www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Submission Tags: falconsandbox
Submission: On July 13 via api (July 13th 2021, 7:00:31 am UTC) from US

Summary HTTP 51 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 6 domains to perform 51 HTTP transactions. The main IP is 2a02:2e0:3fe:1001:7777:772e:2:85, located in Germany and belongs to PLUSLINE, DE. The main domain is www.heise.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2020. Valid for: 2 years.

This is the only time www.heise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2a02:2e0:3fe:... 2a02:2e0:3fe:1001:7777:772e:2:85	12306 (PLUSLINE) (PLUSLINE)
8	13.224.99.55 13.224.99.55	16509 (AMAZON-02) (AMAZON-02)
1	91.215.100.39 91.215.100.39	43407 (INFONLINE-AS) (INFONLINE-AS)
7	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	161.156.66.178 161.156.66.178	36351 (SOFTLAYER) (SOFTLAYER)
2	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	13.224.99.50 13.224.99.50	16509 (AMAZON-02) (AMAZON-02)
1	50.31.142.191 50.31.142.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
51	12

27 2a02:2e0:3fe:1001:7777:772e:2:85 (Germany)

ASN12306 (PLUSLINE, DE)

www.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.99.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-55.zrh50.r.cloudfront.net

cmp.heise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.156.66.178 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b2.42.9ca1.ip4.static.sl-reverse.com

ssl-heise.met.vgwort.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-50.zrh50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	heise.de www.heise.de cmp.heise.de	494 KB
9	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com	95 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	3 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	10 KB
2	vgwort.de 1 redirects ssl-heise.met.vgwort.de	777 B
1	privacy-mgmt.com cdn.privacy-mgmt.com	1 KB
51	6

	Domain	Requested by
27	www.heise.de	www.heise.de cmp.heise.de
8	cmp.heise.de	www.heise.de cmp.heise.de
6	widgets.outbrain.com	www.heise.de widgets.outbrain.com
2	ssl-heise.met.vgwort.de	1 redirects www.heise.de
2	de.ioam.de	1 redirects www.heise.de
1	images.outbrainimg.com
1	mcdp-chidc2.outbrain.com	widgets.outbrain.com
1	cdn.privacy-mgmt.com	cmp.heise.de
1	odb.outbrain.com	widgets.outbrain.com
1	log.outbrainimg.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.heise.de
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	script.ioam.de	www.heise.de
51	13

This site contains links to these domains. Also see Links.

Domain
www.techstage.de
bildung.heise.de
business-services.heise.de
tarifrechner.heise.de
spiele.heise.de
shop.heise.de
abo.heise.de
heise-gruppe.de
www.heise-gruppe.de
www.facebook.com
twitter.com
www.cisco.com
cuckoo.sh
www.snort.org
suricata-ids.org
localhost
www.nostarch.com
getpocket.com
heise.de
www.outbrain.com
go.babbel.com
www.searchifly.com
pubads.g.doubleclick.net
m.heise.de
www.interred.de
www.plusline.net
www.heise-medien.de

Subject Issuer	Validity	Valid
www.heise.de Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
cmp.heise.de R3	`2021-06-02` - `2021-08-31`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.met.vgwort.de Thawte RSA CA 2018	`2020-03-13` - `2022-04-01`	2 years	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.privacy-mgmt.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Frame ID: EF1A1251CF20AEF06E375DC38BA5BEB1
Requests: 41 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 7ED15724DA03C6017366FD59EF2596AD
Requests: 2 HTTP requests in this frame

Frame: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
Frame ID: 4CE4E51A0E4C2311B92F77F346804E57
Requests: 7 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: BB35D0670F312ACD92201D12942059C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

9 %
IPv6

6
Domains

13
Subdomains

12
IPs

2
Countries

602 kB
Transfer

2216 kB
Size

0
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techstage.de/
Title: TechStage

Search URL Search Domain Scan URL

URL: https://bildung.heise.de/
Title: Weiterbildung

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/
Title: Whitepaper/Webcasts

