URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=n...
Submission: On March 14 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 4 domains to perform 58 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:2:85, located in Germany and belongs to PLUSLINE, DE. The main domain is www.heise.de. The Cisco Umbrella rank of the primary domain is 51218.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.
This is the only time www.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 2a02:2e0:3fe:... 12306 (PLUSLINE)
10 108.138.17.29 16509 (AMAZON-02)
1 54.83.79.94 14618 (AMAZON-AES)
1 2600:9000:249... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:2e0:3fe:... 12306 (PLUSLINE)
2 185.54.150.11 60164 (WEBTREKK-AS)
2 185.54.150.27 60164 (WEBTREKK-AS)
6 185.54.150.12 60164 (WEBTREKK-AS)
1 2600:9000:225... 16509 (AMAZON-02)
58 11
Apex Domain
Subdomains
Transfer
46 heise.de
www.heise.de — Cisco Umbrella Rank: 51218
cmp.heise.de — Cisco Umbrella Rank: 134361
responder.wt.heise.de — Cisco Umbrella Rank: 179440
data-fb7f8b3ae8.heise.de — Cisco Umbrella Rank: 180079
api.heise.de — Cisco Umbrella Rank: 413604
prophet.heise.de — Cisco Umbrella Rank: 184230
am.heise.de — Cisco Umbrella Rank: 291882
1 MB
8 mateti.net
cdn.mateti.net — Cisco Umbrella Rank: 65785
r.mateti.net — Cisco Umbrella Rank: 101936
36 KB
3 upscore.com
files.upscore.com — Cisco Umbrella Rank: 48252
hit-pool.upscore.com — Cisco Umbrella Rank: 44021
15 KB
1 cloudimg.io
heise.cloudimg.io — Cisco Umbrella Rank: 101064
29 KB
58 4
Domain Requested by
25 www.heise.de www.heise.de
10 cmp.heise.de www.heise.de
cmp.heise.de
6 r.mateti.net cdn.mateti.net
5 data-fb7f8b3ae8.heise.de www.heise.de
data-fb7f8b3ae8.heise.de
2 prophet.heise.de www.heise.de
2 cdn.mateti.net responder.wt.heise.de
cdn.mateti.net
2 api.heise.de www.heise.de
2 files.upscore.com www.heise.de
files.upscore.com
1 am.heise.de www.heise.de
1 hit-pool.upscore.com files.upscore.com
1 heise.cloudimg.io www.heise.de
1 responder.wt.heise.de www.heise.de
58 12
Subject Issuer Validity Valid
www.heise.de
R3
2023-01-28 -
2023-04-28
3 months crt.sh
cmp.heise.de
R3
2023-01-27 -
2023-04-27
3 months crt.sh
responder.wt.heise.de
Sectigo RSA Domain Validation Secure Server CA
2022-10-12 -
2023-11-12
a year crt.sh
data-fb7f8b3ae8.heise.de
R3
2023-03-10 -
2023-06-08
3 months crt.sh
*.cloudimg.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2022-05-23 -
2023-05-31
a year crt.sh
*.upscore.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
api.heise.de
R3
2023-01-19 -
2023-04-19
3 months crt.sh
*.mateti.net
Sectigo RSA Domain Validation Secure Server CA
2023-01-13 -
2024-02-13
a year crt.sh
prophet.heise.de
Sectigo RSA Domain Validation Secure Server CA
2022-03-15 -
2023-04-15
a year crt.sh
am.heise.de
Amazon RSA 2048 M02
2023-03-01 -
2023-05-19
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Frame ID: 8541847F22FEC6459AC6E4F9EB5F0E4C
Requests: 48 HTTP requests in this frame

Frame: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
Frame ID: 40BAB6C09B4BDC232A41200C0E6C489B
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

DDoS-Attacken? – Websites mehrerer deutscher Flughäfen offline | heise online heise online Logoc't Magazin LogoiX Magazin LogoMIT Technology Review Logoc't Fotografie LogoMac an i LogoMake Logoheise-BotPush Nachrichtenheise online Logoc't Magazin LogoiX Magazin LogoMIT Technology Review Logoc't Fotografie LogoMac an i LogoMake Logoheise-BotPush Nachrichtencomments_outline_whiteheise-BotPush Nachrichten

