 2021 07:45:08 GMT
Server: keen
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Type: text/html
Location: /blank.gif
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H2 200 pubads_impl_2021092201.js Show response
securepubads.g.doubleclick.net/gpt/ 336 KB
118 KB 16ms
16ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062921

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120420
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 08:37:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 07:45:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 99 B
114 B 30ms
15ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heise.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5b9be9eb36c9f08fd4548ef2e3f177095707d44d2bbe5636cb7a38d81577530d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Mon, 27 Sep 2021 07:45:08 GMT

GET
H2 200 urls Show response
www.heise.de/sso/login/ 361 B
393 B 62ms
62ms Fetch
application/json 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/sso/login/urls

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

88eadeb7ca5964044e46f7c760602425287ec24791e94d72feb57d4b548d8cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /sso/login/urls
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Accept-Encoding, Cookie
content-length: 177
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 07:45:08 GMT
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=15768000
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.heise.de
cache-control: private,must-revalidate,max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 vendors~prebid.38123d.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
68 KB 9ms
9ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prebid.38123d.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/vendors~prebid.38123d.ltc.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:13 GMT
server: nginx
age: 3222
etag: W/"614ccca1-3709f"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 69468
x-xss-protection: 1; mode=block

GET
H2 200 prebid.0ef4fa.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
315 B 9ms
8ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.0ef4fa.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/prebid.0ef4fa.ltc.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:10 GMT
server: nginx
age: 3222
etag: "614ccc9e-f3"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 200
x-xss-protection: 1; mode=block

GET
H2 200 vendors~prismjs.8d3dfb.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
25 KB 9ms
9ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prismjs.8d3dfb.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/vendors~prismjs.8d3dfb.ltc.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:11 GMT
server: nginx
age: 3222
etag: W/"614ccc9f-122d1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 25503
x-xss-protection: 1; mode=block

GET
H2 200 prismjs.590b98.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
397 B 8ms
8ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prismjs.590b98.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/prismjs.590b98.ltc.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:10 GMT
server: nginx
age: 3220
etag: W/"614ccc9e-1c1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 280
x-xss-protection: 1; mode=block

GET
H2 200 native-message Show response
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ 63 KB
8 KB 20ms
20ms XHR
application/json 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%220e8c7ca7-6fbf-400c-9c88-fd85a01d4059%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: / Express
Resource Hash: e6490e12ccddd729a325509181de311fd42c464171541c7f2c58040f32ff2d62

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heise.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: 42DaNzXyf390cB91SyjaQmeEHoWYTk6gxhmiqiGz10cgCTVZCUQqcA==
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)

OPTIONS
H2 200 native-message
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ Frame 0
0 26ms
9ms Preflight
text/plain 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%220e8c7ca7-6fbf-400c-9c88-fd85a01d4059%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heise.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Mon, 27 Sep 2021 07:45:08 GMT
x-powered-by: Express
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: lIdcUPollAMUDF2G-u7e98mzG4taBIdFlBM2pSqirbNgV4FWz6CCuQ==

GET
H/1.1 204
No Content geolocation.gif Show response
eu-tlp05.kameleoon.eu/ 0
499 B 83ms
11ms XHR
text/plain 78.46.61.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp05.kameleoon.eu/geolocation.gif
Requested by: Host: yxsu5ufd2m.kameleoon.eu
URL: https://yxsu5ufd2m.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.61.107 Leipzig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser05.kameleoon.net
Software: nginx/1.17.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
Server: nginx/1.17.3
geoip_region_name: Hesse
geoip_city: Frankfurt am Main
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: geoip_country_name, geoip_city_country_name, geoip_latitude, geoip_longitude, geoip_region_name, geoip_city, geoip_postal_code
geoip_latitude: 50.10490
geoip_country_name: Germany
geoip_city_country_name: Germany
Connection: keep-alive
geoip_postal_code: 60326
geoip_longitude: 8.62950

GET
H/1.1 204
No Content ip.gif Show response
eu-tlp04.kameleoon.eu/ 0
197 B 85ms
11ms XHR
text/plain 188.40.65.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp04.kameleoon.eu/ip.gif
Requested by: Host: yxsu5ufd2m.kameleoon.eu
URL: https://yxsu5ufd2m.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.65.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser04.kameleoon.net
Software: nginx/1.17.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 27 Sep 2021 07:45:08 GMT
Server: nginx/1.17.3
Connection: keep-alive
ip: 185.232.23.183
Access-Control-Expose-Headers: ip

GET
H2 200 heise_plus_positiv.b421.ltc.svg
www.heise.de/assets/heise/images/ 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/heise_plus_positiv.b421.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

3acb560d5e955cf9f0732eb4dd36b07152b26c618610cd8eeb82bb610407db1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/heise_plus_positiv.b421.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:22 GMT
server: nginx
age: 378
etag: W/"614dd816-c48"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1226
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 288689636920174 Show response
responder.wt.heise.de/resp/api/get/ 157 KB
41 KB 183ms
29ms Script
text/javascript 185.54.150.22
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html&v=5
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.22 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3e9a97066fc27814b929c23045a57f521f1ae399f1c9d33c485b84215e5d0a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 12:10:28 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age: 0, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 vendors~prebid.38123d.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 220 KB
68 KB 9ms
9ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prebid.38123d.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

41a80efea2545d9dd60d2bafd75591ff0e6f4c23daeb461294ee730183c2f4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/vendors~prebid.38123d.ltc.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:13 GMT
server: nginx
age: 3222
etag: W/"614ccca1-3709f"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 69468
x-xss-protection: 1; mode=block

GET
H2 200 prebid.0ef4fa.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 243 B
315 B 8ms
8ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.0ef4fa.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

95e7aa0fed4e8d3a0d6eabe6b8ae9219bd938f55adcf3f4744fde5dc77ec71ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/prebid.0ef4fa.ltc.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:10 GMT
server: nginx
age: 3222
etag: "614ccc9e-f3"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 200
x-xss-protection: 1; mode=block

GET
H2 200 px.js Show response
www.heise.de/assets/akwa/v24/js/ 986 B
617 B 11ms
11ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/px.js?ch=1