Search URL Search Domain Scan URL

URL: https://tarifrechner.heise.de/dsl/
Title: DSL-Vergleich

Search URL Search Domain Scan URL

URL: https://spiele.heise.de/
Title: Spielen bei Heise

Search URL Search Domain Scan URL

URL: https://shop.heise.de/
Title: heise shop

Search URL Search Domain Scan URL

URL: https://abo.heise.de/
Title: Abo

Search URL Search Domain Scan URL

URL: https://heise-gruppe.de/-1812545
Title: Arbeiten bei Heise

Search URL Search Domain Scan URL

URL: https://www.heise-gruppe.de/presse/
Title: Presse

Search URL Search Domain Scan URL

URL: https://business-services.heise.de/specials/online-marketing/home/?source=topthemen
Title: Online-Marketing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heisec.de
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/heisec
Title:

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/de_de/products/security/amp-threat-grid-appliances/index.html
Title: Ciscos Threat Grid

Search URL Search Domain Scan URL

URL: https://cuckoo.sh/docs/installation/index.html
Title: Installations-Anleitung auf der Cuckoo Homepage

Search URL Search Domain Scan URL

URL: https://cuckoo.sh/docs/installation/host/requirements.html
Title: in der Doku beschrieben

Search URL Search Domain Scan URL

URL: https://www.snort.org/
Title: SNORT

Search URL Search Domain Scan URL

URL: https://suricata-ids.org/
Title: Surricata

Search URL Search Domain Scan URL

URL: https://cuckoo.sh/docs/installation/host/routing.html
Title: Ubuntu-Host Routing erlauben und Firewall konfigurieren

Search URL Search Domain Scan URL

URL: https://cuckoo.sh/docs/installation/guest_physical/index.html
Title: in VirtualBox-VM installieren

Search URL Search Domain Scan URL

URL: https://cuckoo.sh/docs/installation/host/configuration.html
Title: die einzelnen Konfigurationsdateien

Search URL Search Domain Scan URL

URL: http://localhost:8000/
Title: http://localhost:8000

Search URL Search Domain Scan URL

URL: https://www.nostarch.com/malware
Title: Practical Malware Analysis

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fartikel%2FMalware-Analyse-Do-It-Yourself-3910855.html
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fartikel%2FMalware-Analyse-Do-It-Yourself-3910855.html
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fartikel%2FMalware-Analyse-Do-It-Yourself-3910855.html&text=Malware-Analyse+-+Do-It-Yourself+%7C+Security
Title:

Search URL Search Domain Scan URL

URL: https://heise.de/-3910855
Title: https://heise.de/-3910855

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/de
Title: empfohlen von

Search URL Search Domain Scan URL

URL: https://go.babbel.com/v1/ob?bsc=deumag-15minsperday-cd-global-xo-ob&btp=default&utm_source=Outbrain&utm_medium=CON&utm_content=$publisher_id$_$section_id$_001bfd270422f8cdae8dbad1eaf4ce9ff5_00c4f08328a589e3d995789a315bb67ae8&ocid=$ob_click_id$&obOrigUrl=true
Title: Anzeige Eine Sprachexpertin verrät die 15-Minuten-Methode, wie man am besten eine Sprache lernt Babbel

Search URL Search Domain Scan URL

URL: http://www.searchifly.com/search_tonic/stairlift_fr?ob_click_id=$ob_click_id$&ac=Makelele&ps=ton-stairlift-fr-desk&prod_id=10308&pli=00a18fe5d5d9a196d1837ab8059b041b2b&ci=001869daf54138cdc86f2c1c68dc706c25&si=$section_id$&pi=$publisher_id$&pn=$publisher_name$&cn=alton-stairlift-fr-desk-new-ads-d-3-d-1-semi-test-d-1_d_2&sn=$section_name$&at=Les+monte-escaliers+pourraient+%C3%AAtre+un+luxe+moins+cher+que+vous+ne+le+&obOrigUrl=true
Title: Anzeige Les monte-escaliers pourraient être un luxe moins cher que vous ne le pensez Monte-scalier | Liens de recherche

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5598369803&iu=/6514/www.heise.de/clicktracking/textlink
Title: Zukunftssichere IT für KMU

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5497528511&iu=/6514/www.heise.de/clicktracking/textlink
Title: Themenspecial: Moderne IT-Infrastruktur

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5499374393&iu=/6514/www.heise.de/clicktracking/textlink
Title: Welches Tool passt zu deiner Webanalyse?

