urlscan.io logo urlscan.io
SecurityTrails logo

m.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:0:88  Public Scan

Go To Rescan Add Verdict Report
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-S...
Submission: On April 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 53 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:0:88, located in Germany and belongs to PLUSLINE, DE. The main domain is m.heise.de.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 20th 2016. Valid for: 2 years.
This is the only time m.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a02:2e0:3fe:... 12306 (PLUSLINE)
1 91.215.103.64 43407 (INFONLINE-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 62.216.176.7 25560 (RHTEC-AS ...)
1 2a00:cd0:1005... 48173 (UNBELIEVA...)
1 91.215.103.65 43407 (INFONLINE-AS)
1 52.84.126.74 16509 (AMAZON-02)
5 74.125.133.154 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 185.54.150.27 60164 (WEBTREKK-AS)
1 185.54.150.115 60164 (WEBTREKK-AS)
13 95.100.184.60 16625 (AKAMAI-AS)
1 151.101.12.249 54113 (FASTLY)
1 54.225.73.95 14618 (AMAZON-AES)
1 130.211.5.178 15169 (GOOGLE)
4 107.178.242.85 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 213.202.235.7 24961 (MYLOC-AS)
1 2a00:1450:400... 15169 (GOOGLE)
53 20
11    2a02:2e0:3fe:1001:7777:772e:0:88 (Germany)

ASN12306 (PLUSLINE, DE)
m.heise.de
1    91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de
script.ioam.de
2    2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagservices.com
pagead2.googlesyndication.com
1    62.216.176.7 (Germany)

ASN25560 (RHTEC-AS rh-tec IP Backbone, DE)
www1.mpnrs.com
1    2a00:cd0:1005:2:80:82:201:80 (Germany)

ASN48173 (UNBELIEVABLE-AS, DE)
heise.nuggad.net
1    91.215.103.65 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de
de.ioam.de
1    52.84.126.74 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-126-74.iad16.r.cloudfront.net
d1r27qvpjiaqj3.cloudfront.net
5    74.125.133.154 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: wo-in-f154.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:400c:c07::84 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
tpc.googlesyndication.com
2    185.54.150.27 (Germany)

ASN60164 (WEBTREKK-AS, DE)
prophet.heise.de
1    185.54.150.115 (Germany)

ASN60164 (WEBTREKK-AS, DE)
advertiser.wbtrk.net
13    95.100.184.60 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-184-60.deploy.akamaitechnologies.com
a-ssl.ligatus.com
ssl.ligatus.com
h-ssl.ligatus.com
i-ssl.ligatus.com
1    151.101.12.249 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static.chartbeat.com
1    54.225.73.95 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-73-95.compute-1.amazonaws.com
ping.chartbeat.net
1    130.211.5.178 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 178.5.211.130.bc.googleusercontent.com
adx.ligadx.com
4    107.178.242.85 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 85.242.178.107.bc.googleusercontent.com
sync.ligadx.com
1    2a00:1450:400c:c07::5f (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
1    213.202.235.7 (Germany)

ASN24961 (MYLOC-AS, DE)
m.exactag.com
1    2a00:1450:400c:c07::5e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
Domain Requested by
11 m.heise.de m.heise.de
8 i-ssl.ligatus.com m.heise.de
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
m.heise.de
4 sync.ligadx.com
2 h-ssl.ligatus.com ssl.ligatus.com
2 ssl.ligatus.com a-ssl.ligatus.com
ssl.ligatus.com
2 prophet.heise.de m.heise.de
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.gstatic.com
1 m.exactag.com m.heise.de
1 fonts.googleapis.com ssl.ligatus.com
1 adx.ligadx.com ssl.ligatus.com
1 ping.chartbeat.net m.heise.de
1 static.chartbeat.com m.heise.de
1 a-ssl.ligatus.com securepubads.g.doubleclick.net
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 advertiser.wbtrk.net d1r27qvpjiaqj3.cloudfront.net
1 d1r27qvpjiaqj3.cloudfront.net m.heise.de
1 de.ioam.de m.heise.de
1 heise.nuggad.net m.heise.de
1 www1.mpnrs.com m.heise.de
1 www.googletagservices.com m.heise.de
1 script.ioam.de m.heise.de
0 widget.whatsbroadcast.com Failed m.heise.de
53 24

This site contains links to these domains. Also see Links.

Domain
www.heise.de
www.heise-events.de
shop.heise.de
Subject Issuer Validity Valid
m.heise.de
COMODO RSA Domain Validation Secure Server CA		 2016-10-20 -
2019-01-18		 2 years crt.sh
*.ioam.de
thawte SSL CA - G2		 2016-08-30 -
2019-10-29		 3 years crt.sh
*.g.doubleclick.net
Google Internet Authority G2		 2017-04-12 -
2017-07-05		 3 months crt.sh
www1.mpnrs.com
COMODO RSA Domain Validation Secure Server CA		 2016-02-04 -
2019-02-03		 3 years crt.sh
*.nuggad.net
Gandi Standard SSL CA 2		 2016-01-16 -
2018-01-16		 2 years crt.sh
*.cloudfront.net
Symantec Class 3 Secure Server CA - G4		 2016-10-26 -
2017-12-17		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G2		 2017-04-12 -
2017-07-05		 3 months crt.sh
prophet.heise.de
COMODO RSA Domain Validation Secure Server CA		 2012-11-09 -
2017-11-08		 5 years crt.sh
*.wbtrk.net
GeoTrust SSL CA - G3		 2016-10-14 -
2018-11-13		 2 years crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-04-12 -
2017-07-05		 3 months crt.sh
ssl.ligatus.com
GeoTrust SSL CA - G3		 2017-02-28 -
2018-04-11		 a year crt.sh
a.ssl.fastly.net
DigiCert SHA2 High Assurance Server CA		 2014-12-08 -
2018-02-06		 3 years crt.sh
*.chartbeat.net
thawte SSL CA - G2		 2015-08-20 -
2017-08-19		 2 years crt.sh
*.ligadx.com
COMODO RSA Domain Validation Secure Server CA		 2015-08-26 -
2017-08-25		 2 years crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-04-12 -
2017-07-05		 3 months crt.sh
*.exactag.com
COMODO RSA Organization Validation Secure Server CA		 2015-08-28 -
2017-11-25		 2 years crt.sh
*.google.com
Google Internet Authority G2		 2017-04-12 -
2017-07-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Frame ID: 30310.1
Requests: 28 HTTP requests in this frame

Frame: https://widget.whatsbroadcast.com/widget_more/b11ad2c26cdd1a0bcb972e5446397bd2/
Frame ID: 30310.2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html
Frame ID: 30310.6
Requests: 1 HTTP requests in this frame

Frame: https://a-ssl.ligatus.com/?ids=61545&t=js&s=1&bc=2
Frame ID: 30310.5
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

53
Requests

96 %
HTTPS

32 %
IPv6

17
Domains

24
Subdomains

20
IPs

4
Countries

434 kB
Transfer

1275 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 10
  • https://de.ioam.de/tx.io?st=mobheise&cp=news_forum&sv=ke&pt=CP&rf=&r2=&ur=m.heise.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=000a&vr=311&id=nwp75k&lt=1492941595331&ev=&cs=apykqv&mo=1
  • https://de.ioam.de/tx.io?st=mobheise&cp=news_forum&sv=ke&pt=CP&rf=&r2=&ur=m.heise.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=000a&vr=311&id=nwp75k&lt=1492941595331&ev=&cs=apykqv&mo=1&sr=71
Request 16
  • https://responder.wt-safetag.com/resp/api/get/288689636920174?url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie...
  • https://d1r27qvpjiaqj3.cloudfront.net/288689636920174/40156_2.js
Request 36
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEN01JxM2x7VWqmLdeQpEn3s&google_cver=1&ssp=ligatus
  • https://sync.ligadx.com/?dspid=11&uid=dbdcede9-acde-416a-b9e4-eb6b48325daa
Request 37
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.ligadx.com%2F%3Fdspid%3D16%26uid%3D%24UID
  • https://sync.ligadx.com/?dspid=16&uid=1671154635584065808
Request 38
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=kvw1upm&ttd_tpi=1
  • https://sync.ligadx.com/?dspid=20&uid=778f7a98-831c-4a8b-aaa6-5e17234eb6bb
Request 39
  • https://dsp.adfarm1.adition.com/cookie/?ssp=22
  • https://sync.ligadx.com/?dspid=22&uid=6412135329663678488
Request 46
  • https://trk.helios.ligatus.com/imp?z=AAJ9HIj_jgZMQld2Vbk2ZHWFlAcW8NV6e0WzLfuHb_bYlHuUG9j4NC6yOstkNqQhFX3dTu7w7N2cjsl95Q3Y4WlQ-G2nn8oyhBqYu5QDvvWumPg8uueWu5CSrwBAs4lWz9r4gq9S2TsJEZr9yA8RK4HtvRQhko44...
  • https://i-ssl.ligatus.com/blank.gif
Request 47
  • https://x.ligatus.com/61545-4393/135-3175/1056952-656136-57_1057904-678420-57/1/57/1/1/1492941596232/0//
  • https://i-ssl.ligatus.com/blank.gif
Request 50
  • https://trk.helios.ligatus.com/imp?z=H5V_rxFNmR79QGfRYwkCHtGxlW9dEJ7iWAdN3c5G9bbCHmLMhOCiCBgB5Jb-yj0bq5QeH2gdbZj2kLygqqeVZl3raruW-_fzyTawHFSJ-xvJ_KorfpzJzLeSeOPBkaZjtxty33d36kQFQoy2LCOHKX3CuqEPSRzy...
  • https://i-ssl.ligatus.com/blank.gif