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

58
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

12
Subdomains

11
IPs

2
Countries

1517 kB
Transfer

3173 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html
www.heise.de/news/
186 KB
48 KB
Document
General
Full URL
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
2258eb23f8fb97abad6ed2c496b1fadc3fb7dc31e3ee88d51abfba7417b1ddec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
503
cache-control
no-store
content-encoding
gzip
content-length
48666
content-type
text/html; charset=UTF-8
date
Tue, 14 Mar 2023 15:40:35 GMT
last-modified
Tue, 14 Mar 2023 15:40:35 GMT
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding, X-Export-Format, X-Export-Agent, X-Export-IAP
x-content-type-options
nosniff
x-frame-options
DENY
x-hacc-refreshed
x-xss-protection
1; mode=block
ss3vf.c70.ltc.woff2
www.heise.de/assets/styles/fonts/
54 KB
54 KB
Font
General
Full URL
https://www.heise.de/assets/styles/fonts/ss3vf.c70.ltc.woff2
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Origin
https://www.heise.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:23:01 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
last-modified
Tue, 14 Mar 2023 13:22:59 GMT
server
nginx
age
1557
etag
"64107533-d648"
x-frame-options
DENY
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://www.heise.de
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54856
x-xss-protection
1; mode=block
ss3vf-i.ec7.ltc.woff2
www.heise.de/assets/styles/fonts/
43 KB
43 KB
Font
General
Full URL
https://www.heise.de/assets/styles/fonts/ss3vf-i.ec7.ltc.woff2
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
bd096226d9b1615254aa29ae8b2c4bb1f778d1cf79f0386f5fcd05a303f04e77
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Origin
https://www.heise.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:23:01 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
last-modified
Tue, 14 Mar 2023 13:22:59 GMT
server
nginx
age
1557
etag
"64107533-ab88"
x-frame-options
DENY
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://www.heise.de
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
43912
x-xss-protection
1; mode=block
common-icons.svg
www.heise.de/icons/
13 KB
5 KB
Image
General
Full URL
https://www.heise.de/icons/common-icons.svg
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
4d3a99c9584e4ecfbcacd338e86ca51019bb90cf2d5cf0b8c51c812e3421c7bb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 16 Jan 2023 13:28:11 GMT
server
nginx
age
5384
etag
W/"63c550eb-32ae"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=7200
accept-ranges
bytes
content-length
4480
x-xss-protection
1; mode=block
index.css
www.heise.de/assets/styles/
62 KB
12 KB
Stylesheet
General
Full URL
https://www.heise.de/assets/styles/index.css?.ltc.86d38a4c2b4f36a61089
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
612621f006f57292d7c4033d37a1fbcbfec9601e3961f7528ae726424ffe9e88
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Mar 2023 13:22:59 GMT
server
nginx
age
1548
etag
W/"64107533-f8c7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11640
x-xss-protection
1; mode=block
wrapperMessagingWithoutDetection.js
cmp.heise.de/unified/
120 KB
35 KB
Script
General
Full URL
https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cade37a58088a67e374cf68d8c7e0b17e50dcbb628734c412e3492de70808384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:23:28 GMT
content-encoding
br
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 14:22:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1533
x-amz-server-side-encryption
AES256
etag
W/"6e2eb4cf04afb8fdacf49f1e813438b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
EbYOj876FxsnE8zmDwbjxDBNsVNRj7wHZ54ExIsST82QJoHrpDtSXQ==
ho.css
www.heise.de/assets/heise/ho/css/
292 KB
44 KB
Stylesheet
General
Full URL
https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.d93a99a3e0ca6d7278ff
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
5c0ffc6849fef78419015ab3a2f6676aca285bca54753d1d93516dfc97162999
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Mar 2023 09:31:53 GMT
server
nginx
age
1023
etag
W/"64103f09-491d2"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44334
x-xss-protection
1; mode=block
akwa.js
www.heise.de/assets/akwa/v24/js/
245 KB
74 KB
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
826b8c517cfc53e771bd07fad89663ee844dc666ccdd825ad06c8da4d1ce13ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
5482
etag
W/"640f1455-3d55b"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
75611
x-xss-protection
1; mode=block
ho.js
www.heise.de/assets/heise/ho/js/
120 KB
39 KB
Script
General
Full URL
https://www.heise.de/assets/heise/ho/js/ho.js?.ltc.3eb51a1b1bc464c0a14b
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
605173585c53d1297eae39a7d39bc4a0864034af38763f83f0d6d4c64be85df5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Mar 2023 09:31:45 GMT
server
nginx
age
1024
etag
W/"64103f01-1e0e9"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
39162
x-xss-protection
1; mode=block
qwant_q.svg
www.heise.de/icons/svg/icons/svg/
1 KB
762 B
Image
General
Full URL
https://www.heise.de/icons/svg/icons/svg/qwant_q.svg
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
a696e0df7ef17decbb4edfa00f128a36f98fee575cbcc2c57f83419402e34610
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Thu, 19 Jan 2023 14:57:31 GMT
server
nginx
age
5383
etag
