www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Submission: On March 12 via api (March 12th 2021, 8:01:14 am UTC) from CH

Summary HTTP 58 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 58 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:2:85, located in Germany and belongs to PLUSLINE, DE. The main domain is www.heise.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2020. Valid for: 2 years.

This is the only time www.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a02:2e0:3fe:... 2a02:2e0:3fe:1001:7777:772e:2:85	12306 (PLUSLINE) (PLUSLINE)
8	143.204.209.111 143.204.209.111	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
7	84.53.189.141 84.53.189.141	34164 (AKAMAI-LON) (AKAMAI-LON)
1	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:c200:b:f730:9800:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	161.156.66.178 161.156.66.178	36351 (SOFTLAYER) (SOFTLAYER)
10	23.44.61.248 23.44.61.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	65.9.58.13 65.9.58.13	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:ec00:13:7ad6:7840:21	16509 (AMAZON-02) (AMAZON-02)
58	15

21 2a02:2e0:3fe:1001:7777:772e:2:85 (Germany)

ASN12306 (PLUSLINE, DE)

www.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.209.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-111.fra53.r.cloudfront.net

cmp.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 84.53.189.141 (Netherlands)

ASN34164 (AKAMAI-LON, NL)
PTR: a84-53-189-141.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

yxsu5ufd2m.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:c200:b:f730:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)

heise.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.156.66.178 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b2.42.9ca1.ip4.static.sl-reverse.com

ssl-heise.met.vgwort.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.44.61.248 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-61-248.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.13 (United States)

ASN16509 (AMAZON-02, US)

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:ec00:13:7ad6:7840:21 (United States)

ASN16509 (AMAZON-02, US)

d2p3zdq8vjvnxd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	heise.de www.heise.de cmp.heise.de	544 KB
11	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	236 KB
9	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com	91 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	10 KB
2	vgwort.de 1 redirects ssl-heise.met.vgwort.de	777 B
2	doubleclick.net securepubads.g.doubleclick.net	120 KB
1	cloudfront.net d2p3zdq8vjvnxd.cloudfront.net	365 B
1	privacy-mgmt.com cdn.privacy-mgmt.com	1 KB
1	cloudimg.io heise.cloudimg.io	92 KB
1	kameleoon.eu yxsu5ufd2m.kameleoon.eu	55 KB
58	10

	Domain	Requested by
21	www.heise.de	www.heise.de cmp.heise.de
9	images.outbrainimg.com
8	cmp.heise.de	www.heise.de cmp.heise.de
6	widgets.outbrain.com	www.heise.de widgets.outbrain.com
2	ssl-heise.met.vgwort.de	1 redirects www.heise.de
2	de.ioam.de	1 redirects www.heise.de
2	securepubads.g.doubleclick.net	www.heise.de securepubads.g.doubleclick.net
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	d2p3zdq8vjvnxd.cloudfront.net
1	cdn.privacy-mgmt.com	cmp.heise.de
1	odb.outbrain.com	widgets.outbrain.com
1	log.outbrainimg.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.heise.de
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	heise.cloudimg.io	www.heise.de
1	yxsu5ufd2m.kameleoon.eu	www.heise.de
1	script.ioam.de	www.heise.de
58	17

This site contains links to these domains. Also see Links.

Domain
www.techstage.de
bildung.heise.de
business-services.heise.de
tarifrechner.heise.de
spiele.heise.de
shop.heise.de
abo.heise.de
heise-gruppe.de
www.heise-gruppe.de
getpocket.com
app-eu.readspeaker.com
msrc.microsoft.com
proxylogon.com
krebsonsecurity.com
www.trendmicro.com
pubads.g.doubleclick.net
www.facebook.com
twitter.com
heise.de
www.outbrain.com
the.goodwaytrk.com
editorsnation.com
www.interred.de
www.heise-medien.de

Subject Issuer	Validity	Valid
www.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
cmp.heise.de R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.cloudimg.io GeoTrust RSA CA 2018	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.met.vgwort.de Thawte RSA CA 2018	`2020-03-13` - `2022-04-01`	2 years	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.privacy-mgmt.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Frame ID: B7050B05537FACEE6B02A0648D584FBB
Requests: 46 HTTP requests in this frame

Frame: https://yxsu5ufd2m.kameleoon.eu/
Frame ID: 1D50D3E57D6A8D01D947E5415902C474
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 731DAFFD01815D2C16AD0058A75E0F29
Requests: 2 HTTP requests in this frame

Frame: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
Frame ID: 15E0C614888D106EB1B149592BFA49FB
Requests: 8 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 6D264134FE6F9B067361D8A6BFDE2045
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

58
Requests

100 %
HTTPS

29 %
IPv6

10
Domains

17
Subdomains

15
IPs

3
Countries

1148 kB
Transfer

3475 kB
Size

9
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techstage.de/
Title: TechStage

Search URL Search Domain Scan URL

URL: https://bildung.heise.de/
Title: Weiterbildung

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/
Title: Whitepaper/Webcasts

Search URL Search Domain Scan URL

URL: https://tarifrechner.heise.de/dsl/
Title: DSL-Vergleich

Search URL Search Domain Scan URL

URL: https://spiele.heise.de/
Title: Spielen bei Heise

Search URL Search Domain Scan URL

URL: https://shop.heise.de/
Title: heise shop

Search URL Search Domain Scan URL

URL: https://abo.heise.de/
Title: Abo

Search URL Search Domain Scan URL

URL: https://heise-gruppe.de/-1812545
Title: Arbeiten bei Heise

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/presse/
Title: Presse

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/specials/online-marketing/home/?source=topthemen
Title: Online-Marketing

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Title: In Pocket speichern

Search URL Search Domain Scan URL

URL: https://app-eu.readspeaker.com/cgi-bin/rsent?customerid=4407&lang=de_de&readid=meldung&url=https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html%3Fseite%3Dall
Title: vorlesen

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
Title: ProxyLogon bezeichnete Schwachstelle CVE-2021-26855

Search URL Search Domain Scan URL

URL: https://proxylogon.com/
Title: auf der Proxylogon-Seite dokumentiert

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/
Title: seiner Timeline des Exchange-Massenhacks

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/21/a/targeted-attack-using-chopper-aspx-web-shell-exposed-via-managed.html
Title: Trend Micro in einem Blog-Beitrag

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5609372146&iu=/6514/www.heise.de/clicktracking/textlink
Title: Conrad YSP: Aufwand reduzieren, Kosten sparen

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5520006468&iu=/6514/www.heise.de/clicktracking/textlink
Title: KI und Digitalisierung: Herausforderung und Chancen

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5588169832&iu=/6514/www.heise.de/clicktracking/textlink
Title: Automatisierte SIEM-Lösung für den Mittelstand

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5338858035&iu=/6514/www.heise.de/clicktracking/textlink
Title: BWI: Die wichtigsten (IT-)Trends 2021

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5590347989&iu=/6514/www.heise.de/clicktracking/textlink
Title: Sicher im Homeoffice: Cloud-Daten verschlüsseln!