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/ 		40 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
785348d9a0daa64772902040576b674bfa92df0fa13cdbcadc29215c0f3ffe63

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Server
nginx
Age
0
Vary
Accept-Encoding, Cookie
Content-Type
text/html; charset=UTF-8
Set-Cookie
u2uforum_properties=eNqrVoqPL8nMTS0uScwtULIyNLE0sjQxNLU01VGKL85MUbJSSjcLCIjX9Xcry8s3V6oFAG9LDo8%253D_X_648533427263b76d7249e5ec3475ba70828f1ce3; path=/forum/; expires=Mon, 23-Apr-2018 09:59:55 GMT; HttpOnly
Cache-control
private,must-revalidate,max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9029
mobi2013.css
m.heise.de/stil/mobi/ 		141 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
9456884a5ec8c28cc03ea826a0cccfbe206a2f010538c67320707898c3913e24

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Content-Encoding
gzip
Age
2851
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Connection
keep-alive
Content-Length
27985
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Tue, 18 Apr 2017 09:28:34 GMT
Server
nginx
ETag
"235d4-54d6d882d01e5-gzip"
Vary
Accept-Encoding,X-Forwarded-Proto
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=6665
Accept-Ranges
bytes
X-Cobbler
octo13.heise.de
Expires
Sun, 23 Apr 2017 11:03:29 GMT
iam.js
script.ioam.de/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script3.ioam.de
Software
nginx / BLACKBIRD-SRC v0.8 000a
Resource Hash
743119ed81d4b97c4bec713686e9f4003941b4f8d70b4096b74f7eb689da4828

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
script.ioam.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Apr 2017 09:59:55 GMT
Server
nginx
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
X-Powered-By
BLACKBIRD-SRC v0.8 000a
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
privat, max-age=7200 pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 23 Apr 2017 11:59:55 GMT
gpt.js
www.googletagservices.com/tag/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
4e0fb7ec88b2a7261510b6505861e7e60d7c6ac9f2e99ce39aefe34a77e997e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/tag/js/gpt.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagservices.com
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:51:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489
status
200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length
1234
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2017 20:07:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Apr 2017 09:51:46 GMT
heise_online_logo_smartphone_hdpi_color.png
m.heise.de/icons/ho/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.heise.de/icons/ho/heise_online_logo_smartphone_hdpi_color.png?413c4a0827869c96c520
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
20135d565026309fde360f6a9a7e4445a3d1dfb346ed72028e129c09ee4a7e4a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Thu, 12 Dec 2013 14:39:13 GMT
Server
nginx
Age
6582
ETag
"c4e-4ed574f2b0640"
Vary
X-Forwarded-Proto
Content-Type
image/png
Cache-Control
public, max-age=7174
X-Cobbler
octo03.heise.de
Connection
keep-alive
Accept-Ranges
bytes
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Content-Length
3150
Expires
Sun, 23 Apr 2017 10:09:47 GMT
write
m.heise.de/ivw-bin/ivw/CP/forum/256947/4225188/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.heise.de/ivw-bin/ivw/CP/forum/256947/4225188/write
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Thu, 20 Jan 2011 15:58:20 GMT
Server
nginx
Age
0
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, must-revalidate
X-Cobbler
octo04.heise.de
Connection
keep-alive
Accept-Ranges
bytes bytes
Content-Length
43
Expires
Sun, 23 Apr 2017 09:59:55 GMT
write
m.heise.de/avw-bin/ivw/CP/export-api/forum/256947/4225188/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.heise.de/avw-bin/ivw/CP/export-api/forum/256947/4225188/write
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Last-Modified
Thu, 20 Jan 2011 15:58:20 GMT
Server
nginx
Age
0
ETag
"4d385b9c-2b"
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes bytes
Content-Length
43
Expires
Sun, 23 Apr 2017 09:59:55 GMT
webtrekk-v4.3.5-bundle-heise-2017-01-20.js
m.heise.de/js/ho/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.heise.de/js/ho/webtrekk-v4.3.5-bundle-heise-2017-01-20.js?6f81f551a988ee5bebba
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
bd580e2aa853fcbd14b49d3747cd2e53444283491b3c89fe6b48b6907bcef21b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Content-Encoding
gzip
Age
2066
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Connection
keep-alive
Content-Length
23162
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Fri, 20 Jan 2017 09:53:31 GMT
Server
nginx
ETag
"13141-546839f514921-gzip"
Vary
Accept-Encoding,X-Forwarded-Proto
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=6728
Accept-Ranges
bytes
X-Cobbler
octo06.heise.de
Expires
Sun, 23 Apr 2017 11:17:38 GMT
mobi.min.js
m.heise.de/js/mobi/ 		427 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.heise.de/js/mobi/mobi.min.js?ce0b900eb49fce7fb2f7
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
0985570d3bf888373fb58931e654d1771278937b2a07334a316f81a3cc034ce8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Content-Encoding
gzip
Age
6884
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Connection
keep-alive
Content-Length
131897
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Tue, 04 Apr 2017 13:32:27 GMT
Server
nginx
ETag
"6acc0-54c574e92f670-gzip"
Vary
Accept-Encoding,X-Forwarded-Proto
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=7194
Accept-Ranges
bytes
X-Cobbler
octo12.heise.de
Expires
Sun, 23 Apr 2017 10:05:05 GMT
Cookie set trg.gif
www1.mpnrs.com/deliver2/trg/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.mpnrs.com/deliver2/trg/trg.gif?lv=9&tad=13f0kjf8mps0
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.216.176.7 , Germany, ASN25560 (RHTEC-AS rh-tec IP Backbone, DE),
Reverse DNS
Software
Apache /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www1.mpnrs.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2017 09:59:55 GMT
Server
Apache
P3P
policyref="https://www1.mpnrs.com/w3c/p3p.xml", CP="NID DSP NOI COR"
Access-Control-Allow-Origin
*
Set-Cookie
ata=~mdaTc8GGGcmi; Expires=Mon, 23-Apr-2018 09:59:55 GMT; Path=/
Cache-Control
no-cache,no-store,must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
43
Expires
-1
Cookie set rc
heise.nuggad.net/ 		607 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heise.nuggad.net/rc?nuggn=923071392&nuggsid=1216322088&nuggtg=m.web.heise.de%2Fnewsticker%2Fnews-foren&nuggrid=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2a00:cd0:1005:2:80:82:201:80 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
db80aa85fc1c6c90aa87610e9356fa50ddc511100fb73850098deeddee2d5ac4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
heise.nuggad.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Content-Encoding
gzip
Server
Apache
P3P
CP="NOI DSP COR NID ADMa OTPa OUR NOR"
Vary
Accept-Encoding
Content-Type
text/javascript
Status
200 OK
Set-Cookie
d=Qv0X21CumGdBEr0UfmOlgM/Q6Cbk37yOhyi94zPKza4wybu5ZZPTNTVToRN+mWpl3Wc4iGz0EvgoR9nyhNZnWJWdty3p2kJJQP9ZbcJQojNsrq5WI2BrxlVT6hXxuP0bgwPCwj2HsDjZYVcES2mB4I5AArgbSaVaEk+hP/3HUqybP/iBP0eglLtXckvZeVQHuGJGOqhi1HQgCee5ICpGSDlfCD/xYqwWlCJvORO8iuDLocvN; domain=.nuggad.net; path=/; expires=Sun, 22 Oct 2017 21:59:55 GMT;
Cache-Control
no-store,no-cache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=75
Content-Length
218
Expires
Wed, 18 Feb 2009 11:53:30 GMT
Cookie set tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=mobheise&cp=news_forum&sv=ke&pt=CP&rf=&r2=&ur=m.heise.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=000a&vr=311&id=nwp75k&lt=1492941595331&ev=&cs=apykqv&mo=1
  • https://de.ioam.de/tx.io?st=mobheise&cp=news_forum&sv=ke&pt=CP&rf=&r2=&ur=m.heise.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=000a&vr=311&id=nwp75k&lt=1492941595331&ev=&cs=apykqv&mo=1&sr=71
 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=mobheise&cp=news_forum&sv=ke&pt=CP&rf=&r2=&ur=m.heise.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=000a&vr=311&id=nwp75k&lt=1492941595331&ev=&cs=apykqv&mo=1&sr=71
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de3.ioam.de
Software
nginx / BLACKBIRD-RCV v1.04.6 0028
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
de.ioam.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Cookie
i00=0028e1e0b35c1c31358fc7b1b0001%3B58fc7b1b%3B5ad4df3e
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Server
nginx
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
X-Powered-By
BLACKBIRD-RCV v1.04.6 0028
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Set-Cookie
i00=0028e1e0b35c1c31358fc7b1b0001%3B58fc7b1b%3B5ad4df3e; expires=Mon, 16-Apr-2018 17:37:02 GMT; path=/; domain=ioam.de
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
X-Powered-By
BLACKBIRD-RCV v1.04.6 0028
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Sun, 23 Apr 2017 09:59:55 GMT
Server
nginx
Location
/tx.io?st=mobheise&cp=news_forum&sv=ke&pt=CP&rf=&r2=&ur=m.heise.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=000a&vr=311&id=nwp75k&lt=1492941595331&ev=&cs=apykqv&mo=1&sr=71
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Set-Cookie
i00=0028e1e0b35c1c31358fc7b1b0001%3B58fc7b1b%3B5ad4df3e; expires=Mon, 16-Apr-2018 17:37:02 GMT; path=/; domain=ioam.de
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Sat, 23 Apr 2016 09:59:55 GMT
/
widget.whatsbroadcast.com/widget_more/b11ad2c26cdd1a0bcb972e5446397bd2/ Frame 3031 		0
0
menu_button.png
m.heise.de/icons/mobi/ 		125 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.heise.de/icons/mobi/menu_button.png
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
ce7b16801db98924379d31ed27197ea4c76a11dc4d95c561560c384a8027b3f4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Tue, 01 Nov 2016 10:41:46 GMT
Server
nginx
Age
4966
ETag
"7d-5403af88fae80"
Vary
X-Forwarded-Proto
Content-Type
image/png
Cache-Control
public, max-age=6866
X-Cobbler
octo10.heise.de
Connection
keep-alive
Accept-Ranges
bytes
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Content-Length
125
Expires
Sun, 23 Apr 2017 10:31:35 GMT
OpenSans-CondBold-webfont.woff
m.heise.de/fonts/open-sans/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.heise.de/fonts/open-sans/OpenSans-CondBold-webfont.woff
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
6fe4f7d286323fef39e81d9cdbdbf463941ebe9c1044e19653967369bdb34240