W/"63c95a5b-518"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=7200
accept-ranges
bytes
content-length
644
x-xss-protection
1; mode=block
akwa.css
www.heise.de/assets/akwa/v24/css/
44 KB
8 KB
Stylesheet
General
Full URL
https://www.heise.de/assets/akwa/v24/css/akwa.css?.ltc.dcef129a408f905c8ad2
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
f38aae4fbc15d91f53511da30a18c11e0d3be585c7757d9714fcaa84edaff78c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:27 GMT
server
nginx
age
5482
etag
"640f1457-afe4"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7614
x-xss-protection
1; mode=block
Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html
www.heise.de/ivw-bin/ivw/CP/news/
43 B
233 B
Image
General
Full URL
https://www.heise.de/ivw-bin/ivw/CP/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:00 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
age
0
content-length
43
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jan 2011 15:58:20 GMT
server
nginx
etag
"4d385b9c-2b"
x-frame-options
DENY
vary
content-type
image/gif
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
accept-ranges
bytes
x-hacc-refreshed
expires
Tue, 14 Mar 2023 15:49:00 GMT
common-icons.svg
www.heise.de/icons/
13 KB
5 KB
Other
General
Full URL
https://www.heise.de/icons/common-icons.svg
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
4d3a99c9584e4ecfbcacd338e86ca51019bb90cf2d5cf0b8c51c812e3421c7bb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 16 Jan 2023 13:28:11 GMT
server
nginx
age
5384
etag
W/"63c550eb-32ae"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=7200
accept-ranges
bytes
content-length
4480
x-xss-protection
1; mode=block
truncated
/
162 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
magazine_v1.457e.ltc.svg
www.heise.de/assets/heise/images/
2 KB
941 B
Image
General
Full URL
https://www.heise.de/assets/heise/images/magazine_v1.457e.ltc.svg
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.d93a99a3e0ca6d7278ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.d93a99a3e0ca6d7278ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Mar 2023 09:31:47 GMT
server
nginx
age
5382
etag
W/"64103f03-622"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
823
x-xss-protection
1; mode=block
gdpr-tcf.4beb2afb0070f1a389db.bundle.js
cmp.heise.de/unified/4.6.2/
86 KB
18 KB
Script
General
Full URL
https://cmp.heise.de/unified/4.6.2/gdpr-tcf.4beb2afb0070f1a389db.bundle.js
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a5c006e43cef72a54f0a1e35ef86a10323eb99493791be543a1be1c8043ce19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:23:29 GMT
content-encoding
br
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 17:13:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
5132
etag
W/"e4bf94e14b325568efb7d08b31403756"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
hNm3cWQYXZpAKxcZpa-CgpQYF33c63dLJ4ehylugiwEeKC-bcT_9eA==
meta-data
cmp.heise.de/wrapper/v2/
227 B
755 B
XHR
General
Full URL
https://cmp.heise.de/wrapper/v2/meta-data?hasCsp=true&accountId=1603&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=14602&scriptVersion=4.6.2&scriptType=unified
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
c945d9993e1195132c5980f691f8059a90131d3e8a11d0543fad9909a5d0b273
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 15:23:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1530
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
227
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
CixvsbNT93Gn4ukCbXNI5c-qguJYYoCsqjggb6ZuSTXAHmZkxdimyg==
meta-data
cmp.heise.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cmp.heise.de/wrapper/v2/meta-data?hasCsp=true&accountId=1603&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=14602&scriptVersion=4.6.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heise.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
5130
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 14 Mar 2023 14:23:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-id
IILi9LQ6pObm7GaDthv_Oo-Zs4z4IK_hp1AEykmRDjdxMNZYRjIl1Q==
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
x-powered-by
Express
messages
cmp.heise.de/wrapper/v2/
81 KB
9 KB
XHR
General
Full URL
https://cmp.heise.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1603%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%22%2C%22propertyId%22%3A14602%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&scriptVersion=4.6.2&scriptType=unified
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
67a89d3774455a93f15f0eec6c75731fbd35d3c30171b134e611ba53c55763c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 15:49:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
ReLX1LJQ2_NhffisJu59c06QwZbXpaEE8PLXeSxRhSc2GR4x5mwhYw==
messages
cmp.heise.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cmp.heise.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1603%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%22%2C%22propertyId%22%3A14602%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&scriptVersion=4.6.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heise.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 14 Mar 2023 15:49:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-id
Q6fTGY8X7io8QNO6WxAP7eZee2eig0z-NkDZzEqgQzWA-uiPxZayZQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-powered-by
Express
index.html
cmp.heise.de/ Frame 40BA
4 KB
2 KB
Document
General
Full URL
https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00