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5676622069&iu=/6514/www.heise.de/clicktracking/textlink
Title: DevOps – das Beste aus zwei Welten?

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5719215042&iu=/6514/www.heise.de/clicktracking/textlink
Title: Live Webcast: Nie wieder langsames VPN

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5728149497&iu=/6514/www.heise.de/clicktracking/textlink
Title: Live Chat: Wann lohnen sich Hardwareanschaffungen?

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5701334310&iu=/6514/www.heise.de/clicktracking/textlink
Title: Sicherheit für Ihre Digitalisierungsprojekte

Search URL Search Domain Scan URL

URL: http://m.heise.de/security/
Title: mobil

Search URL Search Domain Scan URL

URL: http://www.interred.de/
Title: Content Management by InterRed

Search URL Search Domain Scan URL

URL: https://www.plusline.net/
Title: Hosted by Plus.line

Search URL Search Domain Scan URL

URL: https://www.heise-medien.de/
Title: Copyright © 2021 Heise Medien

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://de.ioam.de/tx.io?st=heise&cp=sec_hg&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=FR%2FIle-de-France&cb=0019&i2=0019217916d8a5bef60ed39fd&ep=1656940255&vr=424&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1626159613993&ev=&cs=ykryte&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=heise&cp=sec_hg&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=FR%2FIle-de-France&cb=0019&i2=0019217916d8a5bef60ed39fd&ep=1656940255&vr=424&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1626159613993&ev=&cs=ykryte&mo=1&sr=71

Request Chain 29

https://ssl-heise.met.vgwort.de/na/1dc6098a277c4659aa8a816aeb710d9f HTTP 302
https://ssl-heise.met.vgwort.de/blank.gif

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Malware-Analyse-Do-It-Yourself-3910855.html Show response
www.heise.de/security/artikel/ 135 KB
36 KB 24ms
8ms Document
text/html 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a5c359755c7f05d5cac39b9dbff199335b8155e0a872ba46cf966d154d3e2955

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.heise.de
:scheme: https
:path: /security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 13 Jul 2021 06:59:40 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 13 Jul 2021 06:59:40 GMT
content-encoding: gzip
age: 33
strict-transport-security: max-age=15768000
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: X-Export-Format, X-Export-Agent, Accept-Encoding
cache-control: no-store
accept-ranges: bytes
content-length: 36278

GET
H2 200 sourcesanspro-regular-webfont.woff2
www.heise.de/fonts/source-sans-pro-subset/ 24 KB
24 KB 9ms
8ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-regular-webfont.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

ab3a93b8c7a644bd7be9af6f1a72db904733a3ffb3fd9c9fa2f1d6f1803a5df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /fonts/source-sans-pro-subset/sourcesanspro-regular-webfont.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.heise.de
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:25:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2015 13:47:00 GMT
server: nginx
age: 5702
etag: "5666df54-5e50"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 24144
x-xss-protection: 1; mode=block

GET
H2 200 sourcesanspro-semibold-webfont.woff2
www.heise.de/fonts/source-sans-pro-subset/ 24 KB
24 KB 10ms
9ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-semibold-webfont.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

61c555c7cf3320e0d9198642a5fb6a5abb1dbdf1ea0fdf1fca47a6cd96721fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /fonts/source-sans-pro-subset/sourcesanspro-semibold-webfont.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.heise.de
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2015 13:47:00 GMT
server: nginx
age: 5398
etag: "5666df54-5e4c"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 24140
x-xss-protection: 1; mode=block

