www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=n...
Submission: On March 16 via api (March 16th 2023, 2:10:10 pm UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 4 domains to perform 59 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:2:85, located in Germany and belongs to PLUSLINE, DE. The main domain is www.heise.de. The Cisco Umbrella rank of the primary domain is 51218.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.

This is the only time www.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2a02:2e0:3fe:... 2a02:2e0:3fe:1001:7777:772e:2:85	12306 (PLUSLINE) (PLUSLINE)
10	108.138.17.31 108.138.17.31	16509 (AMAZON-02) (AMAZON-02)
1	52.55.70.30 52.55.70.30	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:249... 2600:9000:2491:f000:b:f730:9800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2e0:3fe:... 2a02:2e0:3fe:1001:ab1::	12306 (PLUSLINE) (PLUSLINE)
4	2606:4700:10:... 2606:4700:10::6816:26e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.54.150.11 185.54.150.11	60164 (WEBTREKK-AS) (WEBTREKK-AS)
6	185.54.150.12 185.54.150.12	60164 (WEBTREKK-AS) (WEBTREKK-AS)
2	185.54.150.27 185.54.150.27	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	2600:9000:239... 2600:9000:2396:f800:1c:1ac7:3e40:93a1	16509 (AMAZON-02) (AMAZON-02)
59	11

30 2a02:2e0:3fe:1001:7777:772e:2:85 (Germany)

ASN12306 (PLUSLINE, DE)

www.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data-fb7f8b3ae8.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.138.17.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-31.fra56.r.cloudfront.net

cmp.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.70.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-70-30.compute-1.amazonaws.com

responder.wt.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:f000:b:f730:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)

heise.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2e0:3fe:1001:ab1:: (Germany)

ASN12306 (PLUSLINE, DE)

api.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:26e (United States)

ASN13335 (CLOUDFLARENET, US)

files.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit-pool.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.11 (Germany)

ASN60164 (WEBTREKK-AS, DE)

cdn.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.54.150.12 (Germany)

ASN60164 (WEBTREKK-AS, DE)

r.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.27 (Germany)

ASN60164 (WEBTREKK-AS, DE)

prophet.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2396:f800:1c:1ac7:3e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

am.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	heise.de www.heise.de — Cisco Umbrella Rank: 51218 cmp.heise.de — Cisco Umbrella Rank: 134361 responder.wt.heise.de — Cisco Umbrella Rank: 179440 data-fb7f8b3ae8.heise.de — Cisco Umbrella Rank: 180079 api.heise.de — Cisco Umbrella Rank: 413604 prophet.heise.de — Cisco Umbrella Rank: 184230 am.heise.de — Cisco Umbrella Rank: 291882	1 MB
8	mateti.net cdn.mateti.net — Cisco Umbrella Rank: 65785 r.mateti.net — Cisco Umbrella Rank: 101936	36 KB
4	upscore.com files.upscore.com — Cisco Umbrella Rank: 48252 hit-pool.upscore.com — Cisco Umbrella Rank: 44021	15 KB
1	cloudimg.io heise.cloudimg.io — Cisco Umbrella Rank: 101064	29 KB
59	4

	Domain	Requested by
25	www.heise.de	www.heise.de
10	cmp.heise.de	www.heise.de cmp.heise.de
6	r.mateti.net	cdn.mateti.net
5	data-fb7f8b3ae8.heise.de	www.heise.de data-fb7f8b3ae8.heise.de
2	prophet.heise.de
2	cdn.mateti.net	responder.wt.heise.de cdn.mateti.net
2	hit-pool.upscore.com	files.upscore.com
2	files.upscore.com	www.heise.de files.upscore.com
2	api.heise.de	www.heise.de
1	am.heise.de
1	heise.cloudimg.io	www.heise.de
1	responder.wt.heise.de	www.heise.de
59	12

This site contains links to these domains. Also see Links.

Domain
www.techstage.de
jobs.heise.de
bildung.heise.de
business-services.heise.de
tarifrechner.heise.de
spiele.heise.de
shop.heise.de
www.heise-events.de
www.heise-gruppe.de
mediadaten.heise.de
it-kenner.heise.de
getpocket.com
app-eu.readspeaker.com
twitter.com
pubads.g.doubleclick.net
www.facebook.com
www.linkedin.com
reddit.com
heise.de
www.interred.de
www.plusline.net

Subject Issuer	Validity	Valid
www.heise.de R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
cmp.heise.de R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
responder.wt.heise.de Sectigo RSA Domain Validation Secure Server CA	`2022-10-12` - `2023-11-12`	a year	crt.sh
data-fb7f8b3ae8.heise.de R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
*.cloudimg.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-23` - `2023-05-31`	a year	crt.sh
api.heise.de R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
*.upscore.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.mateti.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
prophet.heise.de Sectigo RSA Domain Validation Secure Server CA	`2022-03-15` - `2023-04-15`	a year	crt.sh
am.heise.de Amazon RSA 2048 M02	`2023-03-01` - `2023-05-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Frame ID: 332608CED298829561E8FC4CD82DEA40
Requests: 49 HTTP requests in this frame