Request headers

Pragma
no-cache
Origin
https://m.heise.de
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
Origin
https://m.heise.de

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Age
4706
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Connection
keep-alive
Content-Length
21400
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Mon, 11 Jun 2012 22:19:09 GMT
Server
nginx
ETag
"5398-4c239bd23b140"
Vary
X-Forwarded-Proto
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=6984
Accept-Ranges
bytes
X-Cobbler
octo01.heise.de
Expires
Sun, 23 Apr 2017 10:37:53 GMT
channel_sprite.png
m.heise.de/icons/mobi/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.heise.de/icons/mobi/channel_sprite.png?314159265359
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
08d8ada55dcb398926da41663c226d048e8a989738412990238707ac031a02ad

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Tue, 05 May 2015 15:22:21 GMT
Server
nginx
Age
3281
ETag
"1d1b-515573ea6a540"
Vary
X-Forwarded-Proto
Content-Type
image/png
Cache-Control
public, max-age=7007
X-Cobbler
octo14.heise.de
Connection
keep-alive
Accept-Ranges
bytes
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Content-Length
7451
Expires
Sun, 23 Apr 2017 11:02:01 GMT
forum_sprite.png
m.heise.de/icons/mobi/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.heise.de/icons/mobi/forum_sprite.png?0112358132134
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:2e0:3fe:1001:7777:772e:0:88 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
nginx /
Resource Hash
4e98d6d416020ba9573c95f3d6fe665da79a6e61078e646b4391c2dc057e275b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/stil/mobi/mobi2013.css?572be82e899236f43c1c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Wed, 17 Jun 2015 12:09:00 GMT
Server
nginx
Age
1193
ETag
"7f2-518b58e5a8f00"
Vary
X-Forwarded-Proto
Content-Type
image/png
Cache-Control
public, max-age=6644
X-Cobbler
octo14.heise.de
Connection
keep-alive
Accept-Ranges
bytes
Content-Security-Policy-Report-Only
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://heise.report-uri.io/r/default/csp/reportOnly https://heise.de/csp/
Content-Length
2034
Expires
Sun, 23 Apr 2017 11:30:46 GMT
40156_2.js
d1r27qvpjiaqj3.cloudfront.net/288689636920174/
Redirect Chain
  • https://responder.wt-safetag.com/resp/api/get/288689636920174?url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie...
  • https://d1r27qvpjiaqj3.cloudfront.net/288689636920174/40156_2.js
 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1r27qvpjiaqj3.cloudfront.net/288689636920174/40156_2.js
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.126.74 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-126-74.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2c5ddf96e1729c5f766a36923fe43d8f45078e5612e5f708342fc04c3a15040

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
d1r27qvpjiaqj3.cloudfront.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 06 Dec 2016 14:30:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 06 Dec 2016 14:29:11 GMT
Server
AmazonS3
Age
11906948
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 aacade9ab32f7d5ee52553d620cb3362.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
XbBFgR8qDlx1U5yHMzHJzJlXJifxW_5Ai27DVtnlUawbohfLxRRgow==