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmp.heise.de/ 151 KB
44 KB 132ms
46ms Script
application/javascript 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efbfbbcfcb947618a71bdd68bcc5a6fef5356c183168e032c374bbe905a418f5

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 20:25:28 GMT
server: AmazonS3
age: 1910
etag: W/"117bd1f3ca810f6a8d1ee70a9e6cae85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Tue, 13 Jul 2021 06:28:24 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OhVctlNS5oUCbPtwCI_S3oqQ7VKQUZqXJSO05u2eKmtMCk35uKD_ig==

GET
H2 200 mobile-deflect.min.js Show response
www.heise.de/js/ 8 KB
3 KB 8ms
7ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/js/mobile-deflect.min.js?.ltc.3b8b7721db03f7b8b3f5

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

75609a73ddf4dc3de543a24f6ec12ed84828ede710e7e62eed49d6d736551d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /js/mobile-deflect.min.js?.ltc.3b8b7721db03f7b8b3f5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2018 15:52:36 GMT
server: nginx
age: 5368
etag: "5a5f7144-2007"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2961
x-xss-protection: 1; mode=block

GET
H2 200 akwa.js Show response
www.heise.de/assets/akwa/v24/js/ 338 KB
91 KB 7ms
7ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.e73233a10e71dc827f14

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

b409cde19aea8b33e07edac3f624395600cde1b10ac298788b8ecd403d6bd6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/js/akwa.js?.ltc.e73233a10e71dc827f14
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 11:47:49 GMT
server: nginx
age: 4333
etag: W/"60ec2be5-54921"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 92688
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 19 KB
8 KB 113ms
39ms Script
application/javascript 91.215.100.39
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js?m=1
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script4.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 0019
Resource Hash: b8bc1261cdca43de0f821cd8ca176a47f203352a9b9cf0fb6b489ad9e52da4b5

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:00:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 07:00:13 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 0019
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Tue, 13 Jul 2021 09:00:13 GMT

GET
H2 200 akwa.css
www.heise.de/assets/akwa/v24/css/ 35 KB
6 KB 13ms
12ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/akwa/v24/css/akwa.css?.ltc.87eac68e480b0ccb3dc0

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

638e629a60065f054c9e4ce2bf5f32b82b0c651e1f02c3c0732a315a5d4407a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/akwa/v24/css/akwa.css?.ltc.87eac68e480b0ccb3dc0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 11:47:48 GMT
server: nginx
age: 4334
etag: W/"60ec2be4-8c3d"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 5990
x-xss-protection: 1; mode=block

GET
H2 200 heise.css
www.heise.de/assets/heise/heise/css/ 205 KB
31 KB 13ms
12ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fe4a3697452188b5e2515e5836d01e1cc2b8da7de0d34c5481a54582c8ff6be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 06:11:26 GMT
server: nginx
age: 2915
etag: W/"60ed2e8e-332f4"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 31376
x-xss-protection: 1; mode=block

GET
H2 200 security.css
www.heise.de/assets/heise/security/css/ 68 KB
13 KB 13ms
12ms Stylesheet
text/css 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

2fc8d5a993405c4c58b580ae5bef22a0e47f6a0070218e4430feeb69c808614e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 06:11:30 GMT
server: nginx
age: 2913
etag: W/"60ed2e92-11045"
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 12821
x-xss-protection: 1; mode=block

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 179 KB
60 KB 119ms
38ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e23a7b58894774640f82a2dd1ca6dd8433c524b3fcefd189a9325aab8b3bf0ad

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:13 GMT
content-encoding: gzip
last-modified: Sun, 11 Jul 2021 13:53:45 GMT
etag: W/"2ca8d-lzRdReSwoe2g5Ku/w9ygjrmJoDA"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: d9b65f24d5ac953d7a0154b9aa4c7555
timing-allow-origin: *, *
content-length: 60585
expires: Tue, 13 Jul 2021 11:00:13 GMT