Frame: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
Frame ID: EE6EE0C8C2D6FB37CF4BB068BF37EC85
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DDoS-Attacken? – Websites mehrerer deutscher Flughäfen offline | heise online heise online Logoc't Magazin LogoiX Magazin LogoMIT Technology Review Logoc't Fotografie LogoMac an i LogoMake Logoheise-BotPush Nachrichtenheise online Logoc't Magazin LogoiX Magazin LogoMIT Technology Review Logoc't Fotografie LogoMac an i LogoMake Logoheise-BotPush Nachrichtencomments_outline_whiteheise-BotPush Nachrichten

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

59
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

12
Subdomains

11
IPs

2
Countries

1283 kB
Transfer

2940 kB
Size

8
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techstage.de/
Title: TechStage

Search URL Search Domain Scan URL

URL: https://jobs.heise.de/
Title: Stellenmarkt heise Jobs

Search URL Search Domain Scan URL

URL: https://bildung.heise.de/
Title: Weiterbildung

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/
Title: Whitepaper/Webcasts

Search URL Search Domain Scan URL

URL: https://tarifrechner.heise.de/dsl/
Title: DSL-Vergleich

Search URL Search Domain Scan URL

URL: https://spiele.heise.de/
Title: Spielen bei Heise

Search URL Search Domain Scan URL

URL: https://shop.heise.de/
Title: heise Shop

Search URL Search Domain Scan URL

URL: https://shop.heise.de/zeitschriften-abo/
Title: Abo

Search URL Search Domain Scan URL

URL: https://www.heise-events.de/
Title: Veranstaltungen

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/artikel/Heise-als-Arbeitgeber-1812545.html
Title: Arbeiten bei Heise

Search URL Search Domain Scan URL

URL: https://mediadaten.heise.de/
Title: Mediadaten

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/presse/
Title: Presse

Search URL Search Domain Scan URL

URL: https://it-kenner.heise.de/zukunft-der-arbeit/?utm_medium=TT&utm_campaign=Die_Zukunft_der_Arbeit
Title: Die Zukunft der Arbeit

Search URL Search Domain Scan URL

URL: https://it-kenner.heise.de/hybrid-work/?utm_source=heise&utm_medium=top-Navi&utm_campaign=hp
Title: Hybrid Work.

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html
Title: In Pocket speichern

Search URL Search Domain Scan URL

URL: https://app-eu.readspeaker.com/cgi-bin/rsent?customerid=4407&lang=de_de&readid=meldung&url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fseite%3Dall
Title: vorlesen

Search URL Search Domain Scan URL

URL: https://twitter.com/airportnue/status/1626183544211927044
Title: aber wieder erreichbar

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6223502793&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Software sicher entwickeln vom Code bis zur Cloud

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6219895824&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Mit der Cloud immun gegen Krisen

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6221269085&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Digitale Souveränität und sicherer Datenaustausch

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6219972385&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Cloud-Nutzung mit maximaler Datenhoheit

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6219792692&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Themenspecial: Die Zukunft der Arbeit

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6196350378&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: All-Flash-Speicher für mehr Storage-Kapazität

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6091026857&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: 7 Tipps für eine erfolgreiche Facebook-Unternehmensseite

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=6194925802&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Themenspecial: Moderne IT-Infrastruktur

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6245793240&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Sensible Daten unkompliziert austauschen

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6238300242&iu=%2F6514%2Fwww.heise.de%2Fclicktracking%2Ftextlink
Title: Zero Trust - na klar! Aber was muss nun auf meine Einkaufsliste?

Search URL Search Domain Scan URL

URL: https://shop.heise.de/ma-25831-ma000009?LPID=31364_MA000009_22719_3_57&wt_mc=intern.abo.make.ma_ea_2023.dmp.teaserh.teaserh

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html&text=DDoS-Attacken%3F+%E2%80%93+Websites+mehrerer+deutscher+Flugh%C3%A4fen+offline+%7C+heise+online

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html&title=DDoS-Attacken%3F+%E2%80%93+Websites+mehrerer+deutscher+Flugh%C3%A4fen+offline

Search URL Search Domain Scan URL

URL: https://heise.de/-7517691
Title: https://heise.de/-7517691

Search URL Search Domain Scan URL

URL: http://www.interred.de/
Title: Content Management by InterRed

Search URL Search Domain Scan URL

URL: https://www.plusline.net/
Title: Hosted by Plus.line

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/artikel/Heise-Medien-3904998.html
Title: Copyright © 2023 Heise Medien

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html Show response
www.heise.de/news/ 186 KB
48 KB 67ms
21ms Document
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

3151046d00032f6ee55e687a47d8e4b81cf0c85005fdae76a4cc2004e7fbcd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2010
cache-control: no-store
content-encoding: gzip
content-length: 48701
content-type: text/html; charset=UTF-8
date: Thu, 16 Mar 2023 13:36:34 GMT
last-modified: Thu, 16 Mar 2023 13:36:34 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding, X-Export-Format, X-Export-Agent, X-Export-IAP
x-content-type-options: nosniff
x-frame-options: DENY
x-hacc-refreshed
x-xss-protection: 1; mode=block

