www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Effective URL:
https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Submission: On May 23 via manual (May 23rd 2022, 10:31:42 am UTC) from IN — Scanned from DE

Summary HTTP 59 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 4 domains to perform 59 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:2:85, located in Germany and belongs to PLUSLINE, DE. The main domain is www.heise.de. The Cisco Umbrella rank of the primary domain is 65876.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2020. Valid for: 2 years.

This is the only time www.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 37	2a02:2e0:3fe:... 2a02:2e0:3fe:1001:7777:772e:2:85	12306 (PLUSLINE) (PLUSLINE)
8	65.9.63.126 65.9.63.126	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:206... 2600:9000:206f:7a00:b:f730:9800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.54.150.22 185.54.150.22	60164 (WEBTREKK-AS) (WEBTREKK-AS)
3	2606:4700:10:... 2606:4700:10::6816:26e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.54.150.11 185.54.150.11	60164 (WEBTREKK-AS) (WEBTREKK-AS)
4	185.54.150.12 185.54.150.12	60164 (WEBTREKK-AS) (WEBTREKK-AS)
2	185.54.150.27 185.54.150.27	60164 (WEBTREKK-AS) (WEBTREKK-AS)
59	9

37 2a02:2e0:3fe:1001:7777:772e:2:85 (Germany) 2 redirects

ASN12306 (PLUSLINE, DE)

www.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data-fb7f8b3ae8.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.63.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-126.fra56.r.cloudfront.net

cmp.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:7a00:b:f730:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)

heise.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)

responder.wt.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:26e (United States)

ASN13335 (CLOUDFLARENET, US)

files.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit-pool.upscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.11 (Germany)

ASN60164 (WEBTREKK-AS, DE)

cdn.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.54.150.12 (Germany)

ASN60164 (WEBTREKK-AS, DE)

r.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.27 (Germany)

ASN60164 (WEBTREKK-AS, DE)

prophet.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	heise.de 2 redirects www.heise.de — Cisco Umbrella Rank: 65876 cmp.heise.de — Cisco Umbrella Rank: 148339 responder.wt.heise.de — Cisco Umbrella Rank: 200764 data-fb7f8b3ae8.heise.de — Cisco Umbrella Rank: 180126 prophet.heise.de — Cisco Umbrella Rank: 215904	856 KB
5	mateti.net cdn.mateti.net — Cisco Umbrella Rank: 61765 r.mateti.net — Cisco Umbrella Rank: 88987	45 KB
5	cloudimg.io heise.cloudimg.io — Cisco Umbrella Rank: 111152	101 KB
3	upscore.com files.upscore.com — Cisco Umbrella Rank: 60273 hit-pool.upscore.com — Cisco Umbrella Rank: 48702	15 KB
59	4

	Domain	Requested by
32	www.heise.de	2 redirects www.heise.de
8	cmp.heise.de	www.heise.de cmp.heise.de
5	data-fb7f8b3ae8.heise.de	www.heise.de data-fb7f8b3ae8.heise.de
5	heise.cloudimg.io	www.heise.de
4	r.mateti.net	cdn.mateti.net
2	prophet.heise.de	www.heise.de
2	files.upscore.com	www.heise.de files.upscore.com
1	hit-pool.upscore.com	files.upscore.com
1	cdn.mateti.net	responder.wt.heise.de
1	responder.wt.heise.de	www.heise.de
59	10

This site contains links to these domains. Also see Links.

Domain
www.techstage.de
jobs.heise.de
bildung.heise.de
business-services.heise.de
tarifrechner.heise.de
spiele.heise.de
shop.heise.de
www.heise-events.de
www.heise-gruppe.de
mediadaten.heise.de
getpocket.com
app-eu.readspeaker.com
pubads.g.doubleclick.net
www.facebook.com
twitter.com
www.linkedin.com
reddit.com
heise.de
www.interred.de
www.plusline.net

Subject Issuer	Validity	Valid
www.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
cmp.heise.de R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
*.cloudimg.io GeoTrust RSA CA 2018	`2020-06-01` - `2022-06-01`	2 years	crt.sh
responder.wt.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-07-17` - `2022-10-15`	2 years	crt.sh
data-fb7f8b3ae8.heise.de R3	`2022-05-13` - `2022-08-11`	3 months	crt.sh
*.upscore.com Go Daddy Secure Certificate Authority - G2	`2021-11-28` - `2022-12-30`	a year	crt.sh
*.mateti.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-22`	a year	crt.sh
prophet.heise.de Sectigo RSA Domain Validation Secure Server CA	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Frame ID: E388265F83177F9B015A216C0809AECB
Requests: 50 HTTP requests in this frame

Frame: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
Frame ID: 5066747F5DD398500FD3BA4910ECBFC2
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petya: Erpressungs-Trojaner riegelt gesamten Rechner ab | heise online heise online Logoheise-BotPush Nachrichtenheise online Logoheise-BotPush Nachrichtencomments_outline_whiteheise-BotPush Nachrichten

Page URL History Show full URLs

http://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-a... HTTP 301
https://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-a... HTTP 301
https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

38 %
IPv6

4
Domains

10
Subdomains

9
IPs

2
Countries

1017 kB
Transfer

2686 kB
Size

15
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techstage.de/
Title: TechStage

Search URL Search Domain Scan URL

URL: https://jobs.heise.de/
Title: Stellenmarkt heise Jobs

Search URL Search Domain Scan URL

URL: https://bildung.heise.de/
Title: Weiterbildung

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/
Title: Whitepaper/Webcasts