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5588912847&iu=/6514/www.heise.de/clicktracking/textlink
Title: Expertendebatte zu Big Data und Machine Learning

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5607223609&iu=/6514/www.heise.de/clicktracking/textlink
Title: Sie sind IT-Experte? Finden Sie Ihren Traumjob auf heise jobs!

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5598369803&iu=/6514/www.heise.de/clicktracking/textlink
Title: Zukunftssichere IT für KMU

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5550104629&iu=/6514/www.heise.de/clicktracking/textlink
Title: SMART Freelancing für Ihren Projekterfolg

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5585600145&iu=/6514/www.heise.de/clicktracking/textlink
Title: Singapur - die smarteste Stadt der Welt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html&text=Der+Hafnium+Exchange-Server-Hack%3A+Anatomie+einer+Katastrophe+%7C+Security
Title:

Search URL Search Domain Scan URL

URL: https://heise.de/-5077269
Title: https://heise.de/-5077269

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/de
Title: empfohlen von

Search URL Search Domain Scan URL

URL: https://the.goodwaytrk.com/af063f35-6789-4097-ad9d-104eb2e1c514?campid=000991c9359d80463172d4d34185ab8dd4&creaid=002c27a67e7a3d34e34a1c0c3169ba5ca5&atitle=Erkennen+Sie+alles+aus+kilometerweiter+Entfernung&sectionid=$section_id$&pubidx=$publisher_id$&sectionname=$section_name$&outclickid=$ob_click_id$&obOrigUrl=true
Title: Anzeige Erkennen Sie alles aus kilometerweiter Entfernung Starscope

Search URL Search Domain Scan URL

URL: https://editorsnation.com/trending/unzertrennlich-diese-promi-paare-sind-glucklich-zusammen-outbrain?utm_source=outbrain&utm_campaign=001378307bf43cd374089ad6693bc73b0e&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Halt+dich+fest+bevor+du+Stefan+Raab+Frau+jetzt+siehst&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: Anzeige [Fotos] Halt dich fest bevor du Stefan Raab Frau jetzt siehst Editor's Nation

Search URL Search Domain Scan URL

URL: https://heise.de/mediadaten/security
Title: Mediadaten

Search URL Search Domain Scan URL

URL: http://www.interred.de/
Title: Content Management by InterRed

Search URL Search Domain Scan URL

URL: https://www.heise-medien.de/
Title: Copyright © 2021 Heise Medien

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DK%2FHovedstaden&cb=0016&i2=0016853277e2be6dc604b1fb9&ep=1637450828&vr=423&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1615536057407&ev=&cs=v8oiju&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DK%2FHovedstaden&cb=0016&i2=0016853277e2be6dc604b1fb9&ep=1637450828&vr=423&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1615536057407&ev=&cs=v8oiju&mo=1&sr=71

Request Chain 19

https://ssl-heise.met.vgwort.de/na/f434dbf475754608ac10945af3b406d2 HTTP 302
https://ssl-heise.met.vgwort.de/blank.gif

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html Show response
www.heise.de/news/ 195 KB
40 KB 24ms
9ms Document
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

209af4141c32010ad002dae6e3c9c648ae8490b2b1e41701917dda3f927b3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.heise.de
:scheme: https
:path: /news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 12 Mar 2021 07:59:18 GMT
content-type: text/html; charset=UTF-8
last-modified: Fri, 12 Mar 2021 07:59:18 GMT
content-encoding: gzip
age: 99
strict-transport-security: max-age=15768000
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: X-Export-Format, X-Export-Agent, Accept-Encoding
cache-control: no-store
accept-ranges: bytes
content-length: 40573

GET
H2 200 source-sans-pro-v11-latin-regular.96b158.woff2
www.heise.de/assets/heise/fonts/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-regular.96b158.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.heise.de
Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:02:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:38:57 GMT
server: nginx
age: 3491
etag: "604a1d71-3e24"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15908
x-xss-protection: 1; mode=block

GET
H2 200 source-sans-pro-v11-latin-600.bd652d.woff2
www.heise.de/assets/heise/fonts/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-600.bd652d.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.heise.de
Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:02:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:02 GMT
server: nginx
age: 3490
etag: "604a1d76-3da8"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15784
x-xss-protection: 1; mode=block

GET
H2 200 source-sans-pro-v11-latin-italic.6b1f4e.woff2
www.heise.de/assets/heise/fonts/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-italic.6b1f4e.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.heise.de
Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:03:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:02 GMT
server: nginx
age: 3461
etag: "604a1d76-3a20"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 14880
x-xss-protection: 1; mode=block

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmp.heise.de/ 149 KB
43 KB 129ms
49ms Script
application/javascript 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a59069d842fc70e07dddaa0184c9f62ac950f5fb66b4dd0e9f516b20756d97c7

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:50:04 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 21:27:26 GMT
server: AmazonS3
age: 654
etag: W/"a4f076c6663c59bdd617e07c8c108846"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 7BP8XsOXlaQSdlZTMIxsHziuGqNAGW9M_30_nbrXwtzhyto5GDfMDA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 153ms
53ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

9ce73521d45b4fb6a1fb8056ef41454bc69cf712d102a390d0c09dc6044079ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "809 / 398 of 1000 / last-modified: 1615508739"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19717
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:00:57 GMT

GET
H2 200 akwa.js Show response
www.heise.de/assets/akwa/v24/js/ 320 KB
87 KB 8ms
6ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

7d89103e5a72062a6bdca0819fcd7500288dcdccd6dbe59c532cd13937f37ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 11:19:11 GMT
server: nginx
age: 2501
etag: W/"6049fcaf-5015c"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 88367
x-xss-protection: 1; mode=block