GET
H2 200 ss3vf.c70.ltc.woff2
www.heise.de/assets/styles/fonts/ 54 KB
54 KB 31ms
30ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ss3vf.c70.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:31 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
last-modified: Tue, 14 Mar 2023 13:22:59 GMT
server: nginx
age: 6693
etag: "64107533-d648"
x-frame-options: DENY
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 54856
x-xss-protection: 1; mode=block

GET
H2 200 ss3vf-i.ec7.ltc.woff2
www.heise.de/assets/styles/fonts/ 43 KB
43 KB 35ms
34ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ss3vf-i.ec7.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

bd096226d9b1615254aa29ae8b2c4bb1f778d1cf79f0386f5fcd05a303f04e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
last-modified: Tue, 14 Mar 2023 13:22:59 GMT
server: nginx
age: 6690
etag: "64107533-ab88"
x-frame-options: DENY
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 43912
x-xss-protection: 1; mode=block

GET
H2 200 common-icons.svg
www.heise.de/icons/ 13 KB
5 KB 21ms
20ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/common-icons.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

4d3a99c9584e4ecfbcacd338e86ca51019bb90cf2d5cf0b8c51c812e3421c7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 16 Jan 2023 13:28:09 GMT
server: nginx
age: 6695
etag: W/"63c550e9-32ae"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=7200
accept-ranges: bytes
content-length: 4480
x-xss-protection: 1; mode=block

GET
H2 200 index.css
www.heise.de/assets/styles/ 62 KB
12 KB 34ms
33ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/index.css?.ltc.86d38a4c2b4f36a61089

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

612621f006f57292d7c4033d37a1fbcbfec9601e3961f7528ae726424ffe9e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Tue, 14 Mar 2023 13:22:59 GMT
server: nginx
age: 6693
etag: W/"64107533-f8c7"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11640
x-xss-protection: 1; mode=block

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmp.heise.de/unified/ 120 KB
35 KB 89ms
26ms Script
text/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cade37a58088a67e374cf68d8c7e0b17e50dcbb628734c412e3492de70808384

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:28 GMT
content-encoding: br
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 14:22:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2797
x-amz-server-side-encryption: AES256
etag: W/"6e2eb4cf04afb8fdacf49f1e813438b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: nISuit4Lm_GNYQ5W6pKR3l1bDyl7tRTTTujJGBHSJLmoiFuQ2CKDvQ==

GET
H2 200 ho.css
www.heise.de/assets/heise/ho/css/ 292 KB
44 KB 33ms
33ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.9ffd9d947a5d29b56a7e

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

5c0ffc6849fef78419015ab3a2f6676aca285bca54753d1d93516dfc97162999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Wed, 15 Mar 2023 12:41:33 GMT
server: nginx
age: 5299
etag: W/"6411bcfd-491d2"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44334
x-xss-protection: 1; mode=block

GET
H2 200 akwa.js Show response
www.heise.de/assets/akwa/v24/js/ 245 KB
74 KB 24ms
22ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

826b8c517cfc53e771bd07fad89663ee844dc666ccdd825ad06c8da4d1ce13ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:28 GMT
server: nginx
age: 6693
etag: W/"640f1458-3d55b"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 75611
x-xss-protection: 1; mode=block

GET
H2 200 ho.js Show response
www.heise.de/assets/heise/ho/js/ 120 KB
39 KB 25ms
23ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/js/ho.js?.ltc.8a8a47b8d863d11e67fe

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

605173585c53d1297eae39a7d39bc4a0864034af38763f83f0d6d4c64be85df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Wed, 15 Mar 2023 12:41:33 GMT
server: nginx
age: 5299
etag: W/"6411bcfd-1e0e9"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39162
x-xss-protection: 1; mode=block

GET
H2 200 qwant_q.svg
www.heise.de/icons/svg/icons/svg/ 1 KB
761 B 23ms
22ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/svg/icons/svg/qwant_q.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a696e0df7ef17decbb4edfa00f128a36f98fee575cbcc2c57f83419402e34610

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Thu, 19 Jan 2023 14:57:31 GMT
server: nginx
age: 6695
etag: "63c95a5b-518"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=7200
accept-ranges: bytes
content-length: 644
x-xss-protection: 1; mode=block

GET
H2 200 akwa.css
www.heise.de/assets/akwa/v24/css/ 44 KB
8 KB 45ms
43ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/css/akwa.css?.ltc.dcef129a408f905c8ad2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f38aae4fbc15d91f53511da30a18c11e0d3be585c7757d9714fcaa84edaff78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:25 GMT
server: nginx
age: 6693
etag: W/"640f1455-afe4"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7614
x-xss-protection: 1; mode=block

GET
H2 200 Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html
www.heise.de/ivw-bin/ivw/CP/news/ 43 B
233 B 45ms
44ms Image
image/gif 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/ivw-bin/ivw/CP/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:04 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
age: 0
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jan 2011 15:58:20 GMT
server: nginx
etag: "4d385b9c-2b"
x-frame-options: DENY
vary
content-type: image/gif
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
accept-ranges: bytes
x-hacc-refreshed
expires: Thu, 16 Mar 2023 14:10:04 GMT

GET
H2 200 common-icons.svg
www.heise.de/icons/ 13 KB
5 KB 44ms
43ms Other
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/icons/common-icons.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