Search URL Search Domain Scan URL

URL: https://tarifrechner.heise.de/dsl/
Title: DSL-Vergleich

Search URL Search Domain Scan URL

URL: https://spiele.heise.de/
Title: Spielen bei Heise

Search URL Search Domain Scan URL

URL: https://shop.heise.de/
Title: heise Shop

Search URL Search Domain Scan URL

URL: https://shop.heise.de/zeitschriften-abo/
Title: Abo

Search URL Search Domain Scan URL

URL: https://www.heise-events.de/
Title: Veranstaltungen

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/artikel/Heise-als-Arbeitgeber-1812545.html
Title: Arbeiten bei Heise

Search URL Search Domain Scan URL

URL: https://mediadaten.heise.de/
Title: Mediadaten

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/presse/
Title: Presse

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Title: In Pocket speichern

Search URL Search Domain Scan URL

URL: https://app-eu.readspeaker.com/cgi-bin/rsent?customerid=4407&lang=de_de&readid=meldung&url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html%3Fseite%3Dall
Title: vorlesen

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6022565501&iu=/6514/www.heise.de/clicktracking/textlink
Title: Mitmachen! Heise-Leser testen PCs von MSI

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=6020473572&iu=/6514/www.heise.de/clicktracking/textlink
Title: Udemy Sale: Bis zu 85 Prozent Rabatt

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6018556218&iu=/6514/www.heise.de/clicktracking/textlink
Title: Mehr Nachhaltigkeit durch modernes Deployment

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6013448544&iu=/6514/www.heise.de/clicktracking/textlink
Title: Gaia-X – die souveräne europäische Cloud

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6012554154&iu=/6514/www.heise.de/clicktracking/textlink
Title: Chrome OS: Das bessere Betriebssystems

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6008487248&iu=/6514/www.heise.de/clicktracking/textlink
Title: So geht intelligentes Gebäudemanagement

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6005590441&iu=/6514/www.heise.de/clicktracking/textlink
Title: OPPO Find X5 Pro: Fotos und Videos auf professionellem Niveau

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6005641378&iu=/6514/www.heise.de/clicktracking/textlink
Title: Mehr Flexibilität durch Infrastructure as Code

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6006197210&iu=/6514/www.heise.de/clicktracking/textlink
Title: Zuverlässiger Zugriff dank Zero Trust

Search URL Search Domain Scan URL

URL: https://pubads.g.doubleclick.net/gampad/clk?id=6005088149&iu=/6514/www.heise.de/clicktracking/textlink
Title: Wie IT zu nachhaltigem Wirtschaften beitragen kann

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html&text=Erpressungs-Trojaner+Petya+riegelt+den+gesamten+Rechner+ab+%7C+Security

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html&title=Erpressungs-Trojaner+Petya+riegelt+den+gesamten+Rechner+ab

Search URL Search Domain Scan URL

URL: https://heise.de/-3150917
Title: https://heise.de/-3150917

Search URL Search Domain Scan URL

URL: http://www.interred.de/
Title: Content Management by InterRed

Search URL Search Domain Scan URL

URL: https://www.plusline.net/
Title: Hosted by Plus.line

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/heise-medien.html
Title: Copyright © 2022 Heise Medien

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html HTTP 301
https://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html HTTP 301
https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html Show response
www.heise.de/security/meldung/
Redirect Chain

http://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
https://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

152 KB
34 KB

21ms
20ms

Document
text/html

2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

05853238df8ba102d75e6ff751b5f598268737a9271a4d3c7725b30aa277e5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9152
cache-control: no-store
content-encoding: gzip
content-length: 34173
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 07:59:03 GMT
last-modified: Mon, 23 May 2022 07:59:03 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding, X-Export-Format, X-Export-Agent, X-Export-IAP
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

age: 42434
cache-control: no-store
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 22:44:21 GMT
last-modified: Sun, 22 May 2022 22:44:21 GMT
location: /security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
server: nginx
strict-transport-security: max-age=15768000
vary: X-Export-Format, X-Export-Agent, X-Export-IAP
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 ss3vf.c70.ltc.woff2
www.heise.de/assets/styles/fonts/ 54 KB
54 KB 20ms
20ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ss3vf.c70.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:52 GMT
server: nginx
age: 3333
etag: "62860f78-d648"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 54856
x-xss-protection: 1; mode=block

GET
H2 200 ss3vf-i.ec7.ltc.woff2
www.heise.de/assets/styles/fonts/ 43 KB
43 KB 40ms
40ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ss3vf-i.ec7.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

bd096226d9b1615254aa29ae8b2c4bb1f778d1cf79f0386f5fcd05a303f04e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:51 GMT
server: nginx
age: 3313
etag: "62860f77-ab88"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 43912
x-xss-protection: 1; mode=block

GET
H2 200 checkmark.cb5.ltc.svg
www.heise.de/assets/styles/icons/ 125 B
270 B 28ms
28ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/styles/icons/checkmark.cb5.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

390c6d9eb61636ca901141763d76b6ab1868d4e47c8da14b254589c3f06af6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:53 GMT
server: nginx
age: 3333
etag: W/"62860f79-7d"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 133
x-xss-protection: 1; mode=block

GET
H2 200 common-icons.svg
www.heise.de/icons/ 16 KB
6 KB 23ms
21ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/common-icons.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f19c10e93bc7fbff0bdb80d8e3b3e222ba26e5b3ea635d7f4aa40fa6d3c53041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 14:06:47 GMT
server: nginx
age: 4403
etag: "610bf077-3ee6"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5667
x-xss-protection: 1; mode=block

GET
H2 200 chevron-right.17c.ltc.svg
www.heise.de/assets/styles/icons/ 131 B
261 B 22ms
21ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/styles/icons/chevron-right.17c.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

c57f1314eb0f200130c1130315d3181ef1f55b98d308dfb78728b5755a488271

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:51 GMT
server: nginx
age: 3333
etag: W/"62860f77-83"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 137
x-xss-protection: 1; mode=block