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f986d89b368dc6162ade73620160f226d8c8aad8fcbc6244db33cc919eb447c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/px.js?ch=1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:11 GMT
server: nginx
age: 3230
etag: W/"614ccc9f-3da"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 500
x-xss-protection: 1; mode=block

GET
H2 200 px.js Show response
www.heise.de/assets/akwa/v24/js/ 986 B
617 B 14ms
14ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/px.js?ch=2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f986d89b368dc6162ade73620160f226d8c8aad8fcbc6244db33cc919eb447c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/px.js?ch=2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 18:51:11 GMT
server: nginx
age: 3230
etag: W/"614ccc9f-3da"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 500
x-xss-protection: 1; mode=block

GET
H2 200 IT-Sicherheit-4b40ee0f7b490d1b.jpeg
heise.cloudimg.io/width/610/q85.png-lossy-85.webp-lossy-85.foil1/_www-heise-de_/imgs/18/3/1/7/3/1/7/6/ 14 KB
15 KB 99ms
9ms Image
image/webp 2600:9000:20eb:c400:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heise.cloudimg.io/width/610/q85.png-lossy-85.webp-lossy-85.foil1/_www-heise-de_/imgs/18/3/1/7/3/1/7/6/IT-Sicherheit-4b40ee0f7b490d1b.jpeg
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Scaleflex HTTP Loadbalancer / cloudimage.io
Resource Hash: d5557eb5db3c8743c8374118b01bfbb117aa5bc16db28b5dbbb53778b24eb3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:39:52 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
age: 338716
x-transition-hexa: hh1:9d__hh2:1e__hh:eu-ov-350scal3fl3xcom_tint:4_tint1:0_tint2:1_tdwndns:0_tdwntfb:0_tdwntot:0_tdwn:0_tcre:0_trsz:0_tpop:0_tsve:0_ttst:0_tfin:4
x-powered-by: cloudimage.io
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-resource-status: cached_resized
content-length: 14390
x-resource-length: 14390
timing-allow-origin: *
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 350L2_v6x_YKpKx23899927104
etag: "3b9e9fa1be0835ba7491331033fdf2e6"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, stale-while-revalidate=86400, public
x-amz-cf-pop: FRA2-C1
x-resource-version: 20210923_093952_b17024f3e034351ade740cad36c0e5ac
x-amz-cf-id: YBIlmC0VIF4GHxfDZs5Y8u6qKhaUqyI55Z6cX4bTgUc7E9s999albA==

GET
H2 200 tag Show response
a.teads.tv/page/119504/ 2 KB
1 KB 180ms
43ms Script
application/javascript 104.85.1.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/119504/tag
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.56 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 554782ae8710e6bbb33887e50a62199a992accf36dde1dcbfd139cf48205fb21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 933
expires: Mon, 27 Sep 2021 08:45:08 GMT

GET
H/1.1 200
OK d3d3LmhlaXNlLmRl Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 90ms
15ms XHR
application/json 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlaXNlLmRl
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:08 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=15319
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: c3869a5eba2a556a2931fdeae3af966
Content-Length: 16
Expires: Mon, 27 Sep 2021 12:00:27 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 32ms
15ms Image
image/gif 104.85.5.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.808969281456859
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.5.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 27 Oct 2021 07:45:08 GMT

POST
H2 200 set_consent_cookies Show response
cmp.heise.de/mms/ 0
396 B 10ms
9ms XHR
text/plain 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/mms/set_consent_cookies?consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&consentUUID_maxAge=31536000&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&hasCsp=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: Jetty(9.4.2.v20170220) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
access-control-allow-methods: *
content-length: 0
x-amz-cf-id: BhJzyUrdt2tRVLrY6_VxMb7aP7b4PcyEoAY05XmHfSLWr4LFe8C0XQ==

GET
H2 200 mpu_ZF__002_-cabc199c819a00e3.jpg
heise.cloudimg.io/width/300/q90.png-lossy-90.webp-lossy-90.foil1/_www-heise-de_/security/imgs/07/3/1/7/2/6/4/6/ 22 KB
23 KB 70ms
15ms Image
image/webp 2600:9000:20eb:c400:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heise.cloudimg.io/width/300/q90.png-lossy-90.webp-lossy-90.foil1/_www-heise-de_/security/imgs/07/3/1/7/2/6/4/6/mpu_ZF__002_-cabc199c819a00e3.jpg
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Scaleflex HTTP Loadbalancer / cloudimage.io
Resource Hash: a30734681b191b566ee7155fb6c439023dadb008fe28e67579b4c41305d4d261

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:13:39 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
age: 419489
x-transition-hexa: hh1:74__hh2:ab__hh:eu-ov-332bscal3fl3xcom_tint:2_tint1:0_tint2:1_tdwndns:0_tdwntfb:0_tdwntot:0_tdwn:0_tcre:0_trsz:0_tpop:0_tsve:0_ttst:0_tfin:2
x-powered-by: cloudimage.io
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-resource-status: cached_resized
content-length: 22816
x-resource-length: 22816
timing-allow-origin: *
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 332bL4_v6x_VPtSf23092196575
etag: "166f37ac43912febe7862dfe13c97b63"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, stale-while-revalidate=86400, public
x-amz-cf-pop: FRA2-C1
x-resource-version: 20210922_111339_88313c425c58ec8ef97b1d68a1fa1b1a
x-amz-cf-id: mBD2bBDGgEwWXBHOqmjOa25zZLMq4bvexBwurQRzbP27zTJK1WqAwQ==

GET
H2 200 index.html Show response
cmp.heise.de/ Frame A91B 4 KB
2 KB 8ms
8ms Document
text/html 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06842a5c2e5fc0e9e7da15a2e0c586d54be80e569b4606e06b2615bee3a62d7b

Request headers

:method: GET
:authority: cmp.heise.de
:scheme: https
:path: /index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
cookie: consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af; iom_consent=0100000000&1632728708672
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/

Response headers

content-type: text/html
last-modified: Thu, 12 Aug 2021 16:59:22 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
content-encoding: gzip
date: Mon, 27 Sep 2021 06:58:33 GMT
etag: W/"ac97f5ebe2b55f923f296d2d23d4c083"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CL6ZYPqPApCqeCHDNtIGHXDfYWXP_4wLd4mE6MbDULqRreukTni07Q==
age: 2899