4d3a99c9584e4ecfbcacd338e86ca51019bb90cf2d5cf0b8c51c812e3421c7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 16 Jan 2023 13:28:09 GMT
server: nginx
age: 6695
etag: W/"63c550e9-32ae"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=7200
accept-ranges: bytes
content-length: 4480
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 magazine_v1.457e.ltc.svg
www.heise.de/assets/heise/images/ 2 KB
941 B 32ms
32ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/magazine_v1.457e.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.9ffd9d947a5d29b56a7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.9ffd9d947a5d29b56a7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Wed, 15 Mar 2023 12:41:33 GMT
server: nginx
age: 6692
etag: W/"6411bcfd-622"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 823
x-xss-protection: 1; mode=block

GET
H2 200 gdpr-tcf.4beb2afb0070f1a389db.bundle.js Show response
cmp.heise.de/unified/4.6.2/ 86 KB
18 KB 24ms
24ms Script
text/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/unified/4.6.2/gdpr-tcf.4beb2afb0070f1a389db.bundle.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a5c006e43cef72a54f0a1e35ef86a10323eb99493791be543a1be1c8043ce19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:23:29 GMT
content-encoding: br
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 17:13:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 85596
x-amz-server-side-encryption: AES256
etag: W/"e4bf94e14b325568efb7d08b31403756"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: RhcKJugnKYl5iR4UZx99L1Bd11avY_b1iOeMbJWL8qnsPwjuzEnvOw==

GET
H2 200 meta-data Show response
cmp.heise.de/wrapper/v2/ 227 B
755 B 26ms
23ms XHR
application/json 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.heise.de/wrapper/v2/meta-data?hasCsp=true&accountId=1603&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=14602&scriptVersion=4.6.2&scriptType=unified

Requested by

Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-31.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

c945d9993e1195132c5980f691f8059a90131d3e8a11d0543fad9909a5d0b273

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Mar 2023 13:25:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2664
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 227
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: zPCHd8U7nfWv6raUQEfMq24ilg7e3kzUWjUQK_lq6OzXSULJlo2wkg==

OPTIONS
H2 200 meta-data
cmp.heise.de/wrapper/v2/ Frame 0
0 71ms
24ms Preflight
text/plain 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.heise.de/wrapper/v2/meta-data?hasCsp=true&accountId=1603&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=14602&scriptVersion=4.6.2&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-31.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 85590
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 15 Mar 2023 14:23:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-id: 499k1sfbcwYAGla7n9p4J5GzxyO_6W4aU-7FTFw4It4UFnjl9NonfA==
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 urls Show response
www.heise.de/sso/login/ 361 B
403 B 89ms
89ms Fetch
application/json 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/sso/login/urls

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

627349bbd5debfea5f80d87edf6c6a482df92e71bfad097b0a852384d10a9f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
age: 0
content-length: 179
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Mar 2023 14:10:04 GMT
server: nginx
x-frame-options: DENY
vary: Accept-Encoding, Cookie
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.heise.de
cache-control: private,must-revalidate,max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
x-hacc-refreshed

GET
H2 200 938.f4f636.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 185 KB
58 KB 22ms
22ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/938.f4f636.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

b4c28b398197245959e163d34b5f55e1b5047b886fe85cb5ce318b2867428b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:28 GMT
server: nginx
age: 6659
etag: W/"640f1458-2e3b7"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 59435
x-xss-protection: 1; mode=block

GET
H2 200 embetty.bde696.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 110 B
226 B 21ms
21ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/embetty.bde696.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

b3af4bcefa1f2c38962dd5de11f0ad8c5a847824e0761badd888da3ac78a872d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:27 GMT
server: nginx
age: 6659
etag: "640f1457-6e"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 111
x-xss-protection: 1; mode=block

GET
H2 200 94.6f1936.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
81 KB 25ms
24ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/94.6f1936.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:24 GMT
server: nginx
age: 6693
etag: W/"640f1454-3ef45"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 82434
x-xss-protection: 1; mode=block

GET
H2 200 prebid.b4b497.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
290 B 24ms
23ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.b4b497.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:24 GMT
server: nginx
age: 6692
etag: W/"640f1454-cc"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 173
x-xss-protection: 1; mode=block

GET
H2 200 133.ffbd2e.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
28 KB 25ms
25ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/133.ffbd2e.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:25 GMT
server: nginx
age: 6694
etag: W/"640f1455-14a55"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28202
x-xss-protection: 1; mode=block

GET
H2 200 prismjs.327aba.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
383 B 27ms
26ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prismjs.327aba.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:24 GMT
server: nginx
age: 6693
etag: W/"640f1454-18f"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 265
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 288689636920174 Show response
responder.wt.heise.de/resp/api/get/ 172 KB
44 KB 668ms
225ms Script
text/javascript 52.55.70.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link&v=5
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.70.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-70-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cdf6eb48f69b9c64863691938ced2c251df7b47ba0df821d6b22a7d47ab89c54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 14:10:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Mar 2023 11:32:55 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age: 0, must-revalidate
Connection: keep-alive

GET
H2 200 stub.js Show response
data-fb7f8b3ae8.heise.de/iomm/latest/bootstrap/ 323 B
548 B 91ms
45ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/bootstrap/stub.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0ebf392a8dc474a819a0f36ab90c75647b2e7d119742304951acfecfa30739b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:04 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 09:12:31 GMT
server: nginx
age: 0
etag: W/"6315bd7f-143"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed
content-length: 231