Redirect headers

Date
Sun, 23 Apr 2017 10:03:32 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/html
Location
https://d1r27qvpjiaqj3.cloudfront.net/288689636920174/40156_2.js
Cache-control
no-cache="set-cookie"
Set-Cookie
AWSELB=5F6FAFE51E2CE9EB1E6C689A86196977AEB64D8DC1BDEF02FFBA533F69CA427744552AC925446FFD50DF86CEE5CCF5BB9F34FBA9A75565E9428A1992953841E9472DCAC75E;PATH=/;MAX-AGE=60
Content-Length
180
pubads_impl_114.js
securepubads.g.doubleclick.net/gpt/ 		174 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.125.133.154 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
wo-in-f154.1e100.net
Software
sffe /
Resource Hash
ead8c15c8a48f00560e696b4d9990cfdd14f974f4bbacce076e87ba2e3efb73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_114.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Wed, 19 Apr 2017 18:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316191
status
200
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
60883
x-xss-protection
1; mode=block
last-modified
Thu, 13 Apr 2017 21:34:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Apr 2018 18:10:04 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c07::84 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/safeframe/1-0-8/html/container.html
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tpc.googlesyndication.com
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Purpose
prefetch
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 18 Apr 2017 23:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2017 21:46:52 GMT
server
sffe
age
384814
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
1747
x-xss-protection
1; mode=block
expires
Wed, 18 Apr 2018 23:06:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		478 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1271533333254935&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809080&sc=1&sfv=1-0-8&iu=%2F6514%2Fm.web.heise.de%2Fnewsticker%2Fnews-foren&sz=1x1&ists=1&cust_params=d1%3D1%26d10%3D1%26d11%3D0%26d12%3D5%26d2%3D3%26d3%3D3%26d4%3D6%26d7%3D2%26d8%3D2%26d9%3D3%26i13%3D4%26i3%3D3%26i11%3D3%26i20%3D3%26i17%3D4%26i18%3D3%26i1%3D3%26i44%3D4%26i28%3D4%26i42%3D3%26i27%3D3%26i23%3D3%26a17%3D2%26a3%3D2%26a22%3D2%26i48%3D3%26i16%3D3%26g1%3D0%26g2%3D0%26g3%3D0%26g4%3D0%26g5%3D1%26n1%3D0%26n2%3D0%26n3%3D0%26n4%3D1%26n5%3D0%26n6%3D0%26n7%3D0%26n8%3D1%26n9%3D1%26f2%3D1%26h1%3D1%26h2%3D1%26h3%3D0%26h4%3D0%26h5%3D1%26h6%3D1%26h7%3D1%26h8%3D0%26h9%3D1%26h10%3D0%26h11%3D0%26h12%3D0%26h13%3D0%26h14%3D0%26h15%3D1%26h16%3D1%26h17%3D0%26e1%3D4%26e2%3D3%26e3%3D2%26e4%3D5%26themenhub%3Dyes&cookie_enabled=1&lmt=1492941595&dt=1492941595620&cc=99&frm=20&biw=1583&bih=1132&oid=3&adx=0&ady=0&adk=2925345398&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&dssz=18&icsg=559&std=0&vrg=114&vrp=114&ga_vid=172549987.1492941596&ga_sid=1492941596&ga_hid=1259691329
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.125.133.154 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
b2a5d22aa1106121253843cb0becff9d9d4f4aa07780350c667b0dbd6d44e254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=1271533333254935&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809080&sc=1&sfv=1-0-8&iu=%2F6514%2Fm.web.heise.de%2Fnewsticker%2Fnews-foren&sz=1x1&ists=1&cust_params=d1%3D1%26d10%3D1%26d11%3D0%26d12%3D5%26d2%3D3%26d3%3D3%26d4%3D6%26d7%3D2%26d8%3D2%26d9%3D3%26i13%3D4%26i3%3D3%26i11%3D3%26i20%3D3%26i17%3D4%26i18%3D3%26i1%3D3%26i44%3D4%26i28%3D4%26i42%3D3%26i27%3D3%26i23%3D3%26a17%3D2%26a3%3D2%26a22%3D2%26i48%3D3%26i16%3D3%26g1%3D0%26g2%3D0%26g3%3D0%26g4%3D0%26g5%3D1%26n1%3D0%26n2%3D0%26n3%3D0%26n4%3D1%26n5%3D0%26n6%3D0%26n7%3D0%26n8%3D1%26n9%3D1%26f2%3D1%26h1%3D1%26h2%3D1%26h3%3D0%26h4%3D0%26h5%3D1%26h6%3D1%26h7%3D1%26h8%3D0%26h9%3D1%26h10%3D0%26h11%3D0%26h12%3D0%26h13%3D0%26h14%3D0%26h15%3D1%26h16%3D1%26h17%3D0%26e1%3D4%26e2%3D3%26e3%3D2%26e4%3D5%26themenhub%3Dyes&cookie_enabled=1&lmt=1492941595&dt=1492941595620&cc=99&frm=20&biw=1583&bih=1132&oid=3&adx=0&ady=0&adk=2925345398&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&dssz=18&icsg=559&std=0&vrg=114&vrp=114&ga_vid=172549987.1492941596&ga_sid=1492941596&ga_hid=1259691329
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
335
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Sun, 23-Apr-2017 10:14:55 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1271533333254935&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809080&sc=1&sfv=1-0-8&iu=%2F6514%2Fm.web.heise.de%2Fnewsticker%2Fnews-foren&sz=300x50%7C300x75%7C300x100%7C300x150%7C300x250%7C320x50%7C320x75%7C320x100%7C320x250&scp=mpos%3Dtop&cust_params=d1%3D1%26d10%3D1%26d11%3D0%26d12%3D5%26d2%3D3%26d3%3D3%26d4%3D6%26d7%3D2%26d8%3D2%26d9%3D3%26i13%3D4%26i3%3D3%26i11%3D3%26i20%3D3%26i17%3D4%26i18%3D3%26i1%3D3%26i44%3D4%26i28%3D4%26i42%3D3%26i27%3D3%26i23%3D3%26a17%3D2%26a3%3D2%26a22%3D2%26i48%3D3%26i16%3D3%26g1%3D0%26g2%3D0%26g3%3D0%26g4%3D0%26g5%3D1%26n1%3D0%26n2%3D0%26n3%3D0%26n4%3D1%26n5%3D0%26n6%3D0%26n7%3D0%26n8%3D1%26n9%3D1%26f2%3D1%26h1%3D1%26h2%3D1%26h3%3D0%26h4%3D0%26h5%3D1%26h6%3D1%26h7%3D1%26h8%3D0%26h9%3D1%26h10%3D0%26h11%3D0%26h12%3D0%26h13%3D0%26h14%3D0%26h15%3D1%26h16%3D1%26h17%3D0%26e1%3D4%26e2%3D3%26e3%3D2%26e4%3D5%26themenhub%3Dyes&cookie_enabled=1&lmt=1492941595&dt=1492941595627&cc=99&frm=20&biw=1583&bih=1132&oid=3&adx=0&ady=0&adk=1613322019&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&dssz=19&icsg=131631&std=0&vrg=114&vrp=114&ga_vid=172549987.1492941596&ga_sid=1492941596&ga_hid=1259691329
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.125.133.154 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
2563ac3fd9be184379bbf0646f06ffe3b3193c0f7d338768b361c7df9d5a7249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=1271533333254935&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809080&sc=1&sfv=1-0-8&iu=%2F6514%2Fm.web.heise.de%2Fnewsticker%2Fnews-foren&sz=300x50%7C300x75%7C300x100%7C300x150%7C300x250%7C320x50%7C320x75%7C320x100%7C320x250&scp=mpos%3Dtop&cust_params=d1%3D1%26d10%3D1%26d11%3D0%26d12%3D5%26d2%3D3%26d3%3D3%26d4%3D6%26d7%3D2%26d8%3D2%26d9%3D3%26i13%3D4%26i3%3D3%26i11%3D3%26i20%3D3%26i17%3D4%26i18%3D3%26i1%3D3%26i44%3D4%26i28%3D4%26i42%3D3%26i27%3D3%26i23%3D3%26a17%3D2%26a3%3D2%26a22%3D2%26i48%3D3%26i16%3D3%26g1%3D0%26g2%3D0%26g3%3D0%26g4%3D0%26g5%3D1%26n1%3D0%26n2%3D0%26n3%3D0%26n4%3D1%26n5%3D0%26n6%3D0%26n7%3D0%26n8%3D1%26n9%3D1%26f2%3D1%26h1%3D1%26h2%3D1%26h3%3D0%26h4%3D0%26h5%3D1%26h6%3D1%26h7%3D1%26h8%3D0%26h9%3D1%26h10%3D0%26h11%3D0%26h12%3D0%26h13%3D0%26h14%3D0%26h15%3D1%26h16%3D1%26h17%3D0%26e1%3D4%26e2%3D3%26e3%3D2%26e4%3D5%26themenhub%3Dyes&cookie_enabled=1&lmt=1492941595&dt=1492941595627&cc=99&frm=20&biw=1583&bih=1132&oid=3&adx=0&ady=0&adk=1613322019&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&dssz=19&icsg=131631&std=0&vrg=114&vrp=114&ga_vid=172549987.1492941596&ga_sid=1492941596&ga_hid=1259691329
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
3179
x-xss-protection
1; mode=block
google-lineitem-id
47418590
pragma
no-cache
server
cafe
google-creative-id
49664578430
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Sun, 23-Apr-2017 10:14:55 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1271533333254935&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809080&sc=1&sfv=1-0-8&iu=%2F6514%2Fm.web.heise.de%2Fnewsticker%2Fnews-foren&sz=300x250%7C300x600%7C320x250%7C500x500%7C540x65&scp=mpos%3Dbottom&cust_params=d1%3D1%26d10%3D1%26d11%3D0%26d12%3D5%26d2%3D3%26d3%3D3%26d4%3D6%26d7%3D2%26d8%3D2%26d9%3D3%26i13%3D4%26i3%3D3%26i11%3D3%26i20%3D3%26i17%3D4%26i18%3D3%26i1%3D3%26i44%3D4%26i28%3D4%26i42%3D3%26i27%3D3%26i23%3D3%26a17%3D2%26a3%3D2%26a22%3D2%26i48%3D3%26i16%3D3%26g1%3D0%26g2%3D0%26g3%3D0%26g4%3D0%26g5%3D1%26n1%3D0%26n2%3D0%26n3%3D0%26n4%3D1%26n5%3D0%26n6%3D0%26n7%3D0%26n8%3D1%26n9%3D1%26f2%3D1%26h1%3D1%26h2%3D1%26h3%3D0%26h4%3D0%26h5%3D1%26h6%3D1%26h7%3D1%26h8%3D0%26h9%3D1%26h10%3D0%26h11%3D0%26h12%3D0%26h13%3D0%26h14%3D0%26h15%3D1%26h16%3D1%26h17%3D0%26e1%3D4%26e2%3D3%26e3%3D2%26e4%3D5%26themenhub%3Dyes&cookie_enabled=1&lmt=1492941595&dt=1492941595630&cc=99&frm=20&biw=1583&bih=1132&oid=3&adx=0&ady=0&adk=3379700392&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&dssz=20&icsg=655919&std=0&vrg=114&vrp=114&ga_vid=172549987.1492941596&ga_sid=1492941596&ga_hid=1259691329
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.125.133.154 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