Request headers

Referer
https://www.heise.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2416
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Tue, 14 Mar 2023 15:08:44 GMT
etag
W/"56ced6c92a94bd4ee47d5c270e624599"
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-id
1J-yjQkOU9gWNiPHr26l6iT1Ms5bDyUCbqMfaJmuigzzwbbf_fuMag==
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Notice.cebe9.css
cmp.heise.de/ Frame 40BA
33 KB
6 KB
Stylesheet
General
Full URL
https://cmp.heise.de/Notice.cebe9.css
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:57:26 GMT
content-encoding
gzip
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
3095
etag
W/"2906e24155ed9b893ffa1589740821ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
_xvCEdX34cdEaj82VuVM7wfw2xY3rEZLTFmm0ZjLW0ISPMYDIUW14A==
polyfills.d36c5.js
cmp.heise.de/ Frame 40BA
5 KB
2 KB
Script
General
Full URL
https://cmp.heise.de/polyfills.d36c5.js
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:25:58 GMT
content-encoding
gzip
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1383
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
UgpthGKz57yViYGOwZDBCvBiMR5o-dunkruYkSYwaxVjQ7ZwTJZdHg==
Notice.3712f.js
cmp.heise.de/ Frame 40BA
262 KB
69 KB
Script
General
Full URL
https://cmp.heise.de/Notice.3712f.js
Requested by
Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp.heise.de/index.html?message_id=760088&consentUUID=null&requestUUID=43f3182b-22d2-4771-be48-2265560173bf&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:59:55 GMT
content-encoding
gzip
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
2946
x-amz-server-side-encryption
AES256
etag
W/"93ded739e3803e21694d7a33dfe765e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
E5i2ycsWtTnDVsL4UfqIVO9CRLw13oDFaaeKvdlCaNB-dOtoHkrFCg==
ss3vf.c70.ltc.woff2
www.heise.de/assets/styles/fonts/ Frame 40BA
54 KB
54 KB
Font
General
Full URL
https://www.heise.de/assets/styles/fonts/ss3vf.c70.ltc.woff2
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cmp.heise.de/
Origin
https://cmp.heise.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:23:02 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
last-modified
Tue, 14 Mar 2023 13:22:59 GMT
server
nginx
age
1558
etag
"64107533-d648"
x-frame-options
DENY
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://cmp.heise.de
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54856
x-xss-protection
1; mode=block
urls
www.heise.de/sso/login/
361 B
403 B
Fetch
General
Full URL
https://www.heise.de/sso/login/urls
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
03211190cd9ed0c9a07bf7226a1d6f0ae9bb1f9387cff33e90e8cc458017178a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
age
0
content-length
180
x-xss-protection
1; mode=block
last-modified
Tue, 14 Mar 2023 15:49:01 GMT
server
nginx
x-frame-options
DENY
vary
Accept-Encoding, Cookie
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.heise.de
cache-control
private,must-revalidate,max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
x-hacc-refreshed
938.f4f636.ltc.js
www.heise.de/assets/akwa/v24/js/
185 KB
58 KB
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/938.f4f636.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
b4c28b398197245959e163d34b5f55e1b5047b886fe85cb5ce318b2867428b83
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
4859
etag
W/"640f1455-2e3b7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
59435
x-xss-protection
1; mode=block
embetty.bde696.ltc.js
www.heise.de/assets/akwa/v24/js/
110 B
227 B
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/embetty.bde696.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
b3af4bcefa1f2c38962dd5de11f0ad8c5a847824e0761badd888da3ac78a872d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
4859
etag
W/"640f1455-6e"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
111
x-xss-protection
1; mode=block
94.6f1936.ltc.js
www.heise.de/assets/akwa/v24/js/
0
81 KB
Other
General
Full URL
https://www.heise.de/assets/akwa/v24/js/94.6f1936.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
5488
etag
"640f1455-3ef45"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
82434
x-xss-protection
1; mode=block
prebid.b4b497.ltc.js
www.heise.de/assets/akwa/v24/js/
0
290 B
Other
General
Full URL
https://www.heise.de/assets/akwa/v24/js/prebid.b4b497.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
5489
etag
W/"640f1455-cc"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
173
x-xss-protection
1; mode=block
133.ffbd2e.ltc.js
www.heise.de/assets/akwa/v24/js/
0
28 KB
Other
General
Full URL
https://www.heise.de/assets/akwa/v24/js/133.ffbd2e.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:27 GMT
server
nginx
age
5488
etag
W/"640f1457-14a55"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28202
x-xss-protection
1; mode=block
prismjs.327aba.ltc.js
www.heise.de/assets/akwa/v24/js/
0
383 B
Other
General
Full URL
https://www.heise.de/assets/akwa/v24/js/prismjs.327aba.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
5488
etag
W/"640f1455-18f"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
265
x-xss-protection
1; mode=block
288689636920174
responder.wt.heise.de/resp/api/get/
172 KB
44 KB
Script
General
Full URL
https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link&v=5
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.79.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-79-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cdf6eb48f69b9c64863691938ced2c251df7b47ba0df821d6b22a7d47ab89c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 15:49:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 11:32:55 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age: 0, must-revalidate