GET
H2 200 chevron-right-dark.c3f.ltc.svg
www.heise.de/assets/styles/icons/ 134 B
261 B 23ms
22ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/styles/icons/chevron-right-dark.c3f.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

644214a98594f84adcea7bc384f1370435ea6f8ef811b84d1083e4975baedef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:51 GMT
server: nginx
age: 3333
etag: W/"62860f77-86"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 137
x-xss-protection: 1; mode=block

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmp.heise.de/ 155 KB
45 KB 107ms
23ms Script
application/javascript 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12fdf0a5ed78912bff955cc1780e997f58f903465f3033f7563c82bfa15c1886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 18 May 2022 17:35:16 GMT
server: AmazonS3
age: 3319
etag: W/"d28dcbdf1cb0bacb6629976803a40597"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Mon, 23 May 2022 09:36:17 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JPoH-FzMDyx2T2X0FZF4a6qzgi1kdZ5aKNrusldIhlJKu5iXpat11g==

GET
H2 200 ho.css
www.heise.de/assets/heise/ho/css/ 284 KB
43 KB 40ms
40ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/css/ho.css?.ltc.ae15afc532d494c690a1

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

b2c2fbb503fd72737044eb6d5b1ae348ec7cd65b3cb4f95aae979ee293f6e900

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 14:33:05 GMT
server: nginx
age: 7088
etag: W/"6287a6a1-46e6b"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 43254
x-xss-protection: 1; mode=block

GET
H2 200 akwa.js Show response
www.heise.de/assets/akwa/v24/js/ 371 KB
97 KB 24ms
23ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

2b0b75032bd22521e1020b7da6554a8e297a046f1dfe1ca9a0fd6a2c92691027

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:20 GMT
server: nginx
age: 6013
etag: W/"628b4b08-5cbe1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 98746
x-xss-protection: 1; mode=block

GET
H2 200 ho.js Show response
www.heise.de/assets/heise/ho/js/ 120 KB
39 KB 24ms
22ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/ho/js/ho.js?.ltc.b01daee34d2ee52dd3bd

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

605173585c53d1297eae39a7d39bc4a0864034af38763f83f0d6d4c64be85df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 14:32:59 GMT
server: nginx
age: 7080
etag: "6287a69b-1e0e9"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 39162
x-xss-protection: 1; mode=block

GET
H2 200 akwa.css
www.heise.de/assets/akwa/v24/css/ 38 KB
7 KB 22ms
22ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/css/akwa.css?.ltc.0063eda219c9ee8b7423

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

edc212b0421ff8ebb1892f544cb8c07ed027bb7a4dcb4f905a2a00f4a9f738ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:19 GMT
server: nginx
age: 6013
etag: W/"628b4b07-96ca"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 6644
x-xss-protection: 1; mode=block

GET
H2 200 hobell.css
www.heise.de/assets/heise/hobell/css/ 83 KB
15 KB 24ms
23ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/hobell/css/hobell.css?.ltc.9cf2d731c2e55a7c0d3e

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

92bbb1ca87506873be4995d72bd1ddd3850de9bcdd9b91bc3a66386df04a43fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 14:32:56 GMT
server: nginx
age: 7098
etag: W/"6287a698-14d20"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 15222
x-xss-protection: 1; mode=block

GET
H2 200 petya-screen-1fd4397f39945381.jpeg
heise.cloudimg.io/width/696/q50.png-lossy-50.webp-lossy-50.foil1/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/ 21 KB
22 KB 411ms
332ms Image
image/webp 2600:9000:206f:7a00:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/width/696/q50.png-lossy-50.webp-lossy-50.foil1/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/petya-screen-1fd4397f39945381.jpeg

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7a00:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer / cloudimage.io

Resource Hash

5758e9d3e47d63a16326627d601099f8d01193594a150aa6e5bab17af1bb326d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: cloudimage.io
x-cache: Miss from cloudfront
x-transition-hexa: hh1:3a__hh2:89__hh:eu-ov-370zscal3fl3xcom_tint:2_tint1:0_tint2:1_tdwndns:5_tdwntfb:56_tdwntot:84_tdwn:88_tcre:6_trsz:71_tpop:164_tsve:121_ttst:0_tfin:285
x-resource-status: downloaded
content-length: 22012
x-xss-protection: 1
x-resource-length: 141929
timing-allow-origin: *
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 370zL97_v6x_WWnXj33018968391
etag: "36410a12616ab058baee9648545e67b2"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, stale-while-revalidate=86400, public
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-resource-version: 20220523_103137_e67eace1897dc45d6f75fcd6b13a854a
x-amz-cf-id: H6FDeYkub6pldHGiue_aPe9qxV1cwMM2QwqJufoKQ5IxWR7rF4KD_Q==

GET
H2 200 Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
www.heise.de/ivw-bin/ivw/CP/security/meldung/ 43 B
232 B 42ms
41ms Image
image/gif 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/ivw-bin/ivw/CP/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2011 15:58:20 GMT
server: nginx
age: 0
etag: "4d385b9c-2b"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 23 May 2022 10:31:36 GMT

GET
H2 200 common-icons.svg
www.heise.de/icons/ 16 KB
6 KB 42ms
31ms Other
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/icons/common-icons.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f19c10e93bc7fbff0bdb80d8e3b3e222ba26e5b3ea635d7f4aa40fa6d3c53041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 14:06:47 GMT
server: nginx
age: 4403
etag: "610bf077-3ee6"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5667
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 native-message
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ Frame 0
0 67ms
24ms Preflight
text/plain 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%229372e3b1-ca8e-4be0-81c6-1b117f47d74e%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-126.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.heise.de
cache-control: no-cache, no-store
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 23 May 2022 10:31:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-amz-cf-id: eVcM-zwt1kQ3ik3ZCm_lQMXEqUL3564a9QzhbcH3omVnKV9n6MqO6A==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 native-message Show response
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ 76 KB
9 KB 55ms
55ms XHR
application/json 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-126.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

eb6d997378bb32df40e0ef1110b1aa5a325e4f7fe4ded6b64ee8c57f37a982f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 May 2022 10:31:36 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heise.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: c1inklW4rJqxknc5yn0-XMPDDQ2QT_Fz83nA9OF3NIlL1Dbc7cv0Ww==
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)