GET
H2 200 94.6f1936.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 252 KB
81 KB 20ms
20ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/94.6f1936.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f2fb31c5483847059bc2e53cf21d7e2879dade0720300e1d55b8064710e1b417

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:24 GMT
server: nginx
age: 6693
etag: W/"640f1454-3ef45"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 82434
x-xss-protection: 1; mode=block

GET
H2 200 prebid.b4b497.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 204 B
290 B 21ms
21ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.b4b497.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

5ad0d8a7bb2796dd9de535368dbc94948c9f3590579472b863c7cfbd5ab2b991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Mon, 13 Mar 2023 12:17:24 GMT
server: nginx
age: 6692
etag: W/"640f1454-cc"
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 173
x-xss-protection: 1; mode=block

GET
H2 200 px.js Show response
www.heise.de/assets/akwa/v24/js/ 0
98 B 33ms
32ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/px.js?ch=1

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 12:17:26 GMT
server: nginx
age: 6695
etag: "640f1456-0"
x-frame-options: DENY
vary: Origin
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 px.js Show response
www.heise.de/assets/akwa/v24/js/ 0
98 B 33ms
33ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/px.js?ch=2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 12:17:25 GMT
server: nginx
age: 6695
etag: "640f1455-0"
x-frame-options: DENY
vary: Origin
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 shutterstock_1414652729-15be3c3aecd7f0c5.jpeg
heise.cloudimg.io/v7/_www-heise-de_/imgs/18/3/7/0/2/9/1/3/ 28 KB
29 KB 118ms
28ms Image
image/webp 2600:9000:2491:f000:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/v7/_www-heise-de_/imgs/18/3/7/0/2/9/1/3/shutterstock_1414652729-15be3c3aecd7f0c5.jpeg?force_format=avif%2Cwebp%2Cjpeg&org_if_sml=1&q=85&width=610

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:f000:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

9f65563ae31c12f03c28d38d4733c76cf3075b12cf82fbe04cdbf1b5d9e27cdc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:11:29 GMT
x-hexa-sleepingtime: 0
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P7
age: 2426316
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 28906
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 89s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_009_20230216121129_5c642_yIW6#320y
etag: "b69dea2b101af3d0e4f85675a5f714e1"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: 7ZzcQFDNCl7ITFYycqyxj2Cl8DubqRnc8pZDGorP4ei6-hvj53yu6Q==

GET
H2 200 messages Show response
cmp.heise.de/wrapper/v2/ 81 KB
9 KB 94ms
94ms XHR
application/json 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.heise.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1603%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%22%2C%22propertyId%22%3A14602%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&scriptVersion=4.6.2&scriptType=unified

Requested by

Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-31.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

4c5b8566730e50eb6585cf1616399614fcb24f7a5c6f4bb0f4fc8b1592e954dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: eqb4YvpDZUUwGmR9xIreWa_hl-tNZxKFuz9LM742Yu6XrON7pMULxQ==

OPTIONS
H2 200 messages
cmp.heise.de/wrapper/v2/ Frame 0
0 32ms
30ms Preflight
text/plain 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-31.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 16 Mar 2023 14:10:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-id: n9H-dkCxj3Ad69TK8PANG9yx_La6lDq4JhUDyxM77fzwEA1967ICJg==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 1626147198906908672 Show response
api.heise.de/svc/embetty/tweet/ 3 KB
1 KB 105ms
45ms Fetch
application/json 2a02:2e0:3fe:1001:ab1::
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.heise.de/svc/embetty/tweet/1626147198906908672

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/938.f4f636.ltc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:ab1:: , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

40796bf7fbbf95147fddcdfcf1aad2800c405c106c6731cd369ac85804488f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
etag: W/"a2b-U22ZIerpl9fbZscbG+Dj0+swn2A"
x-download-options: noopen
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1101
x-xss-protection: 1; mode=block

GET
H2 200 bundle.js Show response
data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/ 59 KB
18 KB 27ms
26ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/bundle.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: ae178608bad9c15415676b377fe100b2c3666751501ec215e4d7b974992c1a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:04 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 09:12:31 GMT
server: nginx
age: 0
etag: W/"6315bd7f-eb52"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed

GET
H2 200 bundle.js Show response
data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/ 26 KB
10 KB 69ms
27ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/bundle.js
Requested by: Host: data-fb7f8b3ae8.heise.de
URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: d46b45450021ae5e04125b8b529b465cf8ccad11bf6acfa1c4cca244ef77ef6f

Request headers

Referer: https://www.heise.de/
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 10:13:46 GMT
server: nginx
age: 0
etag: W/"62c5605a-681d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.heise.de
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed

GET
H2 200 upScore.js Show response
files.upscore.com/async/ 39 KB
14 KB 76ms
28ms Script
application/javascript 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.upscore.com/async/upScore.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27535b213221942871207d4b519e5060c6633abfd599ffc0a17b1d46d1222938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 02 Mar 2023 14:00:08 GMT
server: cloudflare
x-amz-request-id: CQDNQZ19DB0QZAK3
age: 468
etag: W/"add40eab6ce2ba695166064c1eafe293"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a8d93ddfa13905e-FRA
x-amz-id-2: eoVulQyegbhU+ugIz04p2P/a4krJKK39cPFBA+zCVV9Yf3rb6B7Rnrks6m2zptVLuxuj/Bz9cdk=