Connection
keep-alive
stub.js
data-fb7f8b3ae8.heise.de/iomm/latest/bootstrap/
323 B
548 B
Script
General
Full URL
https://data-fb7f8b3ae8.heise.de/iomm/latest/bootstrap/stub.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
0ebf392a8dc474a819a0f36ab90c75647b2e7d119742304951acfecfa30739b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:01 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 09:12:31 GMT
server
nginx
age
0
etag
W/"6315bd7f-143"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed
content-length
231
94.6f1936.ltc.js
www.heise.de/assets/akwa/v24/js/
252 KB
81 KB
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/94.6f1936.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
f2fb31c5483847059bc2e53cf21d7e2879dade0720300e1d55b8064710e1b417
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
5488
etag
"640f1455-3ef45"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
82434
x-xss-protection
1; mode=block
prebid.b4b497.ltc.js
www.heise.de/assets/akwa/v24/js/
204 B
290 B
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/prebid.b4b497.ltc.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
5ad0d8a7bb2796dd9de535368dbc94948c9f3590579472b863c7cfbd5ab2b991
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Mar 2023 12:17:25 GMT
server
nginx
age
5489
etag
W/"640f1455-cc"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
173
x-xss-protection
1; mode=block
px.js
www.heise.de/assets/akwa/v24/js/
0
98 B
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/px.js?ch=1
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
last-modified
Mon, 13 Mar 2023 12:17:27 GMT
server
nginx
age
5490
etag
"640f1457-0"
x-frame-options
DENY
vary
Origin
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
px.js
www.heise.de/assets/akwa/v24/js/
0
98 B
Script
General
Full URL
https://www.heise.de/assets/akwa/v24/js/px.js?ch=2
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 14:17:30 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
last-modified
Mon, 13 Mar 2023 12:17:26 GMT
server
nginx
age
5491
etag
"640f1456-0"
x-frame-options
DENY
vary
Origin
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
shutterstock_1414652729-15be3c3aecd7f0c5.jpeg
heise.cloudimg.io/v7/_www-heise-de_/imgs/18/3/7/0/2/9/1/3/
28 KB
29 KB
Image
General
Full URL
https://heise.cloudimg.io/v7/_www-heise-de_/imgs/18/3/7/0/2/9/1/3/shutterstock_1414652729-15be3c3aecd7f0c5.jpeg?force_format=avif%2Cwebp%2Cjpeg&org_if_sml=1&q=85&width=610
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1200:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Scaleflex HTTP Loadbalancer /
Resource Hash
9f65563ae31c12f03c28d38d4733c76cf3075b12cf82fbe04cdbf1b5d9e27cdc
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 12:11:29 GMT
x-hexa-sleepingtime
0
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-amz-cf-pop
FRA56-P7
age
2259453
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-origin-visibility
OV_NORMAL_FILE
x-cache
Hit from cloudfront
content-length
28906
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 89s ago, no_wait
server
Scaleflex HTTP Loadbalancer
x-cloudimg-traceid
CiI_009_20230216121129_5c642_yIW6#320y
etag
"b69dea2b101af3d0e4f85675a5f714e1"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=31536000, public
vary
Accept-Encoding,Accept
timing-allow-origin
*
x-amz-cf-id
lENKS_ogAvs-He3288PbsxI5cnByTvcM122nSw5wFP7Jl8OzgStX7w==
upScore.js
files.upscore.com/async/
39 KB
14 KB
Script
General
Full URL
https://files.upscore.com/async/upScore.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27535b213221942871207d4b519e5060c6633abfd599ffc0a17b1d46d1222938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:01 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 14:00:08 GMT
server
cloudflare
x-amz-request-id
CQDNG5Z72KMBQ91D
age
6432
etag
W/"add40eab6ce2ba695166064c1eafe293"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a7daa0f0c86364b-FRA
x-amz-id-2
go486zZtMpSqGtYqzHk6afSkuKGbQAzParphsulPrXqHu35BogcOxk5qjAIdZoV7as/6CYJlvGo=
bundle.js
data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/
59 KB
18 KB
Script
General
Full URL
https://data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/bundle.js
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.1789559c437552b38d96
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
ae178608bad9c15415676b377fe100b2c3666751501ec215e4d7b974992c1a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:01 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 09:12:31 GMT
server
nginx
age
0
etag
W/"6315bd7f-eb52"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed
1626147198906908672
api.heise.de/svc/embetty/tweet/
3 KB
1 KB
Fetch
General
Full URL
https://api.heise.de/svc/embetty/tweet/1626147198906908672
Requested by
Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/938.f4f636.ltc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:ab1:: , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
40796bf7fbbf95147fddcdfcf1aad2800c405c106c6731cd369ac85804488f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
etag
W/"a2b-U22ZIerpl9fbZscbG+Dj0+swn2A"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heise.de
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1101
x-xss-protection
1; mode=block
bundle.js
data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/
26 KB
10 KB
Script
General
Full URL
https://data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/bundle.js
Requested by
Host: data-fb7f8b3ae8.heise.de
URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
d46b45450021ae5e04125b8b529b465cf8ccad11bf6acfa1c4cca244ef77ef6f