GET
H2 200 urls Show response
www.heise.de/sso/login/ 361 B
388 B 82ms
82ms Fetch
application/json 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/sso/login/urls

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

704ad66c84d66bf6520bace5546c5c85d95445af51eacd3232dc0de9c162a4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 10:31:36 GMT
server: nginx
age: 0
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.heise.de
cache-control: private,must-revalidate,max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=15768000
vary: Accept-Encoding, Cookie
content-length: 176
x-xss-protection: 1; mode=block

GET
H2 200 vendors~gallery.css
www.heise.de/assets/akwa/v24/css/ 40 KB
9 KB 21ms
20ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/css/vendors~gallery.css

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

9acc9205045b06d002103174e1a84df9bdc68b347fb2886259cc3c9588f39a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:22 GMT
server: nginx
age: 6013
etag: W/"628b4b0a-a0a4"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 9549
x-xss-protection: 1; mode=block

GET
H2 200 vendors~gallery.1ac753.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 124 KB
40 KB 21ms
20ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~gallery.1ac753.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

610ed92c053e57d03624757926e3d880ed4c122d77d322dd30752a20d7c7ca0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:20 GMT
server: nginx
age: 6013
etag: W/"628b4b08-1f06e"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 40694
x-xss-protection: 1; mode=block

GET
H2 200 gallery.d17dd4.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 748 B
569 B 22ms
21ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/gallery.d17dd4.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

79c2c48a4440f6c02cbf1dc669442be11d9a25229167698226def9864008b957

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:18 GMT
server: nginx
age: 6013
etag: W/"628b4b06-2ec"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 445
x-xss-protection: 1; mode=block

GET
H2 200 vendors~prebid.d69d2e.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
66 KB 22ms
22ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prebid.d69d2e.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:20 GMT
server: nginx
age: 6013
etag: W/"628b4b08-36dc1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 67586
x-xss-protection: 1; mode=block

GET
H2 200 prebid.00b78c.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
325 B 22ms
21ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.00b78c.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:22 GMT
server: nginx
age: 6013
etag: W/"628b4b0a-fa"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 203
x-xss-protection: 1; mode=block

GET
H2 200 vendors~prismjs.7bbe8e.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
25 KB 40ms
40ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prismjs.7bbe8e.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:22 GMT
server: nginx
age: 6013
etag: W/"628b4b0a-122d1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 25501
x-xss-protection: 1; mode=block

GET
H2 200 prismjs.2df4eb.ltc.js
www.heise.de/assets/akwa/v24/js/ 0
403 B 39ms
39ms Other
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prismjs.2df4eb.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:20 GMT
server: nginx
age: 6013
etag: W/"628b4b08-1c1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 279
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 288689636920174 Show response
responder.wt.heise.de/resp/api/get/ 171 KB
44 KB 135ms
25ms Script
text/javascript 185.54.150.22
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html&v=5
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.22 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c9d453c6aebd61341584fab862deedd245f2879babf2eba26ef79e1ef7e330bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 10:31:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Apr 2022 14:10:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age: 0, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 stub.js Show response
data-fb7f8b3ae8.heise.de/iomm/latest/bootstrap/ 323 B
533 B 125ms
41ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/bootstrap/stub.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0ebf392a8dc474a819a0f36ab90c75647b2e7d119742304951acfecfa30739b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 10:37:44 GMT
server: nginx
age: 0
etag: W/"61e546f8-143"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
content-length: 231

GET
H2 200 vendors~prebid.d69d2e.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 219 KB
66 KB 21ms
21ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/vendors~prebid.d69d2e.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

42bd676f3d4695873ee4d3ecb1f5473509268fbfcc98babb5af28ee5e1831dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:20 GMT
server: nginx
age: 6013
etag: W/"628b4b08-36dc1"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 67586
x-xss-protection: 1; mode=block

GET
H2 200 prebid.00b78c.ltc.js Show response
www.heise.de/assets/akwa/v24/js/ 250 B
325 B 21ms
20ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/prebid.00b78c.ltc.js

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f7c9d1422d7b13f677b599d44a3a44833cb66579d1e454222c89d32a6e8782b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:22 GMT
server: nginx
age: 6013
etag: W/"628b4b0a-fa"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 203
x-xss-protection: 1; mode=block

GET
H2 200 px.js Show response
www.heise.de/assets/akwa/v24/js/ 986 B
623 B 29ms
29ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/px.js?ch=1

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

6dcd72af63f19136be441704f26d409ae651311191e80cc26aee48d7331766c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:21 GMT
server: nginx
age: 6013
etag: W/"628b4b09-3da"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 500
x-xss-protection: 1; mode=block

GET
H2 200 px.js Show response
www.heise.de/assets/akwa/v24/js/ 986 B
623 B 30ms
29ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/px.js?ch=2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

6dcd72af63f19136be441704f26d409ae651311191e80cc26aee48d7331766c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:18 GMT
server: nginx
age: 6013
etag: W/"628b4b06-3da"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 500
x-xss-protection: 1; mode=block

GET
H2 200 screen2-37a7158e02f0250f.jpeg
heise.cloudimg.io/v7/_www-heise-de_/imgs/18/1/7/7/8/5/0/0/ 34 KB
34 KB 147ms
146ms Image
image/webp 2600:9000:206f:7a00:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/v7/_www-heise-de_/imgs/18/1/7/7/8/5/0/0/screen2-37a7158e02f0250f.jpeg?org_if_sml=1&q=85&width=610