GET
H2 200 index.html Show response
cmp.heise.de/ Frame EE6E 4 KB
2 KB 21ms
21ms Document
text/html 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00

Request headers

Referer: https://www.heise.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1603
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Thu, 16 Mar 2023 13:43:23 GMT
etag: W/"56ced6c92a94bd4ee47d5c270e624599"
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-id: RZcIbxhEFUcY7F0nq7jLvJ6Ek9dRTzsw5UxD1b9wXpXUFA65UfFg5Q==
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 1626147198906908672-profile-image
api.heise.de/svc/embetty/tweet/ 3 KB
3 KB 73ms
29ms Image
image/jpeg 2a02:2e0:3fe:1001:ab1::
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.heise.de/svc/embetty/tweet/1626147198906908672-profile-image

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:ab1:: , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

b32d2cf3fc08037b1b2fbad22c15a1f964d70d6b6fb931a0402337b0ed60e59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
x-content-type-options: nosniff
server: nginx
age: 0
etag: W/"a39-CLuR/GiPbCePrEVhqMqEldJ9ZEE"
x-download-options: noopen
x-dns-prefetch-control: off
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 2617
x-xss-protection: 1; mode=block

GET
H2 200 Notice.cebe9.css
cmp.heise.de/ Frame EE6E 33 KB
6 KB 23ms
22ms Stylesheet
text/css 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.cebe9.css
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:25:08 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2697
x-amz-server-side-encryption: AES256
etag: W/"2906e24155ed9b893ffa1589740821ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: cBwab7Z3fJ3m_EBY6WwiQ1b4TI7NNmgDmumt7dlEIrT71gI0UgDsWg==

GET
H2 200 polyfills.d36c5.js Show response
cmp.heise.de/ Frame EE6E 5 KB
2 KB 23ms
23ms Script
text/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/polyfills.d36c5.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:21:00 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2946
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 2ar78ikPO0V7_95d1M7QkgpQVialmlk_vpyES_DJkM8dTciJeUPN5Q==

GET
H2 200 Notice.3712f.js Show response
cmp.heise.de/ Frame EE6E 262 KB
69 KB 26ms
25ms Script
text/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.3712f.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=bb910b03-5396-4774-a386-b7061471a0f8&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:25:09 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2697
x-amz-server-side-encryption: AES256
etag: W/"93ded739e3803e21694d7a33dfe765e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: CVAaTokfr4JKAIYj1ccxi08aybk2T5UJses7udASs0Je8t27EI-98g==

POST
H2 200 base.io Show response
data-fb7f8b3ae8.heise.de/ 0
178 B 26ms
26ms XHR
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/base.io
Requested by: Host: data-fb7f8b3ae8.heise.de
URL: https://data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 14:10:05 GMT
server: nginx
age: 0
vary: Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.heise.de
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed
content-length: 20

OPTIONS
H2 204 base.io
data-fb7f8b3ae8.heise.de/ Frame 0
0 23ms
23ms Preflight
text/plain 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/base.io
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.heise.de
access-control-max-age: 1728000
age: 0
cache-control: private
content-type: text/plain charset=UTF-8
date: Thu, 16 Mar 2023 14:10:05 GMT
last-modified: Thu, 16 Mar 2023 14:10:05 GMT
server: nginx
vary: Origin
x-hacc-refreshed

GET
H2 200 heise.de.js Show response
files.upscore.com/config/ 3 KB
2 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.upscore.com/config/heise.de.js
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d373947424427d60a3d7d2a48be1a9f4788b510cc3b77d5d8493bddeda5c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 11:39:38 GMT
server: cloudflare
x-amz-request-id: 7T82SKE36HQSHKKG
age: 3069
etag: W/"e4ffa8010e9a1365150b0257ae6b0317"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a8d93de3a75905e-FRA
x-amz-id-2: 03hy0UGubKOzt7grm46ZQQqP6pSvUjRD1bAZP4CnHMJL9xRAqZAFn0exSu+K31BqpUY8b9Msd40=

POST
H2 200 /
hit-pool.upscore.com/ 3 B
94 B 60ms
59ms Ping
text/plain 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit-pool.upscore.com/
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cf-ray: 7a8d93defb4e905e-FRA

GET
H2 200 ss3vf.c70.ltc.woff2
www.heise.de/assets/styles/fonts/ Frame EE6E 54 KB
54 KB 67ms
22ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ss3vf.c70.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cmp.heise.de/
Origin: https://cmp.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:18:33 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
last-modified: Tue, 14 Mar 2023 13:22:59 GMT
server: nginx
age: 6692
etag: "64107533-d648"
x-frame-options: DENY
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 54856
x-xss-protection: 1; mode=block

POST
H2 200 /
hit-pool.upscore.com/ 3 B
76 B 59ms
59ms Ping
text/plain 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit-pool.upscore.com/
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Mar 2023 14:10:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cf-ray: 7a8d93df0b5f905e-FRA