GET
H2 200 L76LO4XZ57 Show response
cdn.thenewsbox.net/reco/ 17 KB
4 KB 123ms
24ms Script
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thenewsbox.net/reco/L76LO4XZ57
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.20.1 / ASP.NET
Resource Hash: 13ea1ebd8ec12b0dc41712d8b3535870561dded8da35e0f25f779da60e1dc246

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: br
last-modified: Fri, 24 Sep 2021 15:37:06 GMT
server: ucdn/1.20.1
x-ureq-id: PYMqMNZBGwvaY0Cmus4f09VgmodXh+ziDmZGx1QvKvC4U922XR9AX8mCAdGXbi7PoubhXg2HEhFJ4LJBAD6wrYvcLmuOM5EdNcnC7Gop+qkNpqZGBKy0Ot4=
x-powered-by: ASP.NET
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2765
content-disposition: inline
expires: Mon, 27 Sep 2021 08:31:13 GMT

GET
H2 200 Notice.185fb.css
cmp.heise.de/ Frame A91B 32 KB
6 KB 8ms
8ms Stylesheet
text/css 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.185fb.css
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ee65681169097d090e910d0525bb09e60a2ddd405f46d976daad8f29d0a1a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:52:58 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 16:59:22 GMT
server: AmazonS3
age: 4216
etag: W/"2d1233c8e331c4bdff593199f6e12382"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/css
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: anrUyGfpPx9nQoN90lP607oTxn8T6Q1dWv1o3ns4sAc40zPmZS7kuw==

GET
H2 200 polyfills.d36c5.js Show response
cmp.heise.de/ Frame A91B 5 KB
2 KB 8ms
8ms Script
application/javascript 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/polyfills.d36c5.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:07:40 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 16:59:22 GMT
server: AmazonS3
age: 2871
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: MY11v2EAZ5uMVpyLrbP1Q8T-Z7hQqJ3M0yJpkAWiFoGM_BR1HJgjfA==

GET
H2 200 Notice.0c89d.js Show response
cmp.heise.de/ Frame A91B 205 KB
51 KB 9ms
9ms Script
application/javascript 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.0c89d.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec405ac66f91dbaf8f5436b96d4868a6bc968c1952253a032c47b92b21cf4238

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=557476&consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af&requestUUID=0e8c7ca7-6fbf-400c-9c88-fd85a01d4059&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:17:54 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 16:59:22 GMT
server: AmazonS3
age: 1634
etag: W/"584402953e8fbc75dfc8ae9b3fb99c89"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: sU-4EeUSQ0sg-bJQE1e9u5IujNv-XNqCFRiYKDeCsZaXQ5aIs2B56w==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 429ms
95ms XHR
application/json 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1632728708759&sessionId=26794c3c-6542-4654-0463-61792cc5a25a&url=www.heise.de&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 07:45:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3379b25392a6cf7c318770baee7297df
Content-Length: 4
Expires: 0

GET
H2 200 source-sans-pro-v11-latin-600.bd652d.woff2
www.heise.de/assets/heise/fonts/ Frame A91B 15 KB
16 KB 27ms
11ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-600.bd652d.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/fonts/source-sans-pro-v11-latin-600.bd652d.woff2
pragma: no-cache
origin: https://cmp.heise.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://cmp.heise.de/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://cmp.heise.de/
Origin: https://cmp.heise.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:40:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:27 GMT
server: nginx
age: 299
etag: "614dd81b-3da8"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15784
x-xss-protection: 1; mode=block

GET
H2 200 source-sans-pro-v11-latin-regular.96b158.woff2
www.heise.de/assets/heise/fonts/ Frame A91B 16 KB
16 KB 26ms
10ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-regular.96b158.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/fonts/source-sans-pro-v11-latin-regular.96b158.woff2
pragma: no-cache
origin: https://cmp.heise.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://cmp.heise.de/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://cmp.heise.de/
Origin: https://cmp.heise.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:40:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:21 GMT
server: nginx
age: 299
etag: "614dd815-3e24"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15908
x-xss-protection: 1; mode=block

GET
H2 200 upScore.js Show response
files.upscore.com/async/ 37 KB
12 KB 158ms
15ms Script
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://files.upscore.com/async/upScore.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.4b16874ca83399cdaaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.20.1 /
Resource Hash: 2467bf7a54cbe74cfb382f51b110c3ec7e25d1b7d7fe9fcabcf3e305759995f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:08 GMT
content-encoding: br
last-modified: Thu, 08 Apr 2021 13:53:47 GMT
server: ucdn/1.20.1
x-amz-request-id: RKMRF3GW49213062
x-ureq-id: PYMqMNZBGwvaY0Cmus4f09VgmodXh+ziDmZGx1QvKvC4U922XR9AX8mCAdGXbi7PoubhXg2HEhFJ4LJBAD6wronLpK+1MFEBuBKf6iI2
etag: W/"6d724420fa471337a5546d7c4054dd59"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1414
x-amz-id-2: jRrspjCc2pevF2wP7HZo0hCgXn7R1qEF7rddsZyBLSqARCpbDU137EvDmSeXcCkxrAjVYQI010g=
expires: Mon, 27 Sep 2021 08:08:42 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 597 KB
131 KB 169ms
14ms Script
text/javascript 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/119504/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b629997ea0945ffd710c295f3d869814e318a6069196d1374ed1fe1a07ce5fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: 110RECVH29N2EX6P
content-length: 133197
x-amz-id-2: NSM9FTC7ZqFwcG24Z26ueHjtQi2VqynOFRx5Ut3fhGfankQJk/19wt4Hhe7wc/BW6v0mGQYBBdE=
last-modified: Thu, 23 Sep 2021 09:50:13 GMT
etag: "9a1420e621e2a47e2541b2740d3b20be"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 5
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 27 Sep 2021 08:15:09 GMT