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7a00:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

1101ded0648547791c91bce1715a0ddeeddbdce9197cf39ee36e5c3c4aa083b3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-amz-cf-pop: FRA56-C1
x-origin-visibility: OV_NORMAL_FILE
x-cache: Miss from cloudfront
x-resource-status: cached_original
content-length: 34380
x-xss-protection: 1
x-hexa-initwait: probably_cached, no_wait
x-hexa-rszwait: first_req, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 290zL12_6c51_JDxMz33018970247
etag: "abd64fa81d04c11f832cd69d025f5302"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-memo: 239629 M
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
timing-allow-origin: *
x-amz-cf-id: oLhvkvJt5b0qdpugLByC9dAykiOsF0QsUpREQis3uZby_3qZRAxO1A==

POST
H2 200 set_consent_cookies Show response
cmp.heise.de/mms/ 0
441 B 24ms
24ms XHR
text/plain 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.heise.de/mms/set_consent_cookies?consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&consentUUID_maxAge=31536000&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&hasCsp=true

Requested by

Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-126.fra56.r.cloudfront.net

Software

Jetty(9.4.2.v20170220) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: FRA56-C1
strict-transport-security: max-age=15552000; includeSubdomains
access-control-allow-methods: *
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: eJqcaLg9b-N7DW1f1F7h-2uEHWSobbuawS1FPUXTNBahdDXdo1k25Q==

GET
H2 200 upScore.js Show response
files.upscore.com/async/ 39 KB
14 KB 89ms
34ms Script
application/javascript 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.upscore.com/async/upScore.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e47add8fa68307eb563b46408dc2e77d48ab2584a3cc41c26ae605c5cc0ee97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 13:33:56 GMT
server: cloudflare
age: 5540
etag: W/"91cbaff0bb05b99332ee9a1041e5e988"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 70fd1f78cd859299-FRA
x-amz-request-id: R6YC2H6MWKXGJ7NP
x-amz-id-2: Div/6n7oIAU7GpnC+jOhavzdPGfb5yDyIHuBD/+A2mFZpl9FxSTbpykbowOdLjLRRI5MM0SJI9o=
cf-bgj: minify

GET
H2 200 index.html Show response
cmp.heise.de/ Frame 5066 4 KB
2 KB 21ms
21ms Document
text/html 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb84f1577f2abfa78ac5451f064b8aecf25e18adb887cba39a30a8193c8c2825

Request headers

Referer: https://www.heise.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1528
content-encoding: gzip
content-type: text/html
date: Mon, 23 May 2022 10:06:10 GMT
etag: W/"2a69e1c8b9e76a17c68c0fbc999a20a4"
last-modified: Wed, 11 May 2022 18:15:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-id: gl6boWz4shfDeiC3rkCxlUsMFcGDh59Zq0PXnSrZbGcEtrDgWXPVDg==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 Notice.93195.css
cmp.heise.de/ Frame 5066 32 KB
6 KB 22ms
21ms Stylesheet
text/css 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.93195.css
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23583bd9fb970e8849b1cd42b0d11eaeaa1838ae1b2fb5387b1c47bd6b28b990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:41:10 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 18:15:27 GMT
server: AmazonS3
age: 3028
etag: W/"a0ac796ad2ed0d9ac69acab496103ef1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OALUPfVSMbxuv6_pFcx0FO0ZNBxsUPf2cC3p4mjuf8cwKSINw95FCw==

GET
H2 200 polyfills.d36c5.js Show response
cmp.heise.de/ Frame 5066 5 KB
2 KB 22ms
22ms Script
application/javascript 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/polyfills.d36c5.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:06:04 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 18:15:27 GMT
server: AmazonS3
age: 1534
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6Jnoo-1kdxUbx9VB1sQI9cMHDjfLPpCbaqD2Gjt-BsuNyNigMW_-bg==

GET
H2 200 Notice.8d27a.js Show response
cmp.heise.de/ Frame 5066 209 KB
52 KB 24ms
24ms Script
application/javascript 65.9.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.8d27a.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dde6468a37d7df9bba8fbab9d57c7034133093f5c6aab5e8d4183bdb61108e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp.heise.de/index.html?message_id=639948&consentUUID=42d2ca88-899a-4e0e-abf6-ac731c433a43&requestUUID=9372e3b1-ca8e-4be0-81c6-1b117f47d74e&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:24:38 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 18:15:27 GMT
server: AmazonS3
age: 420
etag: W/"e6dd682a112c11cc0345810718906e29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dtg2P3rN8VhQd-W_ozXEdeVqgD2Wz01N2RVIrTPLOMFvWJV5s16Aug==

GET
H2 200 bundle.js Show response
data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/ 59 KB
19 KB 27ms
27ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/bundle.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.176695cdee14d626f129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: 07cdeb3496c0222a09ec5a8bc0772b5a57f35fae5219a7d801c64f62007665db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 10:37:43 GMT
server: nginx
age: 0
etag: W/"61e546f7-eccc"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

GET
H2 200 ssp6.bd6.ltc.woff2
www.heise.de/assets/styles/fonts/ Frame 5066 15 KB
16 KB 63ms
22ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ssp6.bd6.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cmp.heise.de/
Origin: https://cmp.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:50 GMT
server: nginx
age: 3324
etag: "62860f76-3da8"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15784
x-xss-protection: 1; mode=block

GET
H2 200 ssp4.96b.ltc.woff2
www.heise.de/assets/styles/fonts/ Frame 5066 16 KB
16 KB 62ms
22ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/styles/fonts/ssp4.96b.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cmp.heise.de/
Origin: https://cmp.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:36:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 09:35:50 GMT
server: nginx
age: 3324
etag: "62860f76-3e24"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15908
x-xss-protection: 1; mode=block