GET
H2 200 avatar_48.png
www.heise.de/foto/icons/galerie/ 2 KB
2 KB 9ms
7ms Image
image/png 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/foto/icons/galerie/avatar_48.png

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

217539993768df2d75293bf2bacc50ce2c819fe88c07a49b1fdfa0ae253f2da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /foto/icons/galerie/avatar_48.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Sep 2013 10:21:13 GMT
server: nginx
age: 5398
etag: "52495099-62f"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 1583
x-xss-protection: 1; mode=block

GET
H2 200 /
www.heise.de/imagine/tvTLzZHeX8iXviDKmRkidAFKWGI/preview/ 1 KB
1 KB 9ms
8ms Image
image/jpeg 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/imagine/tvTLzZHeX8iXviDKmRkidAFKWGI/preview/

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f939f13636f1332b9fb0fa55d68aebc5a5413ed65b38ab94761e1e1a0fcaab67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /imagine/tvTLzZHeX8iXviDKmRkidAFKWGI/preview/
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:43:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 11 Jul 2021 08:47:30 GMT
server: nginx
age: 1006
x-frame-options: DENY
content-type: image/jpeg; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: public, max-age=1800
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 1299
x-xss-protection: 1; mode=block

GET
H2 200 heise.js Show response
www.heise.de/assets/heise/heise/js/ 131 KB
42 KB 9ms
8ms Script
application/javascript 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/heise/js/heise.js?.ltc.c86778634abd5a66f2b9

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

5984be1d18258bb41d09c11c47d66b5d8af6a999a87df7394054ec36f0d5e0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/heise/js/heise.js?.ltc.c86778634abd5a66f2b9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 06:11:28 GMT
server: nginx
age: 2916
etag: W/"60ed2e90-20d49"
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 42609
x-xss-protection: 1; mode=block

GET
H2 200 Malware-Analyse-Do-It-Yourself-3910855.html
www.heise.de/ivw-bin/ivw/CP/security/artikel/ 43 B
231 B 10ms
8ms Image
image/gif 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/ivw-bin/ivw/CP/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Requested by

Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /ivw-bin/ivw/CP/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2011 15:58:20 GMT
server: nginx
age: 0
etag: "4d385b9c-2b"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 13 Jul 2021 07:00:13 GMT

GET
DATA 200
OK truncated
/ 316 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 582b5b2618ab8ee1fb8b820f68cb254a9976d574ecb9d69ce5bcae389558d884

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 qwant_q.svg
www.heise.de/icons/svg/icons/svg/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/svg/icons/svg/qwant_q.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

27ebfb38c9bcee8e9d0a07e5c7270268965af886fb485b5984ffaf28c66bce9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /icons/svg/icons/svg/qwant_q.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 13:29:29 GMT
server: nginx
age: 5405
etag: "60c8ab39-7bd"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 973
x-xss-protection: 1; mode=block

GET
H2 200 ct_flat.eac7.ltc.svg
www.heise.de/assets/heise/images/ 684 B
577 B 9ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/ct_flat.eac7.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

1df4e66be0ca49bc4d82de7d06e86bceb1e64bc7d20c9706ac9ad55272b47913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/ct_flat.eac7.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:04:07 GMT
server: nginx
age: 5401
etag: W/"60ec3dc7-2ac"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 459
x-xss-protection: 1; mode=block

GET
H2 200 ix.bde1.ltc.svg
www.heise.de/assets/heise/images/ 586 B
527 B 9ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/ix.bde1.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

c1cf8769347c954fb5cb714ddb4c25948dde3469168851e0385135898d2a8859

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/ix.bde1.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:03:58 GMT
server: nginx
age: 5401
etag: W/"60ec3dbe-24a"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 409
x-xss-protection: 1; mode=block