GET
H2 200 ho.css
www.heise.de/assets/heise/ho/css/ 282 KB
43 KB 11ms
11ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

4d5d383213197502219f9b13b1e94e0434745a461939f51ba2f3827ad8183d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:01 GMT
server: nginx
age: 1306
etag: W/"604a1d75-46840"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 43261
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 19 KB
8 KB 89ms
30ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js?m=1
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 0016
Resource Hash: d05887bd91958fde7e5278eba4219f9dfc9c7cafc911dbfe1b57bdb30e4ebd14

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:00:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 08:00:57 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 0016
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Fri, 12 Mar 2021 10:00:57 GMT

GET
H2 200 Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
www.heise.de/news/ 0
39 KB 15ms
14ms Other
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html?seite=2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 08:00:28 GMT
server: nginx
age: 29
x-frame-options: DENY
content-type: text/html; charset=UTF-8
cache-control: no-store
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: X-Export-Format, X-Export-Agent, Accept-Encoding
content-length: 39476
x-xss-protection: 1; mode=block

GET
H2 200 akwa.css
www.heise.de/assets/akwa/v24/css/ 33 KB
6 KB 14ms
13ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/css/akwa.css?3a960c292aaef4e1eebe

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

293e1c6d57a975027b104bdb7a369bd34807f9ca418db547e913099dce08b879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 11:19:04 GMT
server: nginx
age: 2501
etag: W/"6049fca8-84ef"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 5701
x-xss-protection: 1; mode=block

GET
H2 200 hobell.css
www.heise.de/assets/heise/hobell/css/ 83 KB
15 KB 15ms
14ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/hobell/css/hobell.css?c5073bf605188a10dd2e

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

6ac6a720f0e0dbae455724576f84f663d71092e298b9a561b9ed0de9821d1954

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:09 GMT
server: nginx
age: 1306
etag: "604a1d7d-14db3"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 15231
x-xss-protection: 1; mode=block

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 168 KB
56 KB 135ms
44ms Script
application/x-javascript 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9747d3717b7b7522f9f1ee36511461332e50436d1d8d8ec5571b80f6eb0dc6e5

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
content-encoding: gzip
edge-cache-tag: widget-cheetah
cookie: CheetahStaging=true
x-traceid: a3d1bbcea1b0f9a689eb6792512f8917
content-length: 56988
last-modified: Wed, 10 Mar 2021 11:25:47 GMT
etag: W/"29e7b-rTG2fc8yTg0svStnxQ76BFmEKkM"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
timing-allow-origin: *, *
expires: Fri, 12 Mar 2021 12:00:57 GMT

GET
H2 200 ho.js Show response
www.heise.de/assets/heise/ho/js/ 120 KB
38 KB 8ms
6ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/js/ho.js?a30fb89114a2e7de44f3

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

9f67de84df2be3e3f5d5125e9845fd6e78d863a514c8b76608fd47d9c328fe67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:07 GMT
server: nginx
age: 1308
etag: "604a1d7b-1e031"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 38895
x-xss-protection: 1; mode=block

GET
H2 200 Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
www.heise.de/ivw-bin/ivw/CP/news/ 43 B
231 B 33ms
32ms Image
image/gif 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/ivw-bin/ivw/CP/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2011 15:58:20 GMT
server: nginx
age: 0
etag: "4d385b9c-2b"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 12 Mar 2021 08:00:57 GMT

GET
H2 200 / Show response
yxsu5ufd2m.kameleoon.eu/ Frame 1D50 375 KB
55 KB 36ms
14ms Document
text/html 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yxsu5ufd2m.kameleoon.eu/
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81640fe2def729fa7f1f1d5339af6d352eec0f0aa55e1cb78ed99c34d9036233

Request headers

:method: GET
:authority: yxsu5ufd2m.kameleoon.eu
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d7a111717535bcd1d8a6c3ac2cd5f567c1615536057; expires=Sun, 11-Apr-21 08:00:57 GMT; path=/; domain=.kameleoon.eu; HttpOnly; SameSite=Lax
last-modified: Mon, 08 Mar 2021 13:39:21 GMT
expires: Fri, 12 Mar 2021 08:55:46 GMT
cache-control: max-age=7200
cf-cache-status: HIT
age: 2111
cf-request-id: 08c70d03fc00002bc246aa2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yUQIsVP4fh3yAFKICxc1a5EyWKMEadO7%2Bkry9dBuFg8OQKNRDlbtCsqAytd%2Bx29rhM65q6jGufB%2FbnayGXxcJR53bxRSpcVkoGebhNDzriIgugOB4mqZm%2BaCZNpN2CFjjfBjUg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 62eb7de66dbd2bc2-FRA
content-encoding: br

GET
H2 200 arrow-right.3c3410.svg
www.heise.de/assets/heise/images/ 122 B
259 B 12ms
11ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/arrow-right.3c3410.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a6f36a99532c014c23e09238678ae3ce1ce5cf83e11a28fd649123f7d26331bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:00 GMT
server: nginx
age: 3236
etag: W/"604a1d74-7a"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 131
x-xss-protection: 1; mode=block

GET
H2 200 shutterstock_1865483029-04e8f280e660a6a7.jpeg
heise.cloudimg.io/width/1392/q70.png-lossy-70.webp-lossy-70.foil1/_www-heise-de_/imgs/18/3/0/7/0/0/0/3/ 91 KB
92 KB 49ms
26ms Image
image/webp 2600:9000:2127:c200:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heise.cloudimg.io/width/1392/q70.png-lossy-70.webp-lossy-70.foil1/_www-heise-de_/imgs/18/3/0/7/0/0/0/3/shutterstock_1865483029-04e8f280e660a6a7.jpeg
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c200:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Scaleflex HTTP Loadbalancer / cloudimage.io
Resource Hash: 6418979c9feb1322a5accdb13f8af394992a8dfb72b88738f86cbd744dcbb447