GET
H2 200 bundle.js Show response
data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/ 34 KB
13 KB 67ms
26ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/bundle.js
Requested by: Host: data-fb7f8b3ae8.heise.de
URL: https://data-fb7f8b3ae8.heise.de/iomm/latest/manager/base/es6/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: 83056c1e74b8e9f2d34a5ef28be62c63f1e256bd2408687ae1ee0db20752fb59

Request headers

Referer: https://www.heise.de/
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 10:16:31 GMT
server: nginx
age: 0
etag: W/"61e541ff-88a9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.heise.de
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

GET
H/1.1 200
OK onsite.min.js Show response
cdn.mateti.net/mcp/ 130 KB
44 KB 116ms
30ms Script
application/javascript 185.54.150.11
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mateti.net/mcp/onsite.min.js
Requested by: Host: responder.wt.heise.de
URL: https://responder.wt.heise.de/resp/api/get/288689636920174?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html&v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 42b6b7befd12ced4e5fb0649b3fcd613fa09c8db405c69833d0a5416171275c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 10:31:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 08:11:59 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=300
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 bilderstrecke_3151214.html Show response
www.heise.de/bilderstrecke/ 2 KB
1 KB 420ms
420ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/bilderstrecke/bilderstrecke_3151214.html?view=jsonp&callback=jQuery360047441595252193514_1653301896986&_=1653301896987

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/js/vendors~gallery.1ac753.ltc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f3377d3c47839efb1eb7c916e2ef12e60afcac133ad83057701b3ecab0d16c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 10:31:37 GMT
server: nginx
age: 0
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: private
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-length: 919
x-xss-protection: 1; mode=block

GET
H2 200 heise.de.js Show response
files.upscore.com/config/ 3 KB
1 KB 26ms
26ms Script
application/javascript 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.upscore.com/config/heise.de.js
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727bbfedffed2e27913c8ceae0a3c10409d7fd071f11e044219ee0602e625f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 13:53:00 GMT
server: cloudflare
age: 5387
etag: W/"51874bcdea5af126cf66f0de0e7ba852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 70fd1f79bedb9299-FRA
x-amz-request-id: TD6CFN4EN3CGZR1Y
x-amz-id-2: 0aLyv6DImnRi2YYtMeBes6SP6RlmUf4C0oilRfrAEVwJAKl2KOzW5DzBCo/yADWEmN3WKrGp02k=
cf-bgj: minify

POST
H2 200 /
hit-pool.upscore.com/ 3 B
95 B 48ms
37ms Ping
text/plain 2606:4700:10::6816:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit-pool.upscore.com/
Requested by: Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cf-ray: 70fd1f79ff3f9299-FRA

POST
H2 200 base.io Show response
data-fb7f8b3ae8.heise.de/ 0
177 B 25ms
25ms XHR
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/base.io
Requested by: Host: data-fb7f8b3ae8.heise.de
URL: https://data-fb7f8b3ae8.heise.de/iomb/latest/sensor/manager/base/es6/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2022 10:31:37 GMT
server: nginx
age: 0
vary: Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.heise.de
cache-control: private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
content-length: 20

OPTIONS
H2 204 base.io
data-fb7f8b3ae8.heise.de/ Frame 0
0 39ms
38ms Preflight
text/plain 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://data-fb7f8b3ae8.heise.de/base.io
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.heise.de
access-control-max-age: 1728000
age: 0
cache-control: private
content-type: text/plain charset=UTF-8
date: Mon, 23 May 2022 10:31:37 GMT
last-modified: Mon, 23 May 2022 10:31:37 GMT
server: nginx
vary: Origin

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 102ms
23ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.heise.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Mon, 23 May 2022 10:31:37 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ Frame 0
0 104ms
25ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heise.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.heise.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Mon, 23 May 2022 10:31:37 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 14 B
397 B 94ms
23ms XHR
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2022-05-23
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 2022-05-23

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 149 B
485 B 100ms
26ms XHR
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 3d8d05cb95a68b4fa817fb3730c18357676963862d7d2a82104b346596e10249

Request headers

Referer: https://www.heise.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2022-05-23
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heise.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 2022-05-23

GET
H/1.1 200 wt
prophet.heise.de/288689636920174/ 43 B
706 B 91ms
25ms Image
image/gif 185.54.150.27
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prophet.heise.de/288689636920174/wt?p=525,www.heise.de.security.meldung.erpressungs-trojaner-petya-riegelt-den-gesamten-rechner-ab-3150917,1,1600x1200,24,1,1653301897403,0,1600x1200,0&eid=2165330189700567692&one=1&fns=1&la=en&cg1=www.heise.de&cg2=security&cg3=meldung&cg4=erpressungs-trojaner-petya-riegelt-den-gesamten-rechner-ab-3150917&cg9=erpressungs-trojaner-petya-riegelt-den-gesamten-rechner-ab-3150917&cg10=meldung&cg12=security&cg13=free&cp1=1%2F1&cp2=petya%3Bransomware&cp6=petya%3Bransomware&cp8=2016-03-24T12%3A54%3A00&cp9=security&cp10=newsticker%3Bsecurity&cp15=Ronald%20Eikenberg&cp17=desktop&cp25=Erpressungs-Trojaner%20Petya%20riegelt%20den%20gesamten%20Rechner%20ab&cp26=v5&cp28=security&cp29=free&cp31=180&cp38=newsticker%3Bsecurity&cs1=0&np=&pu=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: 6512bd43 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 10:31:36 GMT
Last-Modified: Mon, 23 May 2022 10:31:37 GMT
Server: 6512bd43
X-Robots-Tag: noindex, nofollow, noarchive
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Keep-Alive: timeout=30
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 wt
prophet.heise.de/288689636920174/ 43 B
589 B 26ms
26ms Image
image/gif 185.54.150.27
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prophet.heise.de/288689636920174/wt?p=525,www.heise.de.security.meldung.erpressungs-trojaner-petya-riegelt-den-gesamten-rechner-ab-3150917,1,1600x1200,24,1,1653301897414,2,1600x1200,0&eid=2165330189700567692&one=1&ct=ho.consent-wall&la=en&cp17=desktop&cs1=0&ck19=open&pu=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FErpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.27 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: 6512bd43 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 10:31:36 GMT
Last-Modified: Mon, 23 May 2022 10:31:37 GMT
Server: 6512bd43
X-Robots-Tag: noindex, nofollow, noarchive
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Keep-Alive: timeout=30
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fontawesome-webfont.20fd17.ltc.woff2
www.heise.de/assets/akwa/v24/fonts/ 75 KB
76 KB 21ms
20ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/fonts/fontawesome-webfont.20fd17.ltc.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/akwa/v24/css/vendors~gallery.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heise.de/assets/akwa/v24/css/vendors~gallery.css
Origin: https://www.heise.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 08:51:19 GMT
server: nginx
age: 6007
etag: "628b4b07-12d68"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 77160
x-xss-protection: 1; mode=block