GET
H/1.1 200
OK onsite.min.js Show response
cdn.mateti.net/mcp/ 98 KB
32 KB 126ms
29ms Script
application/javascript 185.54.150.11
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mateti.net/mcp/onsite.min.js
Requested by: Host: responder.wt.heise.de
URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link&v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 95eeb54c17fa87e861d4e6ac7b53e1a584fc7dd4546fddb3a1af36d22e07337b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 14:10:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 10:01:13 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Cache-Control: public,max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 107ms
23ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.heise.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Mar 2023 14:10:05 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 14 B
366 B 96ms
24ms Fetch
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2023-03-16
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 34
Expires: 2023-03-16

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 2 KB
676 B 103ms
28ms Fetch
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: d30efd184a29672312463b65f5e2816721a16ffe5a858e6f884210c97b21af74

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2023-03-16
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 343
Expires: 2023-03-16

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 112ms
25ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.heise.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Mar 2023 14:10:05 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200 wt
prophet.heise.de/288689636920174/ 43 B
706 B 92ms
29ms Image
image/gif 185.54.150.27
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prophet.heise.de/288689636920174/wt?p=525,www.heise.de.news.wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691,1,1600x1200,24,1,1678975805767,0,1600x1200,0&eid=2167897580500864513&one=1&fns=1&la=en&cg1=www.heise.de&cg2=newsticker&cg3=news&cg4=wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691&cg9=wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691&cg10=beitrag&cg11=it&cg12=newsticker&cg13=free&cg16=7517691&mc=wt_mc%253Dnl.red.security.security-nl.2023-02-20.link.link&cp1=1%2F1&cp2=ddos-attacken%3Bflughafen%3Bflughaefen%3Bhacking%3Bluftfahrt&cp6=ddos-attacken%3Bflughafen%3Bflughaefen%3Bhacking%3Bluftfahrt&cp8=2023-02-16T13%3A06%3A00&cp10=ho%3Bsecurity%3Bnewsticker&cp14=free&cp15=Martin%20Holland&cp17=desktop&cp22=it&cp23=it&cp25=DDoS-Attacken%3F%20%E2%80%93%20Websites%20mehrerer%20deutscher%20Flugh%C3%A4fen%20offline&cp26=v5&cp28=newsticker&cp29=free&cp31=120&cp38=ho%3Bsecurity%3Bnewsticker&cp40=0&cs1=0&np=&pu=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: d3d94468 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 14:10:05 GMT
Last-Modified: Thu, 16 Mar 2023 14:10:05 GMT
Server: d3d94468
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Content-Type: image/gif;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow, noarchive
Keep-Alive: timeout=30
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 wt
prophet.heise.de/288689636920174/ 43 B
589 B 28ms
28ms Image
image/gif 185.54.150.27
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prophet.heise.de/288689636920174/wt?p=525,www.heise.de.news.wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691,1,1600x1200,24,1,1678975805774,2,1600x1200,0&eid=2167897580500864513&one=1&ct=ho.consent-wall&la=en&cp17=desktop&cs1=0&ck19=open&pu=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: d3d94468 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 14:10:05 GMT
Last-Modified: Thu, 16 Mar 2023 14:10:05 GMT
Server: d3d94468
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Content-Type: image/gif;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow, noarchive
Keep-Alive: timeout=30
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 964 B
846 B 28ms
28ms Fetch
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 0a9c7a6e8442889ffd0be67bda475412757ccdf2109646745c6e109c66bd989c

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2023-03-16
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 513
Expires: 2023-03-16

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 25ms
24ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.heise.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Mar 2023 14:10:06 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK ec18630b-29d0-46f7-8ad2-81a9d0c26b54.json Show response
cdn.mateti.net/mate/widget-config/688012155290337/ 3 KB
2 KB 100ms
25ms Fetch
application/json 185.54.150.11
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mateti.net/mate/widget-config/688012155290337/ec18630b-29d0-46f7-8ad2-81a9d0c26b54.json
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0a635eaccbbd2dc46b20eefd96196bddf7285f017c837e4f83a3b56a2b2f3072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 14:10:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 11:24:20 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 make-abo_dmp_672x1008px.png
am.heise.de/abo/06_ma/2023/ 346 KB
347 KB 453ms
154ms Image
image/png 2600:9000:2396:f800:1c:1ac7:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am.heise.de/abo/06_ma/2023/make-abo_dmp_672x1008px.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:f800:1c:1ac7:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 018d3bcc3b244a989ad2417e125a27315c78b54dc9dd35c9917d2251f677648f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:22:12 GMT
x-amz-version-id: Y_uzRIcoDUpWqGFPZdPJP8oH42SdA7vF
via: 1.1 26031c09f93c38d6692be2136bd85f06.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 10:21:07 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 13675
etag: "53b71f93b10f98646628eb3154dfab40"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 354156
x-amz-cf-id: T169UK1YXE0SGKVClfaMM5h57i38hCbB3r1FSy0lJRUyK1a2I_P8Hw==