GET
H2 200 mit_technology_review.2271.ltc.svg
www.heise.de/assets/heise/images/ 3 KB
1 KB 10ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/mit_technology_review.2271.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

a08adf66364706967a0809e5409cbba6207dcfcfeacbf641cb1ce45c1dee15c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/mit_technology_review.2271.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:04:01 GMT
server: nginx
age: 5402
etag: W/"60ec3dc1-b52"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1331
x-xss-protection: 1; mode=block

GET
H2 200 foto.1ed3.ltc.svg
www.heise.de/assets/heise/images/ 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/foto.1ed3.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

75e425ff2c4c1b1e8c711b441ed964dc93e064b7692497bb73abdbd425d26ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/foto.1ed3.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:03:59 GMT
server: nginx
age: 5403
etag: W/"60ec3dbf-b52"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1318
x-xss-protection: 1; mode=block

GET
H2 200 mac.ef4e.ltc.svg
www.heise.de/assets/heise/images/ 2 KB
1 KB 10ms
9ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/mac.ef4e.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

3b900d1bd9278077b58c6dd6f9199268bb05ebf9771d0beca8fc0c1601ae9fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/mac.ef4e.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:03:59 GMT
server: nginx
age: 5403
etag: W/"60ec3dbf-7f9"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 1128
x-xss-protection: 1; mode=block

GET
H2 200 make.5fd7.ltc.svg
www.heise.de/assets/heise/images/ 1 KB
857 B 9ms
8ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/make.5fd7.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

2a77c40fb9b1b438a2436728719cf8ad3065c924abce24865c8662a657e525de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/make.5fd7.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:04:05 GMT
server: nginx
age: 5402
etag: W/"60ec3dc5-4d2"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 739
x-xss-protection: 1; mode=block

GET
H2 200 magazine_v1.457e.ltc.svg
www.heise.de/assets/heise/images/ 2 KB
941 B 11ms
10ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/assets/heise/images/magazine_v1.457e.ltc.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/images/magazine_v1.457e.ltc.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:03:59 GMT
server: nginx
age: 5399
etag: W/"60ec3dbf-622"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-length: 823
x-xss-protection: 1; mode=block

GET
H2 200 CarroisGothic.ttf.woff
www.heise.de/fonts/carroisgothic/ 16 KB
16 KB 8ms
7ms Font
application/font-woff 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/fonts/carroisgothic/CarroisGothic.ttf.woff

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

c7c1c477b5d221535ced4b2cfc393808155da899f3408a94fcca0ed65f5cbd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /fonts/carroisgothic/CarroisGothic.ttf.woff
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.heise.de
Referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:32:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Jan 2015 14:50:05 GMT
server: nginx
age: 5290
etag: "54bd199d-3fec"
x-frame-options: DENY
content-type: application/font-woff
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 16364
x-xss-protection: 1; mode=block

GET
H2 200 sourcesanspro-italic-webfont.woff2
www.heise.de/fonts/source-sans-pro-subset/ 17 KB
18 KB 7ms
7ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-italic-webfont.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

f54f455a59a0d06123cc94c3487243626d70a15f41f7165df7a7c23cf4c7a7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /fonts/source-sans-pro-subset/sourcesanspro-italic-webfont.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.heise.de
Referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:58:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2015 13:46:59 GMT
server: nginx
age: 3702
etag: "5666df53-45fc"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 17916
x-xss-protection: 1; mode=block

GET
H2 200 flammen.svg
www.heise.de/security/icons/ 2 KB
972 B 7ms
6ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/security/icons/flammen.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

affc8b9d9bf8252e87533498fc49c3f3d126d3d13cd3dd7ab4ce2115004d50cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /security/icons/flammen.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/heise/css/heise.css?.ltc.3d3167c44d393feece29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jan 2015 15:15:04 GMT
server: nginx
age: 5290
etag: "54ca4e78-612"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 856
x-xss-protection: 1; mode=block

GET
H2 200 kommentar.svg
www.heise.de/icons/svg/icons/svg/ 565 B
500 B 7ms
7ms Image
image/svg+xml 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heise.de/icons/svg/icons/svg/kommentar.svg