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-elastic-tries: 1
date: Thu, 11 Mar 2021 00:07:49 GMT
via: 1.1 4614c36172b2854b1e1e94af37435c8f.cloudfront.net (CloudFront)
x-elastic-th: 0.664
age: 114788
x-powered-by: cloudimage.io
x-cache: Hit from cloudfront
x-hexa-fulltime: 659
x-lb-th: 0.687
x-transition-hexa: hh1:b2__hh2:c4__os:good__hh:eu-ov-332bscal3fl3xcom_tint:2_tint1:0_tint2:1_tdwndns:0_tdwntfb:0_tdwntot:0_tdwn:9_tcre:215_trsz:284_tpop:517_tsve:142_ttst:0_tfin:658
content-length: 92782
x-resource-length: 15996782
x-elastic-ft: 0.7
x-hexa-downloadtime: 0
x-elastic-hexa: 332b
x-elastic-hash: 697d9b77e639ff4811c2d76774b8cf17
x-lb-conn: 0.009
server: Scaleflex HTTP Loadbalancer
x-elastic-id: 5001_002
etag: "0da9870583219b32b59df0dcab6e2a3f"
x-resource-version: 20210311_000749_6913c33497300ee9244d29c0fe6369de
x-resource-status: cached_original
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, stale-while-revalidate=86400, public
x-lb-response: 1615421269.114
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: tJht8T6eNzzakZD4sS5ysPJWk428DChINoqjORLK1dA4-HgCt9vELg==
x-lb-id: eu002

GET
H2 200 comments_outline.50716e.svg
www.heise.de/assets/heise/images/ 338 B
358 B 7ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/comments_outline.50716e.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

35f00f632bbd7be49e0e3769bedddfd846f3e0c3737ea355f62b8ce5dfa02d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:38:59 GMT
server: nginx
age: 3490
etag: W/"604a1d73-152"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 241
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DK%2FHovedstaden&cb=0016&i2=0016853277e2be6dc604b1fb9&ep=1637450828&...
https://de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DK%2FHovedstaden&cb=0016&i2=0016853277e2be6dc604b1fb9&ep=1637450828&...

0
717 B

30ms
30ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DK%2FHovedstaden&cb=0016&i2=0016853277e2be6dc604b1fb9&ep=1637450828&vr=423&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1615536057407&ev=&cs=v8oiju&mo=1&sr=71
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0028
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:00:57 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0028
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Fri, 12 Mar 2021 08:00:57 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0028
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Fri, 12 Mar 2021 08:00:57 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=heise&cp=security&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=DK%2FHovedstaden&cb=0016&i2=0016853277e2be6dc604b1fb9&ep=1637450828&vr=423&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1615536057407&ev=&cs=v8oiju&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Thu, 12 Mar 2020 08:00:57 GMT

GET
H/1.1

200
OK

blank.gif
ssl-heise.met.vgwort.de/
Redirect Chain

https://ssl-heise.met.vgwort.de/na/f434dbf475754608ac10945af3b406d2
https://ssl-heise.met.vgwort.de/blank.gif

43 B
332 B

32ms
31ms

Image
image/gif

161.156.66.178
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-heise.met.vgwort.de/blank.gif
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.156.66.178 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: b2.42.9ca1.ip4.static.sl-reverse.com
Software: s2.52.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Mar 2021 08:00:57 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: s2.52.0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Fri, 12 Mar 2021 08:00:57 GMT
Last-Modified: Fri, 12 Mar 2021 08:00:57 GMT
Server: s2.52.0
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Type: text/html
Location: /blank.gif
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H2 200 vendors~prebid.53037a.js Show response
www.heise.de/assets/akwa/v24/js/ 212 KB
66 KB 7ms
6ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prebid.53037a.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

4de87ed52df1a2899626e63efb2516906b3be04c74b8d2a75ae3cfea46d8368d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 11:19:10 GMT
server: nginx
age: 2505
etag: W/"6049fcae-34e76"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 66967
x-xss-protection: 1; mode=block

GET
H2 200 prebid.6792a2.js Show response
www.heise.de/assets/akwa/v24/js/ 246 B
356 B 7ms
7ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.6792a2.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a7eec04d56b11c1b41b6bc6c0e38971d54ef10451f7d2ea4014204b3a5ce1eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:19:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 11:19:07 GMT
server: nginx
age: 2504
etag: "6049fcab-f6"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 246
x-xss-protection: 1; mode=block

GET
H2 200 native-message Show response
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ 471 KB
18 KB 68ms
68ms XHR
application/json 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%22c3d1ce3a-2fd8-47af-8875-7011fe1b8241%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: / Express
Resource Hash: db0987d8fbe9f291e3662c1aa4cfef1ea1548f5c4db6a2530f838f67077f0b90

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heise.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: NNM2VdSupGfxc-StFNIXIjbWpXucxFi0pG7m__wSg_SwqUqiCtk2Nw==
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)

OPTIONS
H2 200 native-message
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ Frame 0
0 107ms
38ms Preflight
text/html 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%22c3d1ce3a-2fd8-47af-8875-7011fe1b8241%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heise.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Fri, 12 Mar 2021 08:00:57 GMT
x-powered-by: Express
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: hXHHc3dADN4v4jWhvsEsri2iLtIKt_Zt6Zy8BhY-8pFaEHl6JWU3bg==

GET
H3-Q050 200 pubads_impl_2021030801.js Show response
securepubads.g.doubleclick.net/gpt/ 283 KB
100 KB 110ms
59ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

4967624b996e927f25c959c7d920f99f8544c7b2b17b1b55683d304250aa8de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 09:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101868
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:00:57 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 731D 416 B
816 B 43ms
43ms Document
text/html 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1615445123.094749"
last-modified: Wed, 10 Mar 2021 11:25:13 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Fri, 12 Mar 2021 08:00:57 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1615536057~rv=27~id=6277053afc5e74a3addf7c58fd6e96d7; path=/; Expires=Fri, 12 Mar 2021 08:00:57 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmhlaXNlLmRl Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 138ms
47ms XHR
application/json 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlaXNlLmRl
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:00:57 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14091
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: bf1c373020eb619029844f09e245e86b
Content-Length: 16
Expires: Fri, 12 Mar 2021 11:55:48 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
468 B 45ms
43ms Image
image/gif 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.921624932172847
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sun, 11 Apr 2021 08:00:57 GMT

GET
H2 200 qwant_q.svg
www.heise.de/icons/svg/icons/svg/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/svg/icons/svg/qwant_q.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

8041941b0884d5fd04914cd38af26dc0e42ee7fc2a051f67c6feee7d3092c995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 13:54:09 GMT
server: nginx
age: 2042
etag: "5f5f7601-726"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 923
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7615bee44be4826258209ae281c037396777896d7cb315697c92fbb6f23f42d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 heise_plus_positiv.09d69f.svg
www.heise.de/assets/heise/images/ 3 KB
1 KB 8ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/heise_plus_positiv.09d69f.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