82215c02c18b46e5ae324e4433cab70b7dc86d1ee360118d831317a84dc201d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=1271533333254935&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809080&sc=1&sfv=1-0-8&iu=%2F6514%2Fm.web.heise.de%2Fnewsticker%2Fnews-foren&sz=300x250%7C300x600%7C320x250%7C500x500%7C540x65&scp=mpos%3Dbottom&cust_params=d1%3D1%26d10%3D1%26d11%3D0%26d12%3D5%26d2%3D3%26d3%3D3%26d4%3D6%26d7%3D2%26d8%3D2%26d9%3D3%26i13%3D4%26i3%3D3%26i11%3D3%26i20%3D3%26i17%3D4%26i18%3D3%26i1%3D3%26i44%3D4%26i28%3D4%26i42%3D3%26i27%3D3%26i23%3D3%26a17%3D2%26a3%3D2%26a22%3D2%26i48%3D3%26i16%3D3%26g1%3D0%26g2%3D0%26g3%3D0%26g4%3D0%26g5%3D1%26n1%3D0%26n2%3D0%26n3%3D0%26n4%3D1%26n5%3D0%26n6%3D0%26n7%3D0%26n8%3D1%26n9%3D1%26f2%3D1%26h1%3D1%26h2%3D1%26h3%3D0%26h4%3D0%26h5%3D1%26h6%3D1%26h7%3D1%26h8%3D0%26h9%3D1%26h10%3D0%26h11%3D0%26h12%3D0%26h13%3D0%26h14%3D0%26h15%3D1%26h16%3D1%26h17%3D0%26e1%3D4%26e2%3D3%26e3%3D2%26e4%3D5%26themenhub%3Dyes&cookie_enabled=1&lmt=1492941595&dt=1492941595630&cc=99&frm=20&biw=1583&bih=1132&oid=3&adx=0&ady=0&adk=3379700392&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&dssz=20&icsg=655919&std=0&vrg=114&vrp=114&ga_vid=172549987.1492941596&ga_sid=1492941596&ga_hid=1259691329
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
3156
x-xss-protection
1; mode=block
google-lineitem-id
29833070
pragma
no-cache
server
cafe
google-creative-id
47649640310
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Sun, 23-Apr-2017 10:14:55 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set wt
prophet.heise.de/288689636920174/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prophet.heise.de/288689636920174/wt?p=435,m.heise.de.newsticker.news-forum.in-deutschland-grassieren-erpressungs-trojaner-so-schuetzen-sie-sich-3143764.forum-thread,1,1600x1200,24,1,1492941595834,0,1598x1132,0&tz=0&eid=2149294159500134655&one=1&fns=1&la=en&cg1=m.heise.de&cg2=newsticker&cg3=news-forum&cg4=in-deutschland-grassieren-erpressungs-trojaner-so-schuetzen-sie-sich-3143764&cg5=forum-thread&cg9=forum-thread&cg10=forum&cp4=c%27t%3Bransomware%3Berpressungs-trojaner%3Blocky&cp8=2016-03-18T14%3A25%3A00&cp9=newsticker&cp10=newsticker%3Bsecurity&cp15=J%C3%BCrgen%20Schmidt&cp17=mobile&fvc=201704230959&lvc=201704230959&pu=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&np=Shockwave%20Flash&eor=1
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
21 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
prophet.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Cookie
__gads=ID=17bda653dedf1d93:T=1492941595:S=ALNI_MbA7bY-fD_uozYtkZqH1JEPsgcocA; wt3_eid=%3B288689636920174%7C2149294159500134655%232149294159500774348; wt3_sid=%3B288689636920174; wt_rla=288689636920174%2C1%2C1492941595835
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2017 09:58:38 GMT
Last-Modified
Sun, 23 Apr 2017 09:58:39 GMT
Server
21
P3P
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Set-Cookie
wt_nbg_Q3=!iSg/fMU+LlFPE7i3bCMZjVSp7szWNXVxJvScviVVobgD7z8TO1uMKKq2Ds15aI2sVdnFwnbm2NwN; path=/
X-Robots-Tag
noindex, nofollow, noarchive
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
advertiser.js
advertiser.wbtrk.net/js/ 		9 B
9 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advertiser.wbtrk.net/js/advertiser.js
Requested by
Host: d1r27qvpjiaqj3.cloudfront.net
URL: https://d1r27qvpjiaqj3.cloudfront.net/288689636920174/40156_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.54.150.115 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c99addca116aa8d683cdc5dd2b09437e54c3286ade46c390c138b97c334f891a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
advertiser.wbtrk.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:55 GMT
Last-Modified
Tue, 26 Jan 2016 12:36:07 GMT
Server
nginx
ETag
"56a76837-9"
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9
container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 3031 		0
0
osd.js
pagead2.googlesyndication.com/pagead/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
33e66f32381e090ba280f70baab9ab6347ac292ccb89ab5bf88f25a0a3b58d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/osd.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length
30854
x-xss-protection
1; mode=block
server
cafe
etag
6605605957342768507
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 23 Apr 2017 10:27:20 GMT
Cookie set wt
prophet.heise.de/288689636920174/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prophet.heise.de/288689636920174/wt?p=435,m.heise.de.newsticker.news-forum.in-deutschland-grassieren-erpressungs-trojaner-so-schuetzen-sie-sich-3143764.forum-thread,1,1600x1200,24,1,1492941595909,2,1598x1132,0&tz=0&eid=2149294159500134655&one=0&fns=0&ct=webtrekk_ignore&la=en&cs803=no&pu=https%3A%2F%2Fm.heise.de%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&eor=1
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
prophet.heise.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Cookie
__gads=ID=4dfad53f5e2777f9:T=1492941595:S=ALNI_MY-wBk6T0Rf94FZoPgU82WpIj7xiw; wt3_eid=%3B288689636920174%7C2149294159500134655%232149294159500326133; wt3_sid=%3B288689636920174; wt_rla=288689636920174%2C2%2C1492941595835
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2017 09:59:55 GMT
Last-Modified
Sun, 23 Apr 2017 09:59:56 GMT
Server
9
P3P
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Set-Cookie
wt_nbg_Q3=!DHeMNJuBiMy1jTu3bCMZjVSp7szWNXRKCgMc7yITe3flCb/Qw3rdD8h+pkNViflW/pLm/YxOKbF8; path=/
X-Robots-Tag
noindex, nofollow, noarchive
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
a-ssl.ligatus.com/ Frame 3031 		2 KB
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a-ssl.ligatus.com/?ids=61545&t=js&s=1&bc=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
3bc4b5ac2306046848effeff94d99c3cfa90aecbd5aa6792d2793e2196fa900e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
a-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
783
Expires
Sun, 23 Apr 2017 10:09:56 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20170417/r20110914/activeview/ Frame 3031 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20170417/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c07::84 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
24cb95f17f2344811a610ac502e29096617ff06ff0fe4b98fd8dc66a3efe8dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20170417/r20110914/activeview/osd_listener.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tpc.googlesyndication.com
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Mon, 17 Apr 2017 20:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
9061
x-xss-protection
1; mode=block
server
cafe
etag
7073221229015997806
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2017 20:52:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3031 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwmI4sRXa-oGckbQgwjAyXYgyGMMGRFLFD2Zw0dwzvWrfbvQBVUP2PhhPeAOiwOqoMBjkMW6EgdgQCzN7n2dyR38_igV4KswOK7PDHUfmRGewk5erwnWhvaZ3KWZcUbyXxWuBm0pWrzUOn6yQHhNcfrv-xm8KHLsg6T1z4aeS2St35J6nT01v7IvefK6-32x5T1C7vZILIz3xFIF27O4T_oOK5k1v7-Qix75npxTmTLsY8zclz3tMVuZ8JKWCCceMxBqaLuJs&sig=Cg0ArKJSzD2E3sCRRZmKEAE&urlfix=1&adurl=
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.125.133.154 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pcs/view?xai=AKAOjstwmI4sRXa-oGckbQgwjAyXYgyGMMGRFLFD2Zw0dwzvWrfbvQBVUP2PhhPeAOiwOqoMBjkMW6EgdgQCzN7n2dyR38_igV4KswOK7PDHUfmRGewk5erwnWhvaZ3KWZcUbyXxWuBm0pWrzUOn6yQHhNcfrv-xm8KHLsg6T1z4aeS2St35J6nT01v7IvefK6-32x5T1C7vZILIz3xFIF27O4T_oOK5k1v7-Qix75npxTmTLsY8zclz3tMVuZ8JKWCCceMxBqaLuJs&sig=Cg0ArKJSzD2E3sCRRZmKEAE&urlfix=1&adurl=
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
id=22141f9e463a006c||t=1492941595|et=730|cs=002213fd48891aff1ee8b063fa; IDE=AHWqTUk-r8QYZFqrvRiC2Q6yOESAXGOBKecADlK7HSfJiMXum3gf_QG63A; test_cookie=CheckForPermission
:scheme
https
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
status
200
cache-control
private
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2017 09:59:56 GMT
ligrend.js
ssl.ligatus.com/render/ Frame 3031 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.ligatus.com/render/ligrend.js?ts=4.23
Requested by
Host: a-ssl.ligatus.com
URL: https://a-ssl.ligatus.com/?ids=61545&t=js&s=1&bc=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
/
Resource Hash
46fc3abec33919f3a5c80d4bbd165e1a2db41b1139f122d5578a38eec399e603