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

9f2cb711f34fabc46f91a693d1c157e6bd9c8188f3c267794fba7b7ee397401f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /icons/svg/icons/svg/kommentar.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 13:29:31 GMT
server: nginx
age: 5393
etag: W/"60c8ab3b-235"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 382
x-xss-protection: 1; mode=block

GET
H2 200 sourcesanspro-bold-webfont.woff2
www.heise.de/fonts/source-sans-pro-subset/ 23 KB
24 KB 7ms
7ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-bold-webfont.woff2

Requested by

Host: www.heise.de
URL: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

dd5b1f8a8736bb703254a870792dc5705ce99a7779dd418d1cf83316af9876ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /fonts/source-sans-pro-subset/sourcesanspro-bold-webfont.woff2
pragma: no-cache
origin: https://www.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.heise.de
Referer: https://www.heise.de/assets/heise/security/css/security.css?.ltc.229df6efae763ea51cec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:31:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2015 13:46:59 GMT
server: nginx
age: 5347
etag: "5666df53-5d40"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://www.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 23872
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=heise&cp=sec_hg&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=FR%2FIle-de-France&cb=0019&i2=0019217916d8a5bef60ed39fd&ep=1656940255&...
https://de.ioam.de/tx.io?st=heise&cp=sec_hg&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=FR%2FIle-de-France&cb=0019&i2=0019217916d8a5bef60ed39fd&ep=1656940255&...

0
717 B

33ms
33ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=heise&cp=sec_hg&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=FR%2FIle-de-France&cb=0019&i2=0019217916d8a5bef60ed39fd&ep=1656940255&vr=424&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1626159613993&ev=&cs=ykryte&mo=1&sr=71
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0042
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:00:14 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0042
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Tue, 13 Jul 2021 07:00:14 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0042
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Tue, 13 Jul 2021 07:00:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=heise&cp=sec_hg&sv=ke&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&xy=1600x1200x24&lo=FR%2FIle-de-France&cb=0019&i2=0019217916d8a5bef60ed39fd&ep=1656940255&vr=424&id=qn28vx&i3=nocookie&n1=1&dntt=0&lt=1626159613993&ev=&cs=ykryte&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Mon, 13 Jul 2020 07:00:14 GMT

GET
H/1.1

200
OK

blank.gif
ssl-heise.met.vgwort.de/
Redirect Chain

https://ssl-heise.met.vgwort.de/na/1dc6098a277c4659aa8a816aeb710d9f
https://ssl-heise.met.vgwort.de/blank.gif

43 B
332 B

35ms
35ms

Image
image/gif

161.156.66.178
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-heise.met.vgwort.de/blank.gif
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.156.66.178 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: b2.42.9ca1.ip4.static.sl-reverse.com
Software: s2.52.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Jul 2021 07:00:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: s2.52.0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Tue, 13 Jul 2021 07:00:13 GMT
Last-Modified: Tue, 13 Jul 2021 07:00:13 GMT
Server: s2.52.0
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Type: text/html
Location: /blank.gif
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H2 200 native-message Show response
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ 469 KB
18 KB 85ms
84ms XHR
application/json 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%22ba9bf6d6-30ca-4777-9638-c7eacaa5df78%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fartikel%2FMalware-Analyse-Do-It-Yourself-3910855.html%3Fseite%3Dall%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: / Express
Resource Hash: fa57d6b89d218254e0945e5fe7ebba0ff2da9184de979a212e391dbb6502085c

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heise.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: idf28mJrz59mCNQfDPoU0R7bI2aqhsSQI_sL4L7yuqP18KDw4UN3Zw==
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)

OPTIONS
H2 200 native-message
cmp.heise.de/wrapper/tcfv2/v1/gdpr/ Frame 0
0 128ms
47ms Preflight
text/plain 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1603%2C%22requestUUID%22%3A%22ba9bf6d6-30ca-4777-9638-c7eacaa5df78%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fartikel%2FMalware-Analyse-Do-It-Yourself-3910855.html%3Fseite%3Dall%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.heise.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heise.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Tue, 13 Jul 2021 07:00:14 GMT
x-powered-by: Express
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PBrzrz82UVa0KpZ-ZH9dEd1cp5yBl2YvRitDkWtiyjMRO_I8ayDP8w==