3404e3ac6e9691cf983cb342902c601f3e7b099edc08a1138dddcd239f9165de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:08 GMT
server: nginx
age: 3490
etag: W/"604a1d7c-abe"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1093
x-xss-protection: 1; mode=block

GET
H2 200 heise_online.a025e5.svg
www.heise.de/assets/heise/images/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/heise_online.a025e5.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

8f58f0e1aba12df58f039d36b492fcb9226c4ea86101b464a43785f6bdf84277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:08 GMT
server: nginx
age: 3481
etag: W/"604a1d7c-f8c"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1679
x-xss-protection: 1; mode=block

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 731D 610 B
1009 B 45ms
44ms Document
text/html 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1615445123.936754"
last-modified: Wed, 10 Mar 2021 11:25:13 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Fri, 12 Mar 2021 08:00:57 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1615536057~rv=91~id=541b9ea2b4db50724bfcfeb0de185d35; path=/; Expires=Fri, 12 Mar 2021 08:00:57 GMT; Secure; SameSite=None

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 424ms
106ms XHR
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1615536057731&sessionId=4f3e453d-9265-ae05-96c1-b8c23e5e0a46&url=www.heise.de&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Mar 2021 08:00:58 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 963462fd527f782b77d573bdfebd19c
Content-Length: 4
Expires: 0

POST
H2 200 set_consent_cookies Show response
cmp.heise.de/mms/ 0
396 B 40ms
40ms XHR
text/plain 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/mms/set_consent_cookies?consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&consentUUID_maxAge=31536000&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&hasCsp=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: Jetty(9.4.2.v20170220) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:57 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
access-control-allow-methods: *
content-length: 0
x-amz-cf-id: uukaIYmufDT7_vqu8p0cR6y8ubqJjgycUzp-s2_e84CIWF2zDMr_iQ==

GET
H2 200 index.html Show response
cmp.heise.de/ Frame 15E0 4 KB
2 KB 34ms
33ms Document
text/html 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 057ed3bf33ac87646b61542cb878ae20c744d63c24e3cd7ad73150c202ed6fa8

Request headers

:method: GET
:authority: cmp.heise.de
:scheme: https
:path: /index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae; iom_consent=0100000000&1615536057782
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

content-type: text/html
last-modified: Thu, 04 Mar 2021 14:47:08 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 12 Mar 2021 07:53:16 GMT
etag: W/"04719d8150363530ab7c3522e4744be3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 3Uov_QefFRm_gAtw8DscrzzVWaeoFv4-fnLr2U8nfB1KJhWmYj9bWw==
age: 462

GET
H2 200 Notice.6d632.css
cmp.heise.de/ Frame 15E0 28 KB
5 KB 35ms
34ms Stylesheet
text/css 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.6d632.css
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93f5bfaebb59efc71a98518896d74be6019933c80a354b635dadc76d46d032d0

Request headers

Referer: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:54:23 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 14:47:08 GMT
server: AmazonS3
age: 395
etag: W/"a9111204214d9203b020fa40aa3d8308"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iUwuC1f1VdhtpTOWRXBVh1Kiociy5eZ-HsS1yoVCxnE7c7NySGyibQ==

GET
H2 200 polyfills.65071.js Show response
cmp.heise.de/ Frame 15E0 5 KB
2 KB 35ms
34ms Script
application/javascript 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/polyfills.65071.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:54:08 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 14:47:08 GMT
server: AmazonS3
age: 410
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nqMwvJYewUDinl94EzoMt3wUjZM84unYX3IzWaYjqlz4U7QN7smjXQ==

GET
H2 200 Notice.2a6b4.js Show response
cmp.heise.de/ Frame 15E0 170 KB
41 KB 40ms
39ms Script
application/javascript 143.204.209.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.2a6b4.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0014dbc4463a5ad67d89022b961c37d6b7c6c8d578545c88047f6fbbafef7ca7

Request headers

Referer: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:54:08 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 14:47:08 GMT
server: AmazonS3
age: 410
etag: W/"f0ef1551f14f7c38c9c98dcebb56eb91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _nfIZcCjnUwUKoIK-CxCW8Gs3QFUBOnkpjS74jnQUkaXcidTOAz2pg==

GET
H2 200 get Show response
odb.outbrain.com/utils/ 51 KB
21 KB 325ms
262ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FDer-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html&srcUrl=https%3A%2F%2Fwww.heise.de%2Frss%2Fheise-atom.xml&idx=0&rand=57444&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=272&py=3159&vpd=1959&settings=true&recs=true&version=2000245&sig=c6Hc4M3R&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPC7b5XPC7b5XAGABCENBRCgAAAAAH_AAAZQAAAOQAIMBAUAAAEEAAAIECIQAAQAiQAAAABBCABQJIAEqgACVwERAIAACAxAQgAAgBAQgwCAAACAJIAgBACwQCAAiAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5CAgIACCAFABAAAuJDACAMooASBBgIDIBAAjgBlgDUAHYAUsA3gCYgGBCIBQAVgBlgDUAHYAQAApYBrADqgHyAYEJAAgN_CQDwAEABWAEcAMsAagBAAClgGKANYAbwA-QCYgEygLQAYEFAAgC-DQDAArADLAGoAOwAgABBQClgGsAN4AdUA-QDAg4AEBv4qASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAKwAjgBqAFiALqAYoA6gC0AF2gNEHgAgCMgN_IQBwBHADUAKGAYoA6gC7QGiEQAIBGSUAgABAAbQBHAF1AMUAdQA-QC7SYAIAjIDfykAMAoYCtgF2lQAIDfwA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 13bdc0fa23eef82faf6bea546d375746eef0063b729df853262641ff714fc5bf

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.29
x-cache-hits: 0, 0
x-traceid: 6b8b4ef2a79c92e6e4a2f69552ff6146
content-encoding: gzip
content-length: 20767
x-served-by: cache-lga21929-LGA, cache-hhn4074-HHN
x-timer: S1615536058.976233,VS0,VE232
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 15E0 1 KB
1 KB 109ms
35ms Fetch
application/json 65.9.58.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=14602&consentLanguage=de
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/Notice.2a6b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1a7af394216a04c96a3756d89e219c878b57cc0f8c8602508d5090f472ae5349