GET
H/1.1 200
OK onsite.min.js Show response
cdn.mateti.net/mcp/ 129 KB
44 KB 193ms
45ms Script
application/javascript 185.54.150.11
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mateti.net/mcp/onsite.min.js
Requested by: Host: responder.wt.heise.de
URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html&v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 50bbfac8f449de0fc010149da377eef8dcba2f3e5b3d8d9adfff90780f178bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 May 2021 07:40:46 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=300
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 get Show response
odb.outbrain.com/utils/ 47 KB
18 KB 271ms
230ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html&srcUrl=https%3A%2F%2Fwww.heise.de%2Frss%2Fheise-atom.xml&idx=0&rand=51454&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=272&py=5033&vpd=3833&cw=1056&settings=true&recs=true&version=2000448&sig=vb1s6pmc&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPNI4D1PNI4D1AGABCENBtCgAAAAAAAAAAYgAAAAAAAA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7d01d7e55db11192f89cead32d3495932863efb6d9a6a12d41f4ba696070cfeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.32
x-cache-hits: 0, 0
x-traceid: 1c0d5166982f9c8550edc307ec34ef0f
content-encoding: gzip
content-length: 17416
x-served-by: cache-lga21932-LGA, cache-fra19153-FRA
x-timer: S1632728709.008614,VS0,VE224
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 heise.de.js Show response
files.upscore.com/config/ 2 KB
1 KB 15ms
15ms Script
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://files.upscore.com/config/heise.de.js
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.20.1 /
Resource Hash: 2db87280510b8ff90252b5f365ad77b699e41962de17f3eedd5e65a8a38d6f42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: br
last-modified: Wed, 30 Jun 2021 13:58:09 GMT
server: ucdn/1.20.1
x-amz-request-id: S9KEPNTS1PWXZGGQ
x-ureq-id: PYMqMNZBGwvaY0Cmus4f09VgmodXh+ziDmZGx1QvKvC4U922XR9AX8mCAdGXbi7PoubhXg2HEhFJ4LJBAD6wrYvcLmuOM5EdNcnCs3B/
etag: W/"9c62167259785f1f03d22b18e749cefe"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3081
x-amz-id-2: DlVIE+uyVb7KpuLmzNRKolsbXvrl/4D5mr5vZLmUWYQ7Pfxv/0MeMFK+LtDzvNEWyFIqZ00EW1k=
expires: Mon, 27 Sep 2021 08:36:30 GMT

POST
H2 200 /
hit-pool.upscore.com/ 3 B
136 B 56ms
14ms Ping
text/plain 157.90.164.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hit-pool.upscore.com/
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.164.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.164.90.157.clients.your-server.de
Software: UpScore-Server /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: gzip
server: UpScore-Server
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 track
t.teads.tv/ 23 B
113 B 149ms
38ms Image
image/gif 104.85.5.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=17db4898-770c-4fa3-83cd-ddc1a6a6037a&pageId=119504&pid=129633&debug_metadata=k7btRZt97I&fv=872&ts=1632728709067&f=1&referer=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.56 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 159ms
48ms Image
image/gif 104.85.5.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=17db4898-770c-4fa3-83cd-ddc1a6a6037a&pageId=119504&pid=129633&slot=native&fv=872&ts=1632728709071&f=1&referer=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.56 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/119504/ 513 B
542 B 43ms
43ms XHR
application/json 104.85.1.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/119504/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html&page=%7B%22id%22%3A119504%2C%22placements%22%3A%5B%7B%22id%22%3A129633%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A610%2C%22height%22%3A343%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A121%2C%22status%22%3A12%2C%22consent%22%3A%22CPNI4D1PNI4D1AGABCENBtCgAAAAAAAAAAYgAAAAAAAA.YAAAAAAAAAAA%22%2C%22apiVersion%22%3A2%2C%22cmpId%22%3A6%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=17db4898-770c-4fa3-83cd-ddc1a6a6037a&formatVersion=872&env=js-web&netBw=10&ttfb=8
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.56 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f3b4fc6261b8f02eca19a06b1b114784d4d4fa39e5a230a38556f84340db7e79

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.heise.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 337
expires: Mon, 27 Sep 2021 07:45:09 GMT

POST
H2 202 update
rpe.dymatrix.cloud/rpe/w8qR3wsItMdpPzKrtzEfLwkfncPFLz/visitors/2163272870800406885/ 0
71 B 59ms
11ms Ping
text/plain 3.122.89.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rpe.dymatrix.cloud/rpe/w8qR3wsItMdpPzKrtzEfLwkfncPFLz/visitors/2163272870800406885/update
Requested by: Host: responder.wt.heise.de
URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html&v=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.89.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-89-210.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200 wt
prophet.heise.de/288689636920174/ 43 B
706 B 158ms
30ms Image
image/gif 185.54.150.27
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prophet.heise.de/288689636920174/wt?p=524,www.heise.de.news.autodiscover-exchange-protokoll-leakt-windows-anmeldedaten-ins-oeffentliche-netz-6199548,1,1600x1200,24,1,1632728709124,0,1600x1200,0&eid=2163272870800406885&one=1&fns=1&la=en&cg1=www.heise.de&cg2=security&cg3=news&cg4=autodiscover-exchange-protokoll-leakt-windows-anmeldedaten-ins-oeffentliche-netz-6199548&cg9=autodiscover-exchange-protokoll-leakt-windows-anmeldedaten-ins-oeffentliche-netz-6199548&cg10=beitrag&cg11=it&cg12=security&cg13=free&cg16=6199548&cp1=1%2F1&cp2=autodiscover%3Bmicrosoft%3Bmicrosoft%20exchange%3Bmicrosoft%20outlook&cp6=autodiscover%3Bmicrosoft%3Bmicrosoft%20exchange%3Bmicrosoft%20outlook&cp8=2021-09-23T11%3A35%3A00&cp10=security%3Bnewsticker&cp14=free&cp15=Fabian%20A.%20Scherschel&cp17=desktop&cp22=it&cp23=it&cp25=Autodiscover%3A%20Exchange-Protokoll%20leakt%20Windows-Anmeldedaten%20ins%20%C3%B6ffentliche%20Netz&cp26=v5&cp28=security&cp29=free&cp31=480&cp38=security%3Bnewsticker&cs1=0&np=&pu=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: a87ff679 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 07:45:08 GMT
Last-Modified: Mon, 27 Sep 2021 07:45:09 GMT
Server: a87ff679
X-Robots-Tag: noindex, nofollow, noarchive
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Keep-Alive: timeout=30
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B71A 73 KB
25 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.teads.tv
URL: https://a.teads.tv/page/119504/tag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c596c51c585a4983a16e52244b08eeee439ed8c11fb36fe0d534dd53a2d473e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "999 / 12 of 1000 / last-modified: 1632522707"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24867
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 07:45:09 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 74ms
39ms Image
image/gif 104.85.5.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=17db4898-770c-4fa3-83cd-ddc1a6a6037a&pageId=119504&pid=129633&slot=native&vid=00000000-0000-0000-0000-000000000001&fv=872&ts=1632728709140&f=1&referer=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.56 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 142ms
29ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.heise.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Date: Mon, 27 Sep 2021 07:45:09 GMT
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Access-Control-Allow-Origin: https://www.heise.de
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Content-Length: 0
Access-Control-Allow-Methods: POST
Access-Control-Max-Age: 1800