Request headers

Referer
https://www.heise.de/
Origin
https://www.heise.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:02 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 10:13:46 GMT
server
nginx
age
0
etag
W/"62c5605a-681d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.heise.de
cache-control
private
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed
heise.de.js
files.upscore.com/config/
3 KB
2 KB
Script
General
Full URL
https://files.upscore.com/config/heise.de.js
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7d373947424427d60a3d7d2a48be1a9f4788b510cc3b77d5d8493bddeda5c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:01 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 11:39:38 GMT
server
cloudflare
x-amz-request-id
9NHA0BVZ60RYSP6J
age
3195
etag
W/"e4ffa8010e9a1365150b0257ae6b0317"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a7daa0f3cdd364b-FRA
x-amz-id-2
K1oJt3HHmOKm2DFKnxTTW6+evJOoZfFW9BP08KrNCQIO1FigugB9RtKsHK+hLBtj17hjiQUbowI=
1626147198906908672-profile-image
api.heise.de/svc/embetty/tweet/
3 KB
3 KB
Image
General
Full URL
https://api.heise.de/svc/embetty/tweet/1626147198906908672-profile-image
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:ab1:: , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
b32d2cf3fc08037b1b2fbad22c15a1f964d70d6b6fb931a0402337b0ed60e59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 15:49:02 GMT
x-content-type-options
nosniff
server
nginx
age
0
etag
W/"a39-CLuR/GiPbCePrEVhqMqEldJ9ZEE"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=600
accept-ranges
bytes
content-length
2617
x-xss-protection
1; mode=block
/
hit-pool.upscore.com/
3 B
117 B
Ping
General
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Mar 2023 15:49:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
7a7daa0fadb4364b-FRA
onsite.min.js
cdn.mateti.net/mcp/
98 KB
32 KB
Script
General
Full URL
https://cdn.mateti.net/mcp/onsite.min.js
Requested by
Host: responder.wt.heise.de
URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link&v=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
85958d4bcc77ceb5820b70c8e88984dfca1a72e65f31324c87863eccc0119aff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 15:49:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Mar 2023 09:08:34 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS
Cache-Control
public,max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
wt
prophet.heise.de/288689636920174/
43 B
706 B
Image
General
Full URL
https://prophet.heise.de/288689636920174/wt?p=525,www.heise.de.news.wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691,1,1600x1200,24,1,1678808942555,0,1600x1200,0&eid=2167880894200295663&one=1&fns=1&la=en&cg1=www.heise.de&cg2=newsticker&cg3=news&cg4=wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691&cg9=wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691&cg10=beitrag&cg11=it&cg12=newsticker&cg13=free&cg16=7517691&mc=wt_mc%253Dnl.red.security.security-nl.2023-02-20.link.link&cp1=1%2F1&cp2=ddos-attacken%3Bflughafen%3Bflughaefen%3Bhacking%3Bluftfahrt&cp6=ddos-attacken%3Bflughafen%3Bflughaefen%3Bhacking%3Bluftfahrt&cp8=2023-02-16T13%3A06%3A00&cp10=ho%3Bsecurity%3Bnewsticker&cp14=free&cp15=Martin%20Holland&cp17=desktop&cp22=it&cp23=it&cp25=DDoS-Attacken%3F%20%E2%80%93%20Websites%20mehrerer%20deutscher%20Flugh%C3%A4fen%20offline&cp26=v5&cp28=newsticker&cp29=free&cp31=120&cp38=ho%3Bsecurity%3Bnewsticker&cp40=0&cs1=0&np=&pu=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
c4ca4238 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Mar 2023 15:49:02 GMT
Last-Modified
Tue, 14 Mar 2023 15:49:02 GMT
Server
c4ca4238
P3P
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, noarchive
Keep-Alive
timeout=30
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
wt
prophet.heise.de/288689636920174/
43 B
589 B
Image
General
Full URL
https://prophet.heise.de/288689636920174/wt?p=525,www.heise.de.news.wohl-nach-ddos-angriffen-mehrere-websites-deutscher-flughaefen-offline-7517691,1,1600x1200,24,1,1678808942563,2,1600x1200,0&eid=2167880894200295663&one=1&ct=ho.consent-wall&la=en&cp17=desktop&cs1=0&ck19=open&pu=https%3A%2F%2Fwww.heise.de%2Fnews%2FWohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html%3Fwt_mc%3Dnl.red.security.security-nl.2023-02-20.link.link
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
c4ca4238 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Mar 2023 15:49:02 GMT
Last-Modified
Tue, 14 Mar 2023 15:49:02 GMT
Server
c4ca4238
P3P
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, noarchive
Keep-Alive
timeout=30
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
rdfs
r.mateti.net/ Frame
0
0
Preflight
General
Full URL
https://r.mateti.net/rdfs?cfg=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heise.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.heise.de
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Mar 2023 15:49:02 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
rdfs
r.mateti.net/ Frame
0
0
Preflight
General
Full URL
https://r.mateti.net/rdfs?cfg=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heise.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.heise.de
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Mar 2023 15:49:02 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
rdfs
r.mateti.net/
14 B
366 B
Fetch
General
Full URL
https://r.mateti.net/rdfs?cfg=1
Requested by
Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
/
Resource Hash
8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
2023-03-14
Content-Encoding
gzip
Vary
Origin,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.heise.de
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
34
Expires
2023-03-14
rdfs
r.mateti.net/
2 KB
645 B
Fetch
General
Full URL
https://r.mateti.net/rdfs?cfg=1
Requested by
Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
/
Resource Hash
11c3a72378d1cd29ac6b939948d1d5023c5ca467c34fc15f854db9bed7cbc308