Request headers

Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cmp.heise.de
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: t9zN0CcKpxHniEvPtmjdZYV5jb98EMeVEAEVQ8UPCc3GlvWXtb2k4g==
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)

GET
H2 200 /
d2p3zdq8vjvnxd.cloudfront.net/ Frame 15E0 26 B
365 B 118ms
87ms Image
image/gif 2600:9000:2127:ec00:13:7ad6:7840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2p3zdq8vjvnxd.cloudfront.net/?s_id=14602&m_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ec00:13:7ad6:7840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:59 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2019 18:39:37 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache,no-store
accept-ranges: bytes
content-length: 26
x-amz-cf-id: K2pSsJMt9KUE6pb1ICcKbcT3jtPXg46e97_8agkewuP517wwtJNonQ==

GET
H2 200 source-sans-pro-v11-latin-regular.96b158.woff2
www.heise.de/assets/heise/fonts/ Frame 15E0 16 KB
16 KB 21ms
8ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-regular.96b158.woff2

Requested by

Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=440488&consentUUID=7e2157b5-a9a7-408d-80d2-b2d871d325ae&requestUUID=c3d1ce3a-2fd8-47af-8875-7011fe1b8241&preload_message=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cmp.heise.de
Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:03:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:00 GMT
server: nginx
age: 3454
etag: "604a1d74-3e24"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15908
x-xss-protection: 1; mode=block

GET
H2 200 source-sans-pro-v11-latin-600.bd652d.woff2
www.heise.de/assets/heise/fonts/ Frame 15E0 15 KB
16 KB 21ms
8ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-600.bd652d.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cmp.heise.de
Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:03:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:38:59 GMT
server: nginx
age: 3454
etag: "604a1d73-3da8"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15784
x-xss-protection: 1; mode=block

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 46ms
45ms Image
image/png 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sun, 11 Apr 2021 08:00:58 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 46ms
46ms Image
image/svg+xml 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Der-Hafnium-Exchange-Server-Hack-Anatomie-einer-Katastrophe-5077269.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sun, 11 Apr 2021 08:00:58 GMT

GET
H2 200 source-sans-pro-v11-latin-700.05c98e.woff2
www.heise.de/assets/heise/fonts/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-700.05c98e.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.heise.de
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?4cc4852cca777b0546cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 07:03:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 13:39:09 GMT
server: nginx
age: 3442
etag: "604a1d7d-3c78"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15480
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 425ms
110ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f6cf733d94a2f8706fe7b67cf13c1afd_27285_1615536058147&tm=660&eT=0&widgetWidth=1056&widgetHeight=859&widgetX=272&widgetY=3160&tpcs=0&wRV=2000245&pVis=1&lsd=-1&eIdx=&cnsntV2=CPC7b5XPC7b5XAGABCENBRCgAAAAAH_AAAZQAAAOQAIMBAUAAAEEAAAIECIQAAQAiQAAAABBCABQJIAEqgACVwERAIAACAxAQgAAgBAQgwCAAACAJIAgBACwQCAAiAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5CAgIACCAFABAAAuJDACAMooASBBgIDIBAAjgBlgDUAHYAUsA3gCYgGBCIBQAVgBlgDUAHYAQAApYBrADqgHyAYEJAAgN_CQDwAEABWAEcAMsAagBAAClgGKANYAbwA-QCYgEygLQAYEFAAgC-DQDAArADLAGoAOwAgABBQClgGsAN4AdUA-QDAg4AEBv4qASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAKwAjgBqAFiALqAYoA6gC0AF2gNEHgAgCMgN_IQBwBHADUAKGAYoA6gC7QGiEQAIBGSUAgABAAbQBHAF1AMUAdQA-QC7SYAIAjIDfykAMAoYCtgF2lQAIDfwA.YAAAAAAAAAAA&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 12 Mar 2021 08:00:58 GMT
content-encoding: gzip
X-TraceId: 610d74894509eb9ce8fdc76cc1f00ad5
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 6D26 16 KB
6 KB 50ms
50ms Document
text/html 84.53.189.141
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.141 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-141.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: afb145bd40df8dffa617b6e9e404d0284c792dd7a3e40884b49df9c9279c625b

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "2759986ecbb4d0550a78c4abeda19fad:1614673403.295396"
last-modified: Tue, 02 Mar 2021 08:23:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Sat, 13 Mar 2021 08:00:58 GMT
date: Fri, 12 Mar 2021 08:00:58 GMT
content-length: 5390
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1615536058~rv=16~id=ad776a3da570a26a3000f3cbe4217816; path=/; Expires=Fri, 12 Mar 2021 08:00:58 GMT; Secure; SameSite=None

GET
H2 200 eyJpdSI6Ijk0NWZlYWVkZjQ2OWIwZjgyOGZkYTMzZTY5ZmM0ZmZjZWUyZmVmMTZlOGUxZDBiNTM4MzYwNzgzMWI4NzcxOTciLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 160ms
68ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijk0NWZlYWVkZjQ2OWIwZjgyOGZkYTMzZTY5ZmM0ZmZjZWUyZmVmMTZlOGUxZDBiNTM4MzYwNzgzMWI4NzcxOTciLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9cf1daf646a5565453ea304fda5d52e1a3744c8f986780e8523b914614ba0831

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=2289563
last-modified: Tue, 09 Mar 2021 17:16:39 GMT
x-traceid: 927f8816af16ad54f8daa893d1601f43
timing-allow-origin: *
content-length: 18414
content-type: image/webp

GET
H2 200 eyJpdSI6IjNhYjJlNzRiOWNmZTI3ODBiMDQwZTNiZTZmMDhmZThmZjVjYmMwNGQ1OGQ2YTE0NjNmOTA0ZmYyNWZhMzNhZmQiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 23 KB
23 KB 135ms
43ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNhYjJlNzRiOWNmZTI3ODBiMDQwZTNiZTZmMDhmZThmZjVjYmMwNGQ1OGQ2YTE0NjNmOTA0ZmYyNWZhMzNhZmQiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bba801c811f0fda8d5a3443f854c99dbdfb4fd60dd50e171124283ceb7e34f4b

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=1004544
last-modified: Fri, 29 Jan 2021 08:28:16 GMT
x-traceid: d9f6eb11c31d75e8db1652d9246c66d5
timing-allow-origin: *
content-length: 23284
content-type: image/webp