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 142ms
29ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.heise.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Date: Mon, 27 Sep 2021 07:45:09 GMT
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Access-Control-Allow-Origin: https://www.heise.de
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Content-Length: 0
Access-Control-Allow-Methods: POST
Access-Control-Max-Age: 1800

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 14 B
397 B 119ms
30ms XHR
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2021-09-27
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 2021-09-27

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 1 KB
647 B 119ms
31ms XHR
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 190f1f2b8520fba8fae4a220f99ffe1a72f259489f1988f73b62ebfe184c2f7a

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2021-09-27
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 2021-09-27

GET
H3 200 pubads_impl_2021091501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B71A 334 KB
116 KB 16ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119151
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 08:39:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 07:45:09 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 15ms
15ms Image
image/png 104.85.5.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.5.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1624546045.043304"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Wed, 27 Oct 2021 07:45:09 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 16ms
16ms Image
image/svg+xml 104.85.5.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.5.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 27 Oct 2021 07:45:09 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 369ms
93ms Fetch
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=388ed01131a0377fa7f163d465eabb44_27285_1632728709174&tm=583&eT=0&widgetWidth=1056&widgetHeight=903&widgetX=272&widgetY=5047&wRV=2000448&pVis=1&lsd=-1&eIdx=&cnsntV2=CPNI4D1PNI4D1AGABCENBtCgAAAAAAAAAAYgAAAAAAAA.YAAAAAAAAAAA&cheq=0&rtt=279&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: gzip
X-TraceId: 88dbb904efd2c7a8d2edcc1568942a34
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 4351 18 KB
6 KB 16ms
16ms Document
text/html 104.85.5.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.5.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b840bc2d7c32af2aee17606765eaef19e15d054479d251e481e51eafb1a37f81

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "4c0d9fcd1b4fc8a80d2ea64c7a7c71d1:1632318857.747213"
last-modified: Wed, 22 Sep 2021 13:54:08 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Tue, 28 Sep 2021 07:45:09 GMT
date: Mon, 27 Sep 2021 07:45:09 GMT
content-length: 6129
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1632728709~rv=71~id=be23be6bfb679ab1e12f9c7fc61871e2; path=/; Expires=Mon, 27 Sep 2021 07:45:09 GMT; Secure; SameSite=None

GET
H/1.1 200 wt
prophet.heise.de/288689636920174/ 43 B
589 B 29ms
29ms Image
image/gif 185.54.150.27
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prophet.heise.de/288689636920174/wt?p=524,www.heise.de.news.autodiscover-exchange-protokoll-leakt-windows-anmeldedaten-ins-oeffentliche-netz-6199548,1,1600x1200,24,1,1632728709136,2,1600x1200,0&eid=2163272870800406885&one=1&ct=ho.consent-wall&la=en&cp17=desktop&cs1=0&ck19=open&pu=https%3A%2F%2Fwww.heise.de%2Fnews%2FAutodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: a87ff679 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 07:45:08 GMT
Last-Modified: Mon, 27 Sep 2021 07:45:09 GMT
Server: a87ff679
X-Robots-Tag: noindex, nofollow, noarchive
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Keep-Alive: timeout=30
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 77 Show response
content.upscore.com/6265b813a21b26d3dce87f3c3faa8b7b/ 11 KB
4 KB 60ms
23ms Fetch
application/javascript 2606:4700:20::681a:5e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.upscore.com/6265b813a21b26d3dce87f3c3faa8b7b/77
Requested by: Host: cdn.thenewsbox.net
URL: https://cdn.thenewsbox.net/reco/L76LO4XZ57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f4f0a909cfb3bc1e97d680f54311cacacda7aba60767ef8167af117f12c32d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71
cf-polished: origSize=13066
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: BYA6CR1N8FVRBX6E
x-amz-id-2: 5kUw1Zn2ZpR2HQgRXQYGeP+0vauXmCo+HgV8v33Kl7ctYeCYG7T++iz+x+y2ljVdR7ESZHugMQo=
last-modified: Mon, 27 Sep 2021 07:40:04 GMT
server: cloudflare
etag: W/"2bd7caf4044f10070e5909185df090d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXcv7pV5jJgwRxllfKAAfz3zegkpQFpmD%2BMoUc%2BaZ47vEzh9nlv3wJ3pUrvP0WwLZrERbLn5%2FR1iyVTlqHCAWwoCfjRPyr9LH7nczBqSw%2FYCNtuGR2W4TiL9UhPXNJxtGfo1e2uwIAsG72WPGh8Te%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=300
cf-ray: 69531c618b8b432d-FRA
cf-bgj: minify