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
2023-03-14
Content-Encoding
gzip
Vary
Origin,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.heise.de
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
312
Expires
2023-03-14
rdfs
r.mateti.net/
741 B
824 B
Fetch
General
Full URL
https://r.mateti.net/rdfs
Requested by
Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
/
Resource Hash
2fed08711638e324011ed6e70a6eb5f6f6d933c55439b7c9fd5c258bae458e39

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
2023-03-14
Content-Encoding
gzip
Vary
Origin,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.heise.de
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
491
Expires
2023-03-14
rdfs
r.mateti.net/ Frame
0
0
Preflight
General
Full URL
https://r.mateti.net/rdfs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heise.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.heise.de
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Mar 2023 15:49:03 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
base.io
data-fb7f8b3ae8.heise.de/
0
178 B
XHR
General
Full URL
https://data-fb7f8b3ae8.heise.de/base.io
Requested by
Host: data-fb7f8b3ae8.heise.de
URL: https://data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heise.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 14 Mar 2023 15:49:03 GMT
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:49:03 GMT
server
nginx
age
0
vary
Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.heise.de
cache-control
private
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
x-hacc-refreshed
content-length
20
base.io
data-fb7f8b3ae8.heise.de/ Frame
0
0
Preflight
General
Full URL
https://data-fb7f8b3ae8.heise.de/base.io
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heise.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.heise.de
access-control-max-age
1728000
age
0
cache-control
private
content-type
text/plain charset=UTF-8
date
Tue, 14 Mar 2023 15:49:03 GMT
last-modified
Tue, 14 Mar 2023 15:49:03 GMT
server
nginx
vary
Origin
x-hacc-refreshed
7a38b91c-3edb-4df0-bff5-631764c70a52.json
cdn.mateti.net/mate/widget-config/688012155290337/
3 KB
2 KB
Fetch
General
Full URL
https://cdn.mateti.net/mate/widget-config/688012155290337/7a38b91c-3edb-4df0-bff5-631764c70a52.json
Requested by
Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0a635eaccbbd2dc46b20eefd96196bddf7285f017c837e4f83a3b56a2b2f3072

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 15:49:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Mar 2023 08:37:11 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tr02_dmp_672x1008px_02-2023.png
am.heise.de/abo/03_tr/2023/
579 KB
580 KB
Image
General
Full URL
https://am.heise.de/abo/03_tr/2023/tr02_dmp_672x1008px_02-2023.png
Requested by
Host: www.heise.de
URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:1c:1ac7:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9e2c39257e5feae68dc1ee7bd9d189b9a9b18275da8f50b72dc22b0e4867b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heise.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
EeBPz27yEfTw2I5oYn8zLkGNbYdAud0G
date
Mon, 13 Mar 2023 22:47:06 GMT
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Wed, 22 Feb 2023 13:45:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
61323
x-amz-server-side-encryption
AES256
etag
"3b16b21919b0d06b962b5b41fafeec4a"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
593138
x-amz-cf-id
uZj_UDthSChtbjhRC_Vv1v0BbFYijvp3yPXw4WqZeGZwcTxCqxVXRQ==

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| ls undefined| kameleoonScript function| _typeof function| __tcfapi object| _sp_queue object| _sp_ string| currentSite object| noPurUrls boolean| showNoPurConsentEditButton undefined| noPurPrivacyManagerId undefined| consentEditContainer undefined| gdprFooterLink undefined| noPurPmJs object| _sp_wp_jsonp object| webpackChunkakwa object| WebComponents function| __extends function| __assign function| __rest function| __decorate function| __param function| __esDecorate function| __runInitializers function| __propKey function| __setFunctionName function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| _tiConfig object| wts object| googletag object| pbjs function| __CE_installPolyfill object| ShadyCSS function| upScore string| IOMmGlobalObject function| IOMm object| iom function| docReady function| load object| wt_safetag function| wt_teaserTracking function| wt_marketingAutomation object| wt_mcp_config string| wt_mcp_eid function| wt_kameleoon function| wt_campixel function| wt_scrollposition object| webtrekkConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects function| WebtrekkV3 function| webtrekkV3 function| wt_pixelConfig object| wt object| wt_ttv2 object| wt_tt object| _pbjsGlobals object| webtrekkTeaserTest