GET
H2 200 eyJpdSI6IjIxYTgwZTA1YzMzNWQ1YmVhYzllNTNhZmY2YTEwYzc0OTZkYzg2ZWFmNTNmOWE3MGUzODI0NDYwYTZmNDVlMDUiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 34 KB
34 KB 158ms
66ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjIxYTgwZTA1YzMzNWQ1YmVhYzllNTNhZmY2YTEwYzc0OTZkYzg2ZWFmNTNmOWE3MGUzODI0NDYwYTZmNDVlMDUiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e1bd6e683f50c6ece2ada1f901e8498bdea38e8c7183f3b4155ebea5b860fb9c

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=2322811
last-modified: Wed, 10 Mar 2021 14:17:39 GMT
x-traceid: a3660edd6019f6280a6d9d8c17ee3d12
timing-allow-origin: *
content-length: 34440
content-type: image/webp

GET
H2 200 eyJpdSI6IjQyNThhNjcyMThiNmM4ZjMyYjlhMjk4MzcyYTllYzI1MTVmYTYzZDg5ZDJlNDQ1NzNjMGY0ZTI0Mjc3OTQ5NTIiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 21 KB
21 KB 160ms
68ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQyNThhNjcyMThiNmM4ZjMyYjlhMjk4MzcyYTllYzI1MTVmYTYzZDg5ZDJlNDQ1NzNjMGY0ZTI0Mjc3OTQ5NTIiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0f11b55cfbd4cb772997fdd7359f40ea6fcbbd08cc8d343690e5af8e66394249

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=983389
last-modified: Thu, 28 Jan 2021 10:49:57 GMT
x-traceid: 97e8a110e34fbb0303b98e9a737fa4c7
timing-allow-origin: *
content-length: 21474
content-type: image/webp

GET
H2 200 eyJpdSI6IjIwYzE4ZDU2OTc0MjkyZmZhNzZjOTQyODYzMmYxYjgyOThlOTg2ZWJiNTU0MmE5NzA1YWY1MjFjYmU4ODA2ZGUiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 198ms
106ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjIwYzE4ZDU2OTc0MjkyZmZhNzZjOTQyODYzMmYxYjgyOThlOTg2ZWJiNTU0MmE5NzA1YWY1MjFjYmU4ODA2ZGUiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2940133406249bf17dbe677db19d34879f9bb661a545fd77cacbbec1804a4734

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=2312187
last-modified: Sun, 14 Feb 2021 23:25:08 GMT
x-traceid: cc328e54b36e43c387a987c48ed1fd88
timing-allow-origin: *
content-length: 11168
content-type: image/webp

GET
H2 200 eyJpdSI6IjVjY2VjNmQxMzg2NTVjMjI2ZGUwZmU2YTZkODNkYjdhOTFmZmM4MGNmYzA2NTg0ZGNjOGFhNTFlOTAzNThkOTAiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 45 KB
46 KB 182ms
91ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVjY2VjNmQxMzg2NTVjMjI2ZGUwZmU2YTZkODNkYjdhOTFmZmM4MGNmYzA2NTg0ZGNjOGFhNTFlOTAzNThkOTAiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80c71eb210b8848ebcef49f4e9caa48aa0a5dd6f458b6a7fdb681328ccb6f6bc

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=983352
last-modified: Sun, 31 Jan 2021 18:01:55 GMT
x-traceid: f6c320eca5b00f74e330a231a9da74c0
timing-allow-origin: *
content-length: 46556
content-type: image/webp

GET
H2 200 eyJpdSI6IjVjMmZkY2U3YTlhZmFlOTIyNmRiMzgxZWQzYmEyNzQ2MzNlNmI3NTg5ZDU1OTYyMzFlMDdmNWFkZjQ4YjM5ZjEiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 32 KB
32 KB 52ms
52ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVjMmZkY2U3YTlhZmFlOTIyNmRiMzgxZWQzYmEyNzQ2MzNlNmI3NTg5ZDU1OTYyMzFlMDdmNWFkZjQ4YjM5ZjEiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b317b33807ba2837355111bf73d45bdd127ba89b0d6da5253a8741b4a3297e43

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=985312
last-modified: Mon, 08 Feb 2021 08:12:53 GMT
x-traceid: 2ca992aea81df7e418a5b7dc441875cb
timing-allow-origin: *
content-length: 32302
content-type: image/webp

GET
H2 200 eyJpdSI6Ijc3ZGEwNmUyZmY5N2JiM2MwYzEyMTg5ZTQ1YTRkZDQ2NDc1YWVhZWJhYzY5ZjQwNjQwNzRjNDMyNTM3MTUyN2YiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 23 KB
23 KB 53ms
52ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc3ZGEwNmUyZmY5N2JiM2MwYzEyMTg5ZTQ1YTRkZDQ2NDc1YWVhZWJhYzY5ZjQwNjQwNzRjNDMyNTM3MTUyN2YiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a871d59e2343fb75085b28ab76d4ea50927cd0cffb5ad9c8197f16013b690f02

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=986410
last-modified: Mon, 08 Feb 2021 23:01:52 GMT
x-traceid: 75c2c7342d675dfa9a3fc35391356114
timing-allow-origin: *
content-length: 23174
content-type: image/webp

GET
H2 200 eyJpdSI6ImQyYTdhZWM1MzNjZGZkZjgyODMxY2Q2NTBhYTY2ZjUxZmYwYzg3NDY5ZTgwZGMxYTllYjhlOWUyNWZkZTFjYmQiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 27 KB
27 KB 57ms
56ms Image
image/webp 23.44.61.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQyYTdhZWM1MzNjZGZkZjgyODMxY2Q2NTBhYTY2ZjUxZmYwYzg3NDY5ZTgwZGMxYTllYjhlOWUyNWZkZTFjYmQiLCJ3IjozMDAsImgiOjE1MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.61.248 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-61-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4569d78193e65e0ece45340b30c3dc23006ef1528922fac4d0ba870986ba2e17

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:00:58 GMT
cache-control: max-age=985131
last-modified: Fri, 19 Feb 2021 10:57:24 GMT
x-traceid: 75bd2a0a4470e3b601ed65ead3c111fb
timing-allow-origin: *
content-length: 27574
content-type: image/webp