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heise.de/news	1970-01-20 10:22:57	Name: wt_mcp_sid Value: 463071400
.heise.de/	1970-01-20 19:08:31	Name: _sp_su Value: false
.heise.de/	1970-01-20 14:42:07	Name: wt_nv Value: 1
.heise.de/	1969-12-31 23:59:59	Name: wt_nv_s Value: 1
.heise.de/	1969-12-31 23:59:59	Name: wt3_sid Value: %3B288689636920174
.heise.de/	1970-01-20 14:42:07	Name: wt3_eid Value: %3B288689636920174%7C2167897580500864513%232167897580522156986
.heise.de/	1969-12-31 23:59:59	Name: wt_rla Value: 288689636920174%2C2%2C1678975805770
prophet.heise.de/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !Qs2BTyzkGb6FvifpjGYh4zwSUbWZoHKoDMDjkjCzkWRqeJA/h/ssevrgmqmkYSQ6NwAtoJ/ABiZYiQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am.heise.de
api.heise.de
cdn.mateti.net
cmp.heise.de
data-fb7f8b3ae8.heise.de
files.upscore.com
heise.cloudimg.io
hit-pool.upscore.com
prophet.heise.de
r.mateti.net
responder.wt.heise.de
www.heise.de
108.138.17.31
185.54.150.11
185.54.150.12
185.54.150.27
2600:9000:2396:f800:1c:1ac7:3e40:93a1
2600:9000:2491:f000:b:f730:9800:93a1
2606:4700:10::6816:26e
2a02:2e0:3fe:1001:7777:772e:2:85
2a02:2e0:3fe:1001:ab1::
52.55.70.30
018d3bcc3b244a989ad2417e125a27315c78b54dc9dd35c9917d2251f677648f
0a635eaccbbd2dc46b20eefd96196bddf7285f017c837e4f83a3b56a2b2f3072
0a9c7a6e8442889ffd0be67bda475412757ccdf2109646745c6e109c66bd989c
0ebf392a8dc474a819a0f36ab90c75647b2e7d119742304951acfecfa30739b7
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00
235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1
27535b213221942871207d4b519e5060c6633abfd599ffc0a17b1d46d1222938
3151046d00032f6ee55e687a47d8e4b81cf0c85005fdae76a4cc2004e7fbcd9e
3a5c006e43cef72a54f0a1e35ef86a10323eb99493791be543a1be1c8043ce19
3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592
40796bf7fbbf95147fddcdfcf1aad2800c405c106c6731cd369ac85804488f47
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478
4c5b8566730e50eb6585cf1616399614fcb24f7a5c6f4bb0f4fc8b1592e954dd
4d3a99c9584e4ecfbcacd338e86ca51019bb90cf2d5cf0b8c51c812e3421c7bb
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5ad0d8a7bb2796dd9de535368dbc94948c9f3590579472b863c7cfbd5ab2b991
5c0ffc6849fef78419015ab3a2f6676aca285bca54753d1d93516dfc97162999
605173585c53d1297eae39a7d39bc4a0864034af38763f83f0d6d4c64be85df5
612621f006f57292d7c4033d37a1fbcbfec9601e3961f7528ae726424ffe9e88
627349bbd5debfea5f80d87edf6c6a482df92e71bfad097b0a852384d10a9f52
826b8c517cfc53e771bd07fad89663ee844dc666ccdd825ad06c8da4d1ce13ec
8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f
95eeb54c17fa87e861d4e6ac7b53e1a584fc7dd4546fddb3a1af36d22e07337b
986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb
9f65563ae31c12f03c28d38d4733c76cf3075b12cf82fbe04cdbf1b5d9e27cdc
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a696e0df7ef17decbb4edfa00f128a36f98fee575cbcc2c57f83419402e34610
ae178608bad9c15415676b377fe100b2c3666751501ec215e4d7b974992c1a0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32d2cf3fc08037b1b2fbad22c15a1f964d70d6b6fb931a0402337b0ed60e59b
b3af4bcefa1f2c38962dd5de11f0ad8c5a847824e0761badd888da3ac78a872d
b4c28b398197245959e163d34b5f55e1b5047b886fe85cb5ce318b2867428b83
bd096226d9b1615254aa29ae8b2c4bb1f778d1cf79f0386f5fcd05a303f04e77
c945d9993e1195132c5980f691f8059a90131d3e8a11d0543fad9909a5d0b273
cade37a58088a67e374cf68d8c7e0b17e50dcbb628734c412e3492de70808384
cdf6eb48f69b9c64863691938ced2c251df7b47ba0df821d6b22a7d47ab89c54
d30efd184a29672312463b65f5e2816721a16ffe5a858e6f884210c97b21af74
d46b45450021ae5e04125b8b529b465cf8ccad11bf6acfa1c4cca244ef77ef6f
d7d373947424427d60a3d7d2a48be1a9f4788b510cc3b77d5d8493bddeda5c58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc
f2fb31c5483847059bc2e53cf21d7e2879dade0720300e1d55b8064710e1b417
f38aae4fbc15d91f53511da30a18c11e0d3be585c7757d9714fcaa84edaff78c
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

www.heise.de Open in urlscan Pro 2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

50 %IPv6

4 Domains

12 Subdomains

11 IPs

2 Countries

1283 kBTransfer

2940 kBSize

8 Cookies

36 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

12
Subdomains

11
IPs

2
Countries

1283 kB
Transfer

2940 kB
Size

8
Cookies

59 HTTP transactions
1 data transactions