GET
H2 200 78 Show response
content.upscore.com/6265b813a21b26d3dce87f3c3faa8b7b/ 9 KB
4 KB 58ms
22ms Fetch
application/javascript 2606:4700:20::681a:5e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.upscore.com/6265b813a21b26d3dce87f3c3faa8b7b/78
Requested by: Host: cdn.thenewsbox.net
URL: https://cdn.thenewsbox.net/reco/L76LO4XZ57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad4a9e7a4891ed854298f0796fa995197d95716ee7e267a6d3102a3ce97685a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71
cf-polished: origSize=10177
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: BYA5FWY1CWAPQRYM
x-amz-id-2: 2qHNPxaMs1TZjj48Pyrnj81AtEWX+ch03t8PUcc0UvM7r190P33MlU3Cf6SgxVWdRwxBOB7nfqA=
last-modified: Mon, 27 Sep 2021 07:40:04 GMT
server: cloudflare
etag: W/"d939992388f7cdffeba059444be0d933"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nH5%2F7YQdYRqFMcW5fXdUApZ9EhHOzMDNgDMweuPZ8BaSprRZCoSg4R7hwXvsyM59wOIQoPIcfLfNlLUnnnnqgq5TWIYLgqKRQDZUyZ9Rx34yyZavizvPvYnUN4ewziTN%2F3Tl6EuqorPip2ZLB6V1pDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=300
cf-ray: 69531c618b8c432d-FRA
cf-bgj: minify

GET
H2 200 common-icons.svg
www.heise.de/icons/ 16 KB
6 KB 9ms
8ms Other
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/icons/common-icons.svg

Requested by

Host: cdn.thenewsbox.net
URL: https://cdn.thenewsbox.net/reco/L76LO4XZ57

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f19c10e93bc7fbff0bdb80d8e3b3e222ba26e5b3ea635d7f4aa40fa6d3c53041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /icons/common-icons.svg
pragma: no-cache
cookie: _sp_v1_uid=1:699:ac17f7fa-aac0-4ec8-90f8-b32c92ee9fd7; _sp_v1_data=2:398211:1632728708:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbKKHlqMPBDDoDZWJ0YpFcTMK83JAbJLwAqqa0clhq-EUiwA0lRsV7YCAAA%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af; iom_consent=0100000000&1632728708672; wt_nv=1; wt_nv_s=1; wt3_sid=%3B288689636920174; wt3_eid=%3B288689636920174%7C2163272870800406885%232163272870995573131; wt_rla=288689636920174%2C2%2C1632728709126; wt_mcp_sid=2678231842
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 14:06:54 GMT
server: nginx
age: 455
etag: W/"610bf07e-3ee6"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5667
x-xss-protection: 1; mode=block

GET
H2 200 heise_online.4f86.ltc.svg
www.heise.de/assets/heise/images/ 4 KB
2 KB 9ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/heise_online.4f86.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

0411c13ae31b35f9372b163d48441f4b36aa2903b4fdcad5c07b58c1b7ac3ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/heise_online.4f86.ltc.svg
pragma: no-cache
cookie: _sp_v1_uid=1:699:ac17f7fa-aac0-4ec8-90f8-b32c92ee9fd7; _sp_v1_data=2:398211:1632728708:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbKKHlqMPBDDoDZWJ0YpFcTMK83JAbJLwAqqa0clhq-EUiwA0lRsV7YCAAA%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af; iom_consent=0100000000&1632728708672; wt_nv=1; wt_nv_s=1; wt3_sid=%3B288689636920174; wt3_eid=%3B288689636920174%7C2163272870800406885%232163272870995573131; wt_rla=288689636920174%2C2%2C1632728709126; wt_mcp_sid=2678231842
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.6962ab3a2bd67f397330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 13:52:21 GMT
server: nginx
age: 347
etag: W/"614dd815-1087"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1760
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 31ms
31ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs
Protocol: HTTP/1.1
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.heise.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Date: Mon, 27 Sep 2021 07:45:09 GMT
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Access-Control-Allow-Origin: https://www.heise.de
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Content-Length: 0
Access-Control-Allow-Methods: POST
Access-Control-Max-Age: 1800

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 773 B
875 B 33ms
33ms XHR
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 26ef1a4207e6623e708c2d8184981f035e2b147ca5e8ebc0666d1c6464f2800c

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2021-09-27
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 2021-09-27

GET
H/1.1 200
OK 1db9b2a0-a092-4ae8-abe4-dbeba841e414.json Show response
cdn.mateti.net/mate/widget-config/688012155290337/ 3 KB
2 KB 122ms
31ms XHR
application/json 185.54.150.11
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mateti.net/mate/widget-config/688012155290337/1db9b2a0-a092-4ae8-abe4-dbeba841e414.json
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0a635eaccbbd2dc46b20eefd96196bddf7285f017c837e4f83a3b56a2b2f3072

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 07:45:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 13:03:24 GMT
Server: nginx
ETag: W/"61409d9c-bf2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 200 i
cr_stats.upscore.com/ 1 B
595 B 74ms
25ms Ping
text/plain 2606:4700:20::ac43:4759
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr_stats.upscore.com/i
Requested by: Host: cdn.thenewsbox.net
URL: https://cdn.thenewsbox.net/reco/L76LO4XZ57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4759 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 07:45:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Fx8aaBFg5Bg%2BmvDN3SmiB5vtYmpk6CLG1GlFpvRMW9i99WTOLbFmTGv7C6xPhCiv78ucJ7S32vpSA6%2FdnoR%2FWDVtdXE%2Fu25zHjdYHNKm6EkfhDqS0%2BczFJHOb5og%2Bg4UV5e%2BB1y%2FnWmSgFO%2F1W4L0HO"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69531c62abc7693a-FRA
expires: 0

GET
H2 200 ct-nf_Teaser-dmp_672x1008px.png
am.heise.de/abo/01_ct/2021/ 327 KB
328 KB 77ms
10ms Image
image/png 2600:9000:20eb:8e00:1c:1ac7:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am.heise.de/abo/01_ct/2021/ct-nf_Teaser-dmp_672x1008px.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8e00:1c:1ac7:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87228952234688bbd0ad75f2ce1b670ffe23de3e106b0f8eb1e269e0d6d3fddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: mgnbmLB0tFnI83WHGNoY6JQ9ZfxQp3K.
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 12:57:06 GMT
server: AmazonS3
age: 29649
etag: "dfbfad67d99b3f80a0fe430306a43b71"
x-edge-origin-shield-skipped: 0
content-type: image/png
date: Mon, 27 Sep 2021 05:41:00 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 334833
x-amz-cf-id: E1CJaatOVTrO8P87iEx00AbAYN6GAO1WZ6ZuPxvgTrdpDgDw-t_LYg==