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_lt Value: 1:
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
.heise.de/	1970-01-19 17:08:34	Name: iom_consent Value: 0100000000&1615536057782
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKHhKMPBDDoDZWJ0YpFcTMK83JAbJLwAqqa0clhryEUiwAed6Z7ZQCAAA%3D
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_data Value: 2:297338:1615536057:0:1:0:1:0:0:_:-1
.heise.de/	1970-01-20 01:31:12	Name: consentUUID Value: 7e2157b5-a9a7-408d-80d2-b2d871d325ae
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_opt Value: 1:
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_csv Value: null
www.heise.de/	1970-01-19 17:28:48	Name: _sp_v1_uid Value: 1:320:18ef6c52-efd5-47ad-a1eb-4a046d019b34

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 15) Message: Performance Polyfills [ms]: 10
console-api	debug	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 80) Message: TypeError: Cannot read property 'akwaDebug' of null
console-api	debug	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 80) Message: TypeError: Cannot read property 'akwaDebug' of null
console-api	debug	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 80) Message: TypeError: Cannot read property 'akwaDebug' of null
console-api	debug	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 80) Message: TypeError: Cannot read property 'akwaDebug' of null
console-api	debug	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 80) Message: TypeError: Cannot read property 'akwaDebug' of null
console-api	debug	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?347d913592190c79519d(Line 80) Message: TypeError: Cannot read property 'akwaDebug' of null
console-api	log	URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.privacy-mgmt.com
cmp.heise.de
d2p3zdq8vjvnxd.cloudfront.net
de.ioam.de
heise.cloudimg.io
images.outbrainimg.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
script.ioam.de
securepubads.g.doubleclick.net
ssl-heise.met.vgwort.de
tcheck.outbrainimg.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.heise.de
yxsu5ufd2m.kameleoon.eu
143.204.209.111
151.101.114.132
161.156.66.178
172.217.18.98
23.44.61.248
2600:9000:2127:c200:b:f730:9800:93a1
2600:9000:2127:ec00:13:7ad6:7840:21
2606:4700:20::681a:a1e
2a02:2e0:3fe:1001:7777:772e:2:85
65.9.58.13
70.42.32.95
84.53.189.141
91.215.103.64
91.215.103.65
0014dbc4463a5ad67d89022b961c37d6b7c6c8d578545c88047f6fbbafef7ca7
057ed3bf33ac87646b61542cb878ae20c744d63c24e3cd7ad73150c202ed6fa8
0f11b55cfbd4cb772997fdd7359f40ea6fcbbd08cc8d343690e5af8e66394249
13bdc0fa23eef82faf6bea546d375746eef0063b729df853262641ff714fc5bf
1a7af394216a04c96a3756d89e219c878b57cc0f8c8602508d5090f472ae5349
209af4141c32010ad002dae6e3c9c648ae8490b2b1e41701917dda3f927b3228
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
293e1c6d57a975027b104bdb7a369bd34807f9ca418db547e913099dce08b879
2940133406249bf17dbe677db19d34879f9bb661a545fd77cacbbec1804a4734
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3404e3ac6e9691cf983cb342902c601f3e7b099edc08a1138dddcd239f9165de
35f00f632bbd7be49e0e3769bedddfd846f3e0c3737ea355f62b8ce5dfa02d3f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4569d78193e65e0ece45340b30c3dc23006ef1528922fac4d0ba870986ba2e17
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4967624b996e927f25c959c7d920f99f8544c7b2b17b1b55683d304250aa8de3
4d5d383213197502219f9b13b1e94e0434745a461939f51ba2f3827ad8183d6b
4de87ed52df1a2899626e63efb2516906b3be04c74b8d2a75ae3cfea46d8368d
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6418979c9feb1322a5accdb13f8af394992a8dfb72b88738f86cbd744dcbb447
6ac6a720f0e0dbae455724576f84f663d71092e298b9a561b9ed0de9821d1954
7d89103e5a72062a6bdca0819fcd7500288dcdccd6dbe59c532cd13937f37ed0
8041941b0884d5fd04914cd38af26dc0e42ee7fc2a051f67c6feee7d3092c995
80c71eb210b8848ebcef49f4e9caa48aa0a5dd6f458b6a7fdb681328ccb6f6bc
81640fe2def729fa7f1f1d5339af6d352eec0f0aa55e1cb78ed99c34d9036233
8f58f0e1aba12df58f039d36b492fcb9226c4ea86101b464a43785f6bdf84277
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93f5bfaebb59efc71a98518896d74be6019933c80a354b635dadc76d46d032d0
9747d3717b7b7522f9f1ee36511461332e50436d1d8d8ec5571b80f6eb0dc6e5
9ce73521d45b4fb6a1fb8056ef41454bc69cf712d102a390d0c09dc6044079ab
9cf1daf646a5565453ea304fda5d52e1a3744c8f986780e8523b914614ba0831
9f67de84df2be3e3f5d5125e9845fd6e78d863a514c8b76608fd47d9c328fe67
a59069d842fc70e07dddaa0184c9f62ac950f5fb66b4dd0e9f516b20756d97c7
a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d
a6f36a99532c014c23e09238678ae3ce1ce5cf83e11a28fd649123f7d26331bf
a7eec04d56b11c1b41b6bc6c0e38971d54ef10451f7d2ea4014204b3a5ce1eb9
a871d59e2343fb75085b28ab76d4ea50927cd0cffb5ad9c8197f16013b690f02
afb145bd40df8dffa617b6e9e404d0284c792dd7a3e40884b49df9c9279c625b
b317b33807ba2837355111bf73d45bdd127ba89b0d6da5253a8741b4a3297e43
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bba801c811f0fda8d5a3443f854c99dbdfb4fd60dd50e171124283ceb7e34f4b
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05887bd91958fde7e5278eba4219f9dfc9c7cafc911dbfe1b57bdb30e4ebd14
d7615bee44be4826258209ae281c037396777896d7cb315697c92fbb6f23f42d
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
db0987d8fbe9f291e3662c1aa4cfef1ea1548f5c4db6a2530f838f67077f0b90
e1bd6e683f50c6ece2ada1f901e8498bdea38e8c7183f3b4155ebea5b860fb9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

www.heise.de Open in urlscan Pro 2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

29 %IPv6

10 Domains

17 Subdomains

15 IPs

3 Countries

1148 kBTransfer

3475 kBSize

9 Cookies

35 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

29 %
IPv6

10
Domains

17
Subdomains

15
IPs

3
Countries

1148 kB
Transfer

3475 kB
Size

9
Cookies

58 HTTP transactions
1 data transactions