GET
H2 200 petya-screen-1fd4397f39945381.jpeg
heise.cloudimg.io/v7/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/ 23 KB
23 KB 480ms
480ms Image
image/webp 2600:9000:206f:7a00:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/v7/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/petya-screen-1fd4397f39945381.jpeg?q=75&width=608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7a00:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

6f7575f0d08a64e24bdcc6ca50e5657a69154919571c5d414e67774370f9831a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:38 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-origin-visibility: OV_NORMAL_FILE
x-cache: Miss from cloudfront
x-resource-status: downloaded
content-length: 23316
x-xss-protection: 1
x-hexa-initwait: first_req, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 370zL97_6c51_YUxXp33018977405
etag: "bb923f3accae3cb173f0e384720592ec"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-memo: 40124 M
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
timing-allow-origin: *
x-amz-cf-id: jKDJtzWYYwL1hQdTt6UoTPzC5oTiCKlTfXE6JaB2qjHODfc5FPBXfA==

GET
H2 200 petya-mail-8d119cb7007b4ef4.png
heise.cloudimg.io/v7/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/ 7 KB
8 KB 70ms
70ms Image
image/webp 2600:9000:206f:7a00:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/v7/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/petya-mail-8d119cb7007b4ef4.png?q=75&width=608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7a00:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

83e512c60c2d576def64fde48e16d8e5a1b44fd9e43d81d6c91a5cb36a08a93e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-amz-cf-pop: FRA56-C1
x-origin-visibility: OV_NORMAL_FILE
x-cache: Miss from cloudfront
x-resource-status: cached_resized
content-length: 7400
x-xss-protection: 1
x-hexa-initwait: probably_cached, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 777zL75_6c51_QCkYi33018977290
etag: "095d224324f77e0b1ca9177808baa9db"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-memo: 102817 M
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
timing-allow-origin: *
x-amz-cf-id: EWienHmRQ6VKp1bekEli0ycQDLYdlJBfV-8y5DKGn3CiZ3_yy4DEdA==

GET
H2 200 petya-site4-2cad4337f14b73fb.png
heise.cloudimg.io/v7/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/ 13 KB
13 KB 95ms
95ms Image
image/webp 2600:9000:206f:7a00:b:f730:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/v7/_www-heise-de_/imgs/71/1/7/7/8/6/5/6/petya-site4-2cad4337f14b73fb.png?q=75&width=608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7a00:b:f730:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

150cf470f204cc20c6c621f0adeabddf3256a1131fb201e4d565783145f07318

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:31:37 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-amz-cf-pop: FRA56-C1
x-origin-visibility: OV_NORMAL_FILE
x-cache: Miss from cloudfront
x-resource-status: cached_resized
content-length: 12844
x-xss-protection: 1
x-hexa-initwait: probably_cached, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: 777zL75_6c51_VJxUb33018977490
etag: "bddd331fd8f5aba4089ac0725353f1d8"
vary: Accept-Encoding,Accept
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-memo: 102993 M
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
timing-allow-origin: *
x-amz-cf-id: OBYZmxvoFi9DjatmW9ycfQSri0-hrOaAj4zE1iZp956wClGGy5pgoQ==