GET
H2 200 kameleoon-iframe.html Show response
www.heise.de/ Frame 7264 12 KB
3 KB 9ms
9ms Document
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/kameleoon-iframe.html

Requested by

Host: yxsu5ufd2m.kameleoon.eu
URL: https://yxsu5ufd2m.kameleoon.eu/kameleoon.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fba2cec41db150d408e24501da1dcacbbcaf4b8b1220e42b63a1fcc7b3b323ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.heise.de
:scheme: https
:path: /kameleoon-iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html
accept-encoding: gzip, deflate, br
cookie: _sp_v1_uid=1:699:ac17f7fa-aac0-4ec8-90f8-b32c92ee9fd7; _sp_v1_data=2:398211:1632728708:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbKKHlqMPBDDoDZWJ0YpFcTMK83JAbJLwAqqa0clhq-EUiwA0lRsV7YCAAA%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=5b91bf88-d258-4bdd-bef9-326c35f2c1af; iom_consent=0100000000&1632728708672; wt_nv=1; wt_nv_s=1; wt3_sid=%3B288689636920174; wt3_eid=%3B288689636920174%7C2163272870800406885%232163272870995573131; wt_rla=288689636920174%2C2%2C1632728709126; wt_mcp_sid=2678231842
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html

Response headers

server: nginx
date: Mon, 27 Sep 2021 07:45:00 GMT
content-type: text/html
last-modified: Mon, 27 Sep 2021 07:45:00 GMT
content-encoding: gzip
age: 13
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: X-Export-Format, X-Export-Agent, Accept-Encoding
cache-control: no-store
accept-ranges: bytes
content-length: 2725

POST
H2 200 /
hit-pool.upscore.com/ 3 B
136 B 12ms
11ms Ping
text/plain 157.90.164.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hit-pool.upscore.com/
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.164.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.164.90.157.clients.your-server.de
Software: UpScore-Server /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://www.heise.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 27 Sep 2021 07:45:19 GMT
content-encoding: gzip
server: UpScore-Server
vary: Accept-Encoding
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ioam.de/	1970-01-20 06:12:33	Name: i00 Value: 003c8c5e043ce0eec615176840001%3B61517684%3B632deb33
ssl-heise.met.vgwort.de/	1969-12-31 23:59:59	Name: srp Value: 041561517684488e0003
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_uid Value: 1:699:ac17f7fa-aac0-4ec8-90f8-b32c92ee9fd7
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_data Value: 2:398211:1632728708:0:1:0:1:0:0:_:-1
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKHlqMPBDDoDZWJ0YpFcTMK83JAbJLwAqqa0clhq-EUiwA0lRsV7YCAAA%3D
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_opt Value: 1:
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_csv Value: null
www.heise.de/	1970-01-19 22:15:20	Name: _sp_v1_lt Value: 1:
.heise.de/	1970-01-20 06:17:44	Name: consentUUID Value: 5b91bf88-d258-4bdd-bef9-326c35f2c1af
.heise.de/	1970-01-19 22:12:27	Name: iom_consent Value: 0100000000&1632728708672
responder.wt.heise.de/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !RseXxfy+Q5ITLPrpusD3MPLkFu5GVMPynof7ZIUmRZU3l6lQpig44MhZgwOLOIHSfAAlAwH9k9NOc3w=
.heise.de/	1970-01-20 01:51:20	Name: wt_nv Value: 1
.heise.de/	1969-12-31 23:59:59	Name: wt_nv_s Value: 1
.heise.de/	1969-12-31 23:59:59	Name: wt3_sid Value: %3B288689636920174
.heise.de/	1970-01-20 01:51:20	Name: wt3_eid Value: %3B288689636920174%7C2163272870800406885%232163272870995573131
.heise.de/	1969-12-31 23:59:59	Name: wt_rla Value: 288689636920174%2C2%2C1632728709126
.heise.de/	1970-01-19 21:32:10	Name: wt_mcp_sid Value: 2678231842
prophet.heise.de/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !J9A/4eq5QUvnvf/pusD3MPLkFu5GVFE7ij9a3tokLbZ4WbfSaoBzp2CgeO+lJVLgnDaXBWg3czIcKQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.heise.de/news/Autodiscover-Exchange-Protokoll-leakt-Windows-Anmeldedaten-ins-oeffentliche-Netz-6199548.html Message: The resource https://www.heise.de/assets/heise/images/video_outline.5f13.ltc.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