8 Cookies

Domain/Path Name / Value
.heise.de/news Name: wt_mcp_sid
Value: 3420942079
.heise.de/ Name: _sp_su
Value: false
.heise.de/ Name: wt_nv
Value: 1
.heise.de/ Name: wt_nv_s
Value: 1
.heise.de/ Name: wt3_sid
Value: %3B288689636920174
.heise.de/ Name: wt3_eid
Value: %3B288689636920174%7C2167880894200295663%232167880894215545490
.heise.de/ Name: wt_rla
Value: 288689636920174%2C2%2C1678808942557
prophet.heise.de/ Name: wt_nbg_Q3
Value: !EcD+6slWBPWXebHpjGYh4zwSUbWZoCSdN+gZt/NRbiwXeoZ2kGIwu1Z2eK4LQWvEvVklISp4he53Kg==

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.heise.de/news/Wohl-nach-DDoS-Angriffen-Mehrere-Websites-deutscher-Flughaefen-offline-7517691.html?wt_mc=nl.red.security.security-nl.2023-02-20.link.link
Message:
The resource https://www.heise.de/icons/common-icons.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am.heise.de
api.heise.de
cdn.mateti.net
cmp.heise.de
data-fb7f8b3ae8.heise.de
files.upscore.com
heise.cloudimg.io
hit-pool.upscore.com
prophet.heise.de
r.mateti.net
responder.wt.heise.de
www.heise.de
108.138.17.29
185.54.150.11
185.54.150.12
185.54.150.27
2600:9000:2250:a00:1c:1ac7:3e40:93a1
2600:9000:2491:1200:b:f730:9800:93a1
2606:4700:10::6816:36e
2a02:2e0:3fe:1001:7777:772e:2:85
2a02:2e0:3fe:1001:ab1::
54.83.79.94
03211190cd9ed0c9a07bf7226a1d6f0ae9bb1f9387cff33e90e8cc458017178a
0a635eaccbbd2dc46b20eefd96196bddf7285f017c837e4f83a3b56a2b2f3072
0ebf392a8dc474a819a0f36ab90c75647b2e7d119742304951acfecfa30739b7
11c3a72378d1cd29ac6b939948d1d5023c5ca467c34fc15f854db9bed7cbc308
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00
2258eb23f8fb97abad6ed2c496b1fadc3fb7dc31e3ee88d51abfba7417b1ddec
235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1
27535b213221942871207d4b519e5060c6633abfd599ffc0a17b1d46d1222938
2fed08711638e324011ed6e70a6eb5f6f6d933c55439b7c9fd5c258bae458e39
3a5c006e43cef72a54f0a1e35ef86a10323eb99493791be543a1be1c8043ce19
3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592
40796bf7fbbf95147fddcdfcf1aad2800c405c106c6731cd369ac85804488f47
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478
4d3a99c9584e4ecfbcacd338e86ca51019bb90cf2d5cf0b8c51c812e3421c7bb
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5ad0d8a7bb2796dd9de535368dbc94948c9f3590579472b863c7cfbd5ab2b991
5c0ffc6849fef78419015ab3a2f6676aca285bca54753d1d93516dfc97162999
605173585c53d1297eae39a7d39bc4a0864034af38763f83f0d6d4c64be85df5
612621f006f57292d7c4033d37a1fbcbfec9601e3961f7528ae726424ffe9e88
67a89d3774455a93f15f0eec6c75731fbd35d3c30171b134e611ba53c55763c0
826b8c517cfc53e771bd07fad89663ee844dc666ccdd825ad06c8da4d1ce13ec
85958d4bcc77ceb5820b70c8e88984dfca1a72e65f31324c87863eccc0119aff
8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f
986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb
9f65563ae31c12f03c28d38d4733c76cf3075b12cf82fbe04cdbf1b5d9e27cdc
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a696e0df7ef17decbb4edfa00f128a36f98fee575cbcc2c57f83419402e34610
ae178608bad9c15415676b377fe100b2c3666751501ec215e4d7b974992c1a0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32d2cf3fc08037b1b2fbad22c15a1f964d70d6b6fb931a0402337b0ed60e59b
b3af4bcefa1f2c38962dd5de11f0ad8c5a847824e0761badd888da3ac78a872d
b4c28b398197245959e163d34b5f55e1b5047b886fe85cb5ce318b2867428b83
bd096226d9b1615254aa29ae8b2c4bb1f778d1cf79f0386f5fcd05a303f04e77
c945d9993e1195132c5980f691f8059a90131d3e8a11d0543fad9909a5d0b273
cade37a58088a67e374cf68d8c7e0b17e50dcbb628734c412e3492de70808384
cdf6eb48f69b9c64863691938ced2c251df7b47ba0df821d6b22a7d47ab89c54
d46b45450021ae5e04125b8b529b465cf8ccad11bf6acfa1c4cca244ef77ef6f
d7d373947424427d60a3d7d2a48be1a9f4788b510cc3b77d5d8493bddeda5c58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc
e9e2c39257e5feae68dc1ee7bd9d189b9a9b18275da8f50b72dc22b0e4867b9d
f2fb31c5483847059bc2e53cf21d7e2879dade0720300e1d55b8064710e1b417
f38aae4fbc15d91f53511da30a18c11e0d3be585c7757d9714fcaa84edaff78c
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b