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Apr 2017 14:56:02 UTC
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
34526
Expires
Mon, 24 Apr 2017 09:59:56 GMT
rend
ssl.ligatus.com/rms/ Frame 3031 		498 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.ligatus.com/rms/rend?id=61545&ua=-1804791060&pgw=300&pgo=l&s=1
Requested by
Host: ssl.ligatus.com
URL: https://ssl.ligatus.com/render/ligrend.js?ts=4.23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
/
Resource Hash
9e6bea63ecf9d28601ab35b536584c10ed6c4c5c1e5b81798b0de06c2ca30c65

Request headers

Pragma
no-cache
Origin
https://m.heise.de
Accept-Encoding
gzip, deflate, sdch, br
Host
ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Origin
https://m.heise.de

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Connection
keep-alive
Content-Length
307
Expires
Sun, 23 Apr 2017 10:00:56 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
89715a905e7a2dfea37a59fce672cad544d3eada561f1828d11b454b9ce8ed17

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
static.chartbeat.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2017 03:29:37 GMT
Server
nginx
ETag
"58b4eea1-ff7c"
X-Served-By
cache-fra1227-FRA
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Via
1.1 varnish
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21932
X-Cache-Hits
481520
ping
ping.chartbeat.net/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heise.de&p=%2Fforum%2Fheise-online%2FNews-Kommentare%2FIn-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich%2FRe-der-Unterschied-zwischen-DOC-und-DOCX%2Fposting-24737797%2Fshow%2F&u=CXh93cB9aGCdC-V7du&d=m.heise.de&g=59838&g0=forum&g1=die%20Redaktionen&n=1&f=00001&c=0&x=0&m=0&y=3126&o=1583&w=1132&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1955&t=BoZM0LC1N1cYtAMcgBkTedBCA2yHn&V=90&i=Re%3A%20der%20Unterschied%20zwischen%20DOC%20und%20DOCX%20%7C%20heise%20online&tz=0&sn=1&EE=0&sv=9a7vqDs_kDGDOM9RES7_FSB3Bk6z&_
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.73.95 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-73-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
ping.chartbeat.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
adx.ligadx.com/ Frame 3031 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.ligadx.com/?s=1&pid=&pid=61545
Requested by
Host: ssl.ligatus.com
URL: https://ssl.ligatus.com/render/ligrend.js?ts=4.23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.5.178 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
178.5.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8e88d517af78db9909c2afbb04df73ba7c5eff5ffa614ce4772af6c368e34436

Request headers

:path
/?s=1&pid=&pid=61545
pragma
no-cache
origin
https://m.heise.de
accept-encoding
gzip, deflate, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
adx.ligadx.com
cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a
:scheme
https
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
content-length
447
:method
POST
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Origin
https://m.heise.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
content-encoding
gzip
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
status
200
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://m.heise.de
access-control-allow-credentials
true
set-cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a; Max-Age=33696000; Expires=Fri, 18 May 2018 09:59:56 GMT; Path=/; Domain=.ligadx.com
alt-svc
clear
via
1.1 google
p12661-c1178-1472476172.php
h-ssl.ligatus.com/tm/css/ Frame 3031 		2 KB
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h-ssl.ligatus.com/tm/css/p12661-c1178-1472476172.php
Requested by
Host: ssl.ligatus.com
URL: https://ssl.ligatus.com/render/ligrend.js?ts=4.23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx / PHP/5.5.9-1ubuntu4.21
Resource Hash
ba3496d0b149346287bb373818262a5e81e93fc8a7492955c98e61ba4d522e1f

Request headers

Pragma
no-cache
Origin
https://m.heise.de
Accept-Encoding
gzip, deflate, sdch, br
Host
h-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Origin
https://m.heise.de

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.21
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
843
Expires
Mon, 24 Apr 2017 09:59:56 GMT
/
sync.ligadx.com/ Frame 3031
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEN01JxM2x7VWqmLdeQpEn3s&google_cver=1&ssp=ligatus
  • https://sync.ligadx.com/?dspid=11&uid=dbdcede9-acde-416a-b9e4-eb6b48325daa
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ligadx.com/?dspid=11&uid=dbdcede9-acde-416a-b9e4-eb6b48325daa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.242.85 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
85.242.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/?dspid=11&uid=dbdcede9-acde-416a-b9e4-eb6b48325daa
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
sync.ligadx.com
cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a
:scheme
https
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
via
1.1 google
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
status
204
content-type
text/html
access-control-allow-origin
*
set-cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a; Max-Age=33696000; Expires=Fri, 18 May 2018 09:59:56 GMT; Path=/; Domain=.ligadx.com LIG_U11=dbdcede9-acde-416a-b9e4-eb6b48325daa; Max-Age=2592000; Expires=Tue, 23 May 2017 09:59:56 GMT; Path=/; Domain=.ligadx.com
alt-svc
clear
content-length
0

Redirect headers

Location
//sync.ligadx.com/?dspid=11&uid=dbdcede9-acde-416a-b9e4-eb6b48325daa
Date
Sun, 23 Apr 2017 09:59:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.7.10
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.ligadx.com/ Frame 3031
Redirect Chain
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.ligadx.com%2F%3Fdspid%3D16%26uid%3D%24UID
  • https://sync.ligadx.com/?dspid=16&uid=1671154635584065808
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ligadx.com/?dspid=16&uid=1671154635584065808
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.242.85 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
85.242.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/?dspid=16&uid=1671154635584065808
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
sync.ligadx.com
cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a
:scheme
https
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
via
1.1 google
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
status
204
content-type
text/html
access-control-allow-origin
*
set-cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a; Max-Age=33696000; Expires=Fri, 18 May 2018 09:59:56 GMT; Path=/; Domain=.ligadx.com LIG_U16=1671154635584065808; Max-Age=2592000; Expires=Tue, 23 May 2017 09:59:56 GMT; Path=/; Domain=.ligadx.com
alt-svc
clear
content-length
0