87700970.de.ioam.de
a.teads.tv
am.heise.de
cdn.mateti.net
cdn.thenewsbox.net
cmp.heise.de
content.upscore.com
cr_stats.upscore.com
eu-tlp04.kameleoon.eu
eu-tlp05.kameleoon.eu
files.upscore.com
heise.cloudimg.io
hit-pool.upscore.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
prophet.heise.de
r.mateti.net
responder.wt.heise.de
rpe.dymatrix.cloud
s8t.teads.tv
script.ioam.de
securepubads.g.doubleclick.net
ssl-heise.met.vgwort.de
t.teads.tv
tcheck.outbrainimg.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.googletagservices.com
www.heise.de
yxsu5ufd2m.kameleoon.eu
104.85.1.56
104.85.5.185
104.85.5.56
104.85.5.87
13.225.78.36
142.250.184.194
151.101.14.132
157.90.164.138
161.156.47.59
185.54.150.11
185.54.150.12
185.54.150.22
185.54.150.27
188.40.65.103
2600:9000:20eb:8e00:1c:1ac7:3e40:93a1
2600:9000:20eb:c400:b:f730:9800:93a1
2606:4700:20::681a:5e3
2606:4700:20::ac43:4759
2606:4700:20::ac43:4832
2a00:1450:4001:810::2002
2a02:26f0:6c00:19c::26e5
2a02:2e0:3fe:1001:7777:772e:2:85
3.122.89.210
64.202.112.95
67.216.91.19
78.46.61.107
91.215.100.40
91.215.103.64
0411c13ae31b35f9372b163d48441f4b36aa2903b4fdcad5c07b58c1b7ac3ede
06842a5c2e5fc0e9e7da15a2e0c586d54be80e569b4606e06b2615bee3a62d7b
0a635eaccbbd2dc46b20eefd96196bddf7285f017c837e4f83a3b56a2b2f3072
0b0eefe38b12c0854fb94a46bc6f5ee33d961cb51e9e33e2ca99263b543af81f
13ea1ebd8ec12b0dc41712d8b3535870561dded8da35e0f25f779da60e1dc246
16acc4a5c770692e4fcefee52c9e7d8f091eecfa60c6bb457eefb76acae94777
190f1f2b8520fba8fae4a220f99ffe1a72f259489f1988f73b62ebfe184c2f7a
1df4e66be0ca49bc4d82de7d06e86bceb1e64bc7d20c9706ac9ad55272b47913
235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1
2467bf7a54cbe74cfb382f51b110c3ec7e25d1b7d7fe9fcabcf3e305759995f5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ef1a4207e6623e708c2d8184981f035e2b147ca5e8ebc0666d1c6464f2800c
27b5760dcfa7a3e55149b1cceee0c9b749b9a03cc5061e1734c7bd5d8bb877f0
27ebfb38c9bcee8e9d0a07e5c7270268965af886fb485b5984ffaf28c66bce9f
29f4f0a909cfb3bc1e97d680f54311cacacda7aba60767ef8167af117f12c32d
2a77c40fb9b1b438a2436728719cf8ad3065c924abce24865c8662a657e525de
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2db87280510b8ff90252b5f365ad77b699e41962de17f3eedd5e65a8a38d6f42
2ee65681169097d090e910d0525bb09e60a2ddd405f46d976daad8f29d0a1a67
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3acb560d5e955cf9f0732eb4dd36b07152b26c618610cd8eeb82bb610407db1a
3b900d1bd9278077b58c6dd6f9199268bb05ebf9771d0beca8fc0c1601ae9fbc
3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592
3e9a97066fc27814b929c23045a57f521f1ae399f1c9d33c485b84215e5d0a1e
41a80efea2545d9dd60d2bafd75591ff0e6f4c23daeb461294ee730183c2f4d4
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
50bbfac8f449de0fc010149da377eef8dcba2f3e5b3d8d9adfff90780f178bb9
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
554782ae8710e6bbb33887e50a62199a992accf36dde1dcbfd139cf48205fb21
5b9be9eb36c9f08fd4548ef2e3f177095707d44d2bbe5636cb7a38d81577530d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75e425ff2c4c1b1e8c711b441ed964dc93e064b7692497bb73abdbd425d26ecf
77e192ce3398f557afc7b9dcf9ae30590ad250dccb49ecb4028ec120cda41f68
79ea6bea9dbe5d24763b0570ce68e4b0463f505d561315b0fb5aa4697c0e7ab9
7accf74563edaf54be93c4fa0d913e6648590f896d683f9b7693332381a92ca1
7d01d7e55db11192f89cead32d3495932863efb6d9a6a12d41f4ba696070cfeb
87228952234688bbd0ad75f2ce1b670ffe23de3e106b0f8eb1e269e0d6d3fddc
88eadeb7ca5964044e46f7c760602425287ec24791e94d72feb57d4b548d8cb1
8b57c435a8f947fdb275a98825efaf70ac56a99a96f9777f00c85771797bd5c3
8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93fbf778122ce32d81fe75212b2a6c4f6a14e61de070014b218096ccf4e545f1
95e7aa0fed4e8d3a0d6eabe6b8ae9219bd938f55adcf3f4744fde5dc77ec71ce
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
a08adf66364706967a0809e5409cbba6207dcfcfeacbf641cb1ce45c1dee15c8
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a30734681b191b566ee7155fb6c439023dadb008fe28e67579b4c41305d4d261
a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d
ad4a9e7a4891ed854298f0796fa995197d95716ee7e267a6d3102a3ce97685a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bb1f64d70d002efd9a71fef56144303c77f99e99aa3c5bde09cfdbc4e0e4d3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b629997ea0945ffd710c295f3d869814e318a6069196d1374ed1fe1a07ce5fba
b840bc2d7c32af2aee17606765eaef19e15d054479d251e481e51eafb1a37f81
c1cf8769347c954fb5cb714ddb4c25948dde3469168851e0385135898d2a8859
c596c51c585a4983a16e52244b08eeee439ed8c11fb36fe0d534dd53a2d473e9
c6e252dd4835af1650ac220e2c405536277dd48f324de339cf49d9716f4f1625
c86c937023f57eba6d9a3d8003d244227917260bec31ea7c9b7e7e6100fc14c3
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5557eb5db3c8743c8374118b01bfbb117aa5bc16db28b5dbbb53778b24eb3fe
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6490e12ccddd729a325509181de311fd42c464171541c7f2c58040f32ff2d62
e6d688bc782b22a8af83a41efea822cfd4b5cc8f14d3d95b351e2f4e27d2f220
ec405ac66f91dbaf8f5436b96d4868a6bc968c1952253a032c47b92b21cf4238
ee9bcf40869defb2ba36f0398aafcdbe1c82715317c76a2fad2e8ae0a74f2225
f19c10e93bc7fbff0bdb80d8e3b3e222ba26e5b3ea635d7f4aa40fa6d3c53041
f3b4fc6261b8f02eca19a06b1b114784d4d4fa39e5a230a38556f84340db7e79
f986d89b368dc6162ade73620160f226d8c8aad8fcbc6244db33cc919eb447c8
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b
fba2cec41db150d408e24501da1dcacbbcaf4b8b1220e42b63a1fcc7b3b323ab

www.heise.de Open in urlscan Pro 2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

100 %HTTPS

29 %IPv6

14 Domains

31 Subdomains

29 IPs

3 Countries

1676 kBTransfer

4581 kBSize

19 Cookies

41 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

100 %
HTTPS

29 %
IPv6

14
Domains

31
Subdomains

29
IPs

3
Countries

1676 kB
Transfer

4581 kB
Size

19
Cookies

93 HTTP transactions
1 data transactions