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_uid Value: 1:456:2e1eb847-1166-4c90-8923-d72711ef5daa
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_data Value: 2:481012:1653301896:0:1:0:1:0:0:_:-1
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKHlqMPBDDoDZWJ0YpFcTMK83JAbJLwAqqa0clhq-EUiwA0lRsV7YCAAA%3D
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_opt Value: 1:
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_csv Value: null
www.heise.de/	1970-01-20 03:58:13	Name: _sp_v1_lt Value: 1:
.heise.de/	1970-01-20 12:00:37	Name: consentUUID Value: 42d2ca88-899a-4e0e-abf6-ac731c433a43
.heise.de/	1970-01-20 07:34:13	Name: wt_nv Value: 1
.heise.de/	1969-12-31 23:59:59	Name: wt_nv_s Value: 1
.heise.de/	1970-01-20 03:15:03	Name: wt_mcp_sid Value: 2063568920
.heise.de/	1969-12-31 23:59:59	Name: wt3_sid Value: %3B288689636920174
.heise.de/	1970-01-20 07:34:13	Name: wt3_eid Value: %3B288689636920174%7C2165330189700567692%232165330189720975702
.heise.de/	1969-12-31 23:59:59	Name: wt_rla Value: 288689636920174%2C2%2C1653301897405
prophet.heise.de/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !iHwaelexKviAPR3pjGYh4zwSUbWZoCxoFHOy9tFopaa5DVF7qpubDooyJub12OXUOiLA7zc1gkzg8Q==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html Message: The resource https://www.heise.de/assets/styles/icons/checkmark.cb5.ltc.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html Message: The resource https://www.heise.de/assets/styles/icons/chevron-right-dark.c3f.ltc.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html Message: The resource https://www.heise.de/assets/styles/icons/chevron-right.17c.ltc.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.heise.de/security/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html Message: The resource https://www.heise.de/icons/common-icons.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mateti.net
cmp.heise.de
data-fb7f8b3ae8.heise.de
files.upscore.com
heise.cloudimg.io
hit-pool.upscore.com
prophet.heise.de
r.mateti.net
responder.wt.heise.de
www.heise.de
185.54.150.11
185.54.150.12
185.54.150.22
185.54.150.27
2600:9000:206f:7a00:b:f730:9800:93a1
2606:4700:10::6816:26e
2a02:2e0:3fe:1001:7777:772e:2:85
65.9.63.126
05853238df8ba102d75e6ff751b5f598268737a9271a4d3c7725b30aa277e5f4
07cdeb3496c0222a09ec5a8bc0772b5a57f35fae5219a7d801c64f62007665db
0dde6468a37d7df9bba8fbab9d57c7034133093f5c6aab5e8d4183bdb61108e7
0e47add8fa68307eb563b46408dc2e77d48ab2584a3cc41c26ae605c5cc0ee97
0ebf392a8dc474a819a0f36ab90c75647b2e7d119742304951acfecfa30739b7
1101ded0648547791c91bce1715a0ddeeddbdce9197cf39ee36e5c3c4aa083b3
12fdf0a5ed78912bff955cc1780e997f58f903465f3033f7563c82bfa15c1886
150cf470f204cc20c6c621f0adeabddf3256a1131fb201e4d565783145f07318
23583bd9fb970e8849b1cd42b0d11eaeaa1838ae1b2fb5387b1c47bd6b28b990
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0b75032bd22521e1020b7da6554a8e297a046f1dfe1ca9a0fd6a2c92691027
390c6d9eb61636ca901141763d76b6ab1868d4e47c8da14b254589c3f06af6c6
3d8d05cb95a68b4fa817fb3730c18357676963862d7d2a82104b346596e10249
3e22b68a0b4384238a29cc855562d87ce3f737ff959d0f8f90a59a0ebe68b592
42b6b7befd12ced4e5fb0649b3fcd613fa09c8db405c69833d0a5416171275c8
42bd676f3d4695873ee4d3ecb1f5473509268fbfcc98babb5af28ee5e1831dc1
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5758e9d3e47d63a16326627d601099f8d01193594a150aa6e5bab17af1bb326d
605173585c53d1297eae39a7d39bc4a0864034af38763f83f0d6d4c64be85df5
610ed92c053e57d03624757926e3d880ed4c122d77d322dd30752a20d7c7ca0a
644214a98594f84adcea7bc384f1370435ea6f8ef811b84d1083e4975baedef2
6dcd72af63f19136be441704f26d409ae651311191e80cc26aee48d7331766c0
6f7575f0d08a64e24bdcc6ca50e5657a69154919571c5d414e67774370f9831a
704ad66c84d66bf6520bace5546c5c85d95445af51eacd3232dc0de9c162a4e3
727bbfedffed2e27913c8ceae0a3c10409d7fd071f11e044219ee0602e625f61
79c2c48a4440f6c02cbf1dc669442be11d9a25229167698226def9864008b957
83056c1e74b8e9f2d34a5ef28be62c63f1e256bd2408687ae1ee0db20752fb59
83e512c60c2d576def64fde48e16d8e5a1b44fd9e43d81d6c91a5cb36a08a93e
8d5706cde045094a27e62ca6e2450d5961a1af1ef704c626199cb1aec16b908f
92bbb1ca87506873be4995d72bd1ddd3850de9bcdd9b91bc3a66386df04a43fd
986a5e164b20c8ad0b5040e8e3651434b173f98b9d270973eb130f7bf59864cb
9acc9205045b06d002103174e1a84df9bdc68b347fb2886259cc3c9588f39a99
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c2fbb503fd72737044eb6d5b1ae348ec7cd65b3cb4f95aae979ee293f6e900
bd096226d9b1615254aa29ae8b2c4bb1f778d1cf79f0386f5fcd05a303f04e77
c57f1314eb0f200130c1130315d3181ef1f55b98d308dfb78728b5755a488271
c9d453c6aebd61341584fab862deedd245f2879babf2eba26ef79e1ef7e330bc
cb84f1577f2abfa78ac5451f064b8aecf25e18adb887cba39a30a8193c8c2825
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6d997378bb32df40e0ef1110b1aa5a325e4f7fe4ded6b64ee8c57f37a982f5
edc212b0421ff8ebb1892f544cb8c07ed027bb7a4dcb4f905a2a00f4a9f738ba
f19c10e93bc7fbff0bdb80d8e3b3e222ba26e5b3ea635d7f4aa40fa6d3c53041
f3377d3c47839efb1eb7c916e2ef12e60afcac133ad83057701b3ecab0d16c02
f7c9d1422d7b13f677b599d44a3a44833cb66579d1e454222c89d32a6e8782b1
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

www.heise.de Open in urlscan Pro 2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

38 %IPv6

4 Domains

10 Subdomains

9 IPs

2 Countries

1017 kBTransfer

2686 kBSize

15 Cookies

32 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

38 %
IPv6

4
Domains

10
Subdomains

9
IPs

2
Countries

1017 kB
Transfer

2686 kB
Size

15
Cookies

59 HTTP transactions
1 data transactions