Redirect headers

Date
Sun, 23 Apr 2017 09:59:58 GMT
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 201.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.180:80
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f968f459-e6ba-408f-b24e-49c5c6e4d109
Server
nginx/1.11.5
Content-Type
text/html; charset=utf-8
Location
https://sync.ligadx.com/?dspid=16&uid=1671154635584065808
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Set-Cookie
sess=1; Path=/; Max-Age=86400; Expires=Mon, 24-Apr-2017 09:59:58 GMT; Domain=.adnxs.com; HttpOnly uuid2=1671154635584065808; Path=/; Max-Age=7776000; Expires=Sat, 22-Jul-2017 09:59:58 GMT; Domain=.adnxs.com; HttpOnly
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.ligadx.com/ Frame 3031
Redirect Chain
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=kvw1upm&ttd_tpi=1
  • https://sync.ligadx.com/?dspid=20&uid=778f7a98-831c-4a8b-aaa6-5e17234eb6bb
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ligadx.com/?dspid=20&uid=778f7a98-831c-4a8b-aaa6-5e17234eb6bb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.242.85 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
85.242.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/?dspid=20&uid=778f7a98-831c-4a8b-aaa6-5e17234eb6bb
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
sync.ligadx.com
cookie
LIG_U22=6412135329663678488; LIG_U11=dbdcede9-acde-416a-b9e4-eb6b48325daa; LIG_U16=1671154635584065808; LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a; LIG_U20=778f7a98-831c-4a8b-aaa6-5e17234eb6bb
:scheme
https
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
via
1.1 google
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
status
204
content-type
text/html
access-control-allow-origin
*
set-cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a; Max-Age=33696000; Expires=Fri, 18 May 2018 09:59:56 GMT; Path=/; Domain=.ligadx.com LIG_U20=778f7a98-831c-4a8b-aaa6-5e17234eb6bb; Max-Age=2592000; Expires=Tue, 23 May 2017 09:59:56 GMT; Path=/; Domain=.ligadx.com
alt-svc
clear
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2017 09:59:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location
https://sync.ligadx.com/?dspid=20&uid=778f7a98-831c-4a8b-aaa6-5e17234eb6bb
Set-Cookie
TDID=778f7a98-831c-4a8b-aaa6-5e17234eb6bb; domain=.adsrvr.org; expires=Mon, 23-Apr-2018 09:59:55 GMT; path=/ TDCPM=CAESFgoHa3Z3MXVwbRILCMqVkuuwjoU1EAUYBSABKAIyCwiYlIiPx46FNRAFOAE.; domain=.adsrvr.org; expires=Mon, 23-Apr-2018 09:59:55 GMT; path=/
Cache-Control
private,no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Content-Length
179
/
sync.ligadx.com/ Frame 3031
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=22
  • https://sync.ligadx.com/?dspid=22&uid=6412135329663678488
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ligadx.com/?dspid=22&uid=6412135329663678488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.242.85 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
85.242.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/?dspid=22&uid=6412135329663678488
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
sync.ligadx.com
cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a
:scheme
https
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
via
1.1 google
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
status
204
content-type
text/html
access-control-allow-origin
*
set-cookie
LIG_ULT=af767ebc-e4b7-450a-ade5-91172e31838a; Max-Age=33696000; Expires=Fri, 18 May 2018 09:59:56 GMT; Path=/; Domain=.ligadx.com LIG_U22=6412135329663678488; Max-Age=2592000; Expires=Tue, 23 May 2017 09:59:56 GMT; Path=/; Domain=.ligadx.com
alt-svc
clear
content-length
0

Redirect headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://sync.ligadx.com/?dspid=22&uid=6412135329663678488
Connection
keep-alive
Set-Cookie
UserID1=6412135329663678488;Path=/;Domain=.adfarm1.adition.com;Expires=Fri, 20-Oct-2017 09:59:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
t1-1481122230.php
h-ssl.ligatus.com/tm/template/ Frame 3031 		1 KB
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h-ssl.ligatus.com/tm/template/t1-1481122230.php
Requested by
Host: ssl.ligatus.com
URL: https://ssl.ligatus.com/render/ligrend.js?ts=4.23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx / PHP/5.5.9-1ubuntu4.21
Resource Hash
5c3c7174f3a4414a74e1e53f1efcf0c7d9e9a01f57e9c92246df36514d196676

Request headers

Pragma
no-cache
Origin
https://m.heise.de
Accept-Encoding
gzip, deflate, sdch, br
Host
h-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Origin
https://m.heise.de

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.21
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
567
Expires
Mon, 24 Apr 2017 09:59:56 GMT
css
fonts.googleapis.com/ Frame 3031 		2 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: ssl.ligatus.com
URL: https://ssl.ligatus.com/render/ligrend.js?ts=4.23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c07::5f , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
90b7db01856722141b7c908561c3de988efa79c1aef59218d73cb7a7cbf1e309
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Open+Sans
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Sun, 23 Apr 2017 09:59:56 GMT
content-encoding
br
last-modified
Sun, 23 Apr 2017 09:59:56 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-frame-options
SAMEORIGIN
status
200
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2017 09:59:56 GMT
oba-icon.svg
i-ssl.ligatus.com/com_global_img/ Frame 3031 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/com_global_img/oba-icon.svg
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
6a5426895a9e599a1748253917814d91784e8d887828cb203dc5f5449a6b9fae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Tue, 14 Jun 2016 12:45:11 GMT
Server
nginx
ETag
"d7803b-a2a-5353c602683c0"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2602
Expires
Mon, 24 Apr 2017 09:59:56 GMT
truncated
/ Frame 3031 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36d5893b9e2567078e6a9c80b361473e166811ef9ceb13029991bc8f356c11dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Content-Type
img/png;charset=US-ASCII
ligatus-logo-horizontal-full-black.svg
i-ssl.ligatus.com/com_global_img/ Frame 3031 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/com_global_img/ligatus-logo-horizontal-full-black.svg
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
a647e31ea43a4fcb8191e90c79d0c87395badd4084bb7b5e1784597325218da9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Thu, 09 Jun 2016 15:00:48 GMT
Server
nginx
ETag
"d7803a-883-534d9aff26800"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2179
Expires
Mon, 24 Apr 2017 09:59:56 GMT
138_B14_138.jpg
i-ssl.ligatus.com/dmu/is/1/1/7/1/0/0/5/ Frame 3031 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/dmu/is/1/1/7/1/0/0/5/138_B14_138.jpg
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
1499dbf5b1d056a7a399a0ac78c74407077369fccbd9c84657aabd037bdc9d82

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Tue, 08 Dec 2015 13:08:35 GMT
Server
nginx
ETag
"ffffffffe55e0058-38ea-52662abd3fac0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14570
Expires
Mon, 24 Apr 2017 09:59:56 GMT
blank.gif
i-ssl.ligatus.com/ Frame 3031
Redirect Chain
  • https://trk.helios.ligatus.com/imp?z=AAJ9HIj_jgZMQld2Vbk2ZHWFlAcW8NV6e0WzLfuHb_bYlHuUG9j4NC6yOstkNqQhFX3dTu7w7N2cjsl95Q3Y4WlQ-G2nn8oyhBqYu5QDvvWumPg8uueWu5CSrwBAs4lWz9r4gq9S2TsJEZr9yA8RK4HtvRQhko44...
  • https://i-ssl.ligatus.com/blank.gif
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/blank.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Tue, 13 May 2014 08:25:53 GMT
Server
nginx
ETag
"e4805f-2b-4f943cfe72640"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 24 Apr 2017 09:59:56 GMT

Redirect headers

date
Sun, 23 Apr 2017 09:59:56 GMT
via
1.1 google
status
302
content-type
text/html
location
https://i-ssl.ligatus.com/blank.gif
cache-control
no-cache must-revalidate
alt-svc
clear
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
blank.gif
i-ssl.ligatus.com/ Frame 3031
Redirect Chain
  • https://x.ligatus.com/61545-4393/135-3175/1056952-656136-57_1057904-678420-57/1/57/1/1/1492941596232/0//
  • https://i-ssl.ligatus.com/blank.gif
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/blank.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Tue, 13 May 2014 08:25:53 GMT
Server
nginx
ETag
"e4805f-2b-4f943cfe72640"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 24 Apr 2017 09:59:56 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2017 09:59:56 GMT
Server
nginx
Content-Type
text/html
Location
https://i-ssl.ligatus.com/blank.gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
160
Expires
Thu, 01 Jan 1970 00:00:01 GMT
138_de_midseason-sale_men_170418_138x115n.jpg
i-ssl.ligatus.com/dmu/is/1/3/0/0/8/7/2/ Frame 3031 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/dmu/is/1/3/0/0/8/7/2/138_de_midseason-sale_men_170418_138x115n.jpg
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
506d1c03d849d85a084901d81b8589ff0c0db4f1ad327f086b918a3032bdf533

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Thu, 13 Apr 2017 08:38:02 GMT
Server
nginx
ETag
"ffffffffee20696a-cd2-54d083e308e80"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3282
Expires
Mon, 24 Apr 2017 09:59:56 GMT
Cookie set ai.aspx
m.exactag.com/ Frame 3031 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?tc=819cc2dcb1bd36c8c4c31c1b08d3c622&url=
Requested by
Host: m.heise.de
URL: https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.7 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
m.exactag.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2017 09:59:55 GMT
Last-Modified
So, 23 Apr 2017 09:59:56 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Set-Cookie
exactag_new_uk=764e09581bac4250ac78e94cf20849d0%7c; expires=Mon, 23-Apr-2018 09:59:56 GMT; path=/ session_session=3e0847a3c73b4e22b331166a; path=/
Cache-Control
private
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
blank.gif
i-ssl.ligatus.com/ Frame 3031
Redirect Chain
  • https://trk.helios.ligatus.com/imp?z=H5V_rxFNmR79QGfRYwkCHtGxlW9dEJ7iWAdN3c5G9bbCHmLMhOCiCBgB5Jb-yj0bq5QeH2gdbZj2kLygqqeVZl3raruW-_fzyTawHFSJ-xvJ_KorfpzJzLeSeOPBkaZjtxty33d36kQFQoy2LCOHKX3CuqEPSRzy...
  • https://i-ssl.ligatus.com/blank.gif
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/blank.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Tue, 13 May 2014 08:25:53 GMT
Server
nginx
ETag
"e4805f-2b-4f943cfe72640"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 24 Apr 2017 09:59:56 GMT

Redirect headers

date
Sun, 23 Apr 2017 09:59:56 GMT
via
1.1 google
status
302
content-type
text/html
location
https://i-ssl.ligatus.com/blank.gif
cache-control
no-cache must-revalidate
alt-svc
clear
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
logo-ligatus_frei_58x15.gif
i-ssl.ligatus.com/com_global_img/ Frame 3031 		136 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-ssl.ligatus.com/com_global_img/logo-ligatus_frei_58x15.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.184.60 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-184-60.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
b2c6e34d4faef442517d482be50493de8ae9bd510bd863dcc2db4dcc3619900b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
i-ssl.ligatus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sun, 23 Apr 2017 09:59:56 GMT
Last-Modified
Wed, 02 Sep 2015 05:33:37 GMT
Server
nginx
ETag
"d78027-88-51ebd02222e40"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136
Expires
Mon, 24 Apr 2017 09:59:56 GMT
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ Frame 3031 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c07::5e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
pragma
no-cache
origin
https://m.heise.de
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://m.heise.de/forum/heise-online/News-Kommentare/In-Deutschland-grassieren-Erpressungs-Trojaner-so-schuetzen-Sie-sich/Re-der-Unterschied-zwischen-DOC-und-DOCX/posting-24737797/show/
Origin
https://m.heise.de

Response headers

date
Sun, 23 Apr 2017 02:38:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:45:29 GMT
server
sffe
age
26503
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
10352
x-xss-protection
1; mode=block
expires
Mon, 23 Apr 2018 02:38:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widget.whatsbroadcast.com
URL
https://widget.whatsbroadcast.com/widget_more/b11ad2c26cdd1a0bcb972e5446397bd2/
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.heise.de/ Name: wt3_eid
Value: %3B288689636920174%7C2149294159500134655%232149294159500326133
.heise.de/ Name: wt_rla
Value: 288689636920174%2C2%2C1492941595835
m.heise.de/forum/ Name: u2uforum_properties
Value: eNqrVoqPL8nMTS0uScwtULIyNLE0sjQxNLU01VGKL85MUbJSSjcLCIjX9Xcry8s3V6oFAG9LDo8%253D_X_648533427263b76d7249e5ec3475ba70828f1ce3
.heise.de/ Name: wt3_sid
Value: %3B288689636920174
.heise.de/ Name: __gads
Value: ID=fc63ef3402517a28:T=1492941595:S=ALNI_MYgxahlZBhDpW4cUr1K4kzblz-psg

1 Console Messages

Source Level URL
Text
console-api log URL: https://ssl.ligatus.com/render/ligrend.js?ts=4.23(Line 28)
Message:
No page URL detected. Skipping RCE call...

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-ssl.ligatus.com
advertiser.wbtrk.net
adx.ligadx.com
d1r27qvpjiaqj3.cloudfront.net
de.ioam.de
fonts.googleapis.com
fonts.gstatic.com
h-ssl.ligatus.com
heise.nuggad.net
i-ssl.ligatus.com
m.exactag.com
m.heise.de
pagead2.googlesyndication.com
ping.chartbeat.net
prophet.heise.de
script.ioam.de
securepubads.g.doubleclick.net
ssl.ligatus.com
static.chartbeat.com
sync.ligadx.com
tpc.googlesyndication.com
widget.whatsbroadcast.com
www.googletagservices.com
www1.mpnrs.com
tpc.googlesyndication.com
widget.whatsbroadcast.com
107.178.242.85
130.211.5.178
151.101.12.249
185.54.150.115
185.54.150.27
213.202.235.7
2a00:1450:4001:80b::2002
2a00:1450:400c:c07::5e
2a00:1450:400c:c07::5f
2a00:1450:400c:c07::84
2a00:cd0:1005:2:80:82:201:80
2a02:2e0:3fe:1001:7777:772e:0:88
52.84.126.74
54.225.73.95
62.216.176.7
74.125.133.154
91.215.103.64
91.215.103.65
95.100.184.60
08d8ada55dcb398926da41663c226d048e8a989738412990238707ac031a02ad
0985570d3bf888373fb58931e654d1771278937b2a07334a316f81a3cc034ce8
1499dbf5b1d056a7a399a0ac78c74407077369fccbd9c84657aabd037bdc9d82
20135d565026309fde360f6a9a7e4445a3d1dfb346ed72028e129c09ee4a7e4a
24cb95f17f2344811a610ac502e29096617ff06ff0fe4b98fd8dc66a3efe8dc3
2563ac3fd9be184379bbf0646f06ffe3b3193c0f7d338768b361c7df9d5a7249
33e66f32381e090ba280f70baab9ab6347ac292ccb89ab5bf88f25a0a3b58d3f
36d5893b9e2567078e6a9c80b361473e166811ef9ceb13029991bc8f356c11dc
3bc4b5ac2306046848effeff94d99c3cfa90aecbd5aa6792d2793e2196fa900e
46fc3abec33919f3a5c80d4bbd165e1a2db41b1139f122d5578a38eec399e603
4e0fb7ec88b2a7261510b6505861e7e60d7c6ac9f2e99ce39aefe34a77e997e0
4e98d6d416020ba9573c95f3d6fe665da79a6e61078e646b4391c2dc057e275b
506d1c03d849d85a084901d81b8589ff0c0db4f1ad327f086b918a3032bdf533
5c3c7174f3a4414a74e1e53f1efcf0c7d9e9a01f57e9c92246df36514d196676
6a5426895a9e599a1748253917814d91784e8d887828cb203dc5f5449a6b9fae
6fe4f7d286323fef39e81d9cdbdbf463941ebe9c1044e19653967369bdb34240
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
743119ed81d4b97c4bec713686e9f4003941b4f8d70b4096b74f7eb689da4828
785348d9a0daa64772902040576b674bfa92df0fa13cdbcadc29215c0f3ffe63
82215c02c18b46e5ae324e4433cab70b7dc86d1ee360118d831317a84dc201d7
89715a905e7a2dfea37a59fce672cad544d3eada561f1828d11b454b9ce8ed17
8e88d517af78db9909c2afbb04df73ba7c5eff5ffa614ce4772af6c368e34436
90b7db01856722141b7c908561c3de988efa79c1aef59218d73cb7a7cbf1e309
9456884a5ec8c28cc03ea826a0cccfbe206a2f010538c67320707898c3913e24
96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810
9e6bea63ecf9d28601ab35b536584c10ed6c4c5c1e5b81798b0de06c2ca30c65
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a647e31ea43a4fcb8191e90c79d0c87395badd4084bb7b5e1784597325218da9
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a5d22aa1106121253843cb0becff9d9d4f4aa07780350c667b0dbd6d44e254
b2c6e34d4faef442517d482be50493de8ae9bd510bd863dcc2db4dcc3619900b
ba3496d0b149346287bb373818262a5e81e93fc8a7492955c98e61ba4d522e1f
bd580e2aa853fcbd14b49d3747cd2e53444283491b3c89fe6b48b6907bcef21b
c99addca116aa8d683cdc5dd2b09437e54c3286ade46c390c138b97c334f891a
ce7b16801db98924379d31ed27197ea4c76a11dc4d95c561560c384a8027b3f4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db80aa85fc1c6c90aa87610e9356fa50ddc511100fb73850098deeddee2d5ac4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead8c15c8a48f00560e696b4d9990cfdd14f974f4bbacce076e87ba2e3efb73b
f2c5ddf96e1729c5f766a36923fe43d8f45078e5612e5f708342fc04c3a15040
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b