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7ED1 416 B
798 B 39ms
39ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1626012900.410922"
last-modified: Sun, 11 Jul 2021 13:53:00 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Tue, 13 Jul 2021 07:00:14 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1626159614~rv=18~id=6fecd45dc5233656bd322bd983bc929a; path=/; Expires=Tue, 13 Jul 2021 07:00:14 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmhlaXNlLmRl Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 115ms
37ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlaXNlLmRl
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:00:14 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=41399
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 477b6643ce602241de057a98d34d0026
Content-Length: 16
Expires: Tue, 13 Jul 2021 18:30:13 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 40ms
38ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.934704166260685
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 12 Aug 2021 07:00:14 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7ED1 610 B
992 B 39ms
39ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1626012901.110962"
last-modified: Sun, 11 Jul 2021 13:53:00 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Tue, 13 Jul 2021 07:00:14 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1626159614~rv=32~id=e78438e92e15fdcd563c4bd479f6c0de; path=/; Expires=Tue, 13 Jul 2021 07:00:14 GMT; Secure; SameSite=None

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 393ms
98ms XHR
application/json 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1626159614275&sessionId=57a4fcde-c446-cdf4-2da6-331192bae721&url=www.heise.de&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Jul 2021 07:00:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: c10e01afcd57506342b399cb851312d7
Content-Length: 4
Expires: 0

POST
H2 200 set_consent_cookies Show response
cmp.heise.de/mms/ 0
398 B 48ms
48ms XHR
text/plain 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/mms/set_consent_cookies?consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&consentUUID_maxAge=31536000&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&hasCsp=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: Jetty(9.4.2.v20170220) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.heise.de
access-control-allow-credentials: true
access-control-allow-methods: *
content-length: 0
x-amz-cf-id: p2WUTZ60LSFjygoWp1rOCghIpU4WXyCRMYI-WEmH8gyluhShu1QAIg==

GET
H2 200 index.html Show response
cmp.heise.de/ Frame 4CE4 4 KB
2 KB 40ms
39ms Document
text/html 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45bc5a157ae3fa53f54b7f062d593e4b0f7b0d31cb572970263e35f0564a4da8

Request headers

:method: GET
:authority: cmp.heise.de
:scheme: https
:path: /index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940; iom_consent=0100000000&1626159614397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

content-type: text/html
last-modified: Thu, 08 Jul 2021 20:27:04 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 13 Jul 2021 06:34:42 GMT
etag: W/"cdc24794d08a6156a4cc9ba2333f4fd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: W95uWHZXlHPJjsNj5etafIZRxGqb4dOgjMl01A3hZvJccnsjos8bJg==
age: 1532

GET
H2 200 Notice.185fb.css
cmp.heise.de/ Frame 4CE4 32 KB
6 KB 41ms
40ms Stylesheet
text/css 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.185fb.css
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ee65681169097d090e910d0525bb09e60a2ddd405f46d976daad8f29d0a1a67

Request headers

Referer: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:37:22 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 20:27:04 GMT
server: AmazonS3
age: 1707
etag: W/"2d1233c8e331c4bdff593199f6e12382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vvyyq6IMVwmc84XQwQX4yBmO9XNmihK9QqJK2oBq28v52L_Zurox9w==

GET
H2 200 polyfills.0fdf7.js Show response
cmp.heise.de/ Frame 4CE4 5 KB
2 KB 41ms
40ms Script
application/javascript 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/polyfills.0fdf7.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:32:15 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 20:27:04 GMT
server: AmazonS3
age: 1680
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: kUuAcpuj3RvcTfMyN-0WypLAoSCNLlkLjgDiuJheIYpipR16F5yMxw==

GET
H2 200 Notice.23ffd.js Show response
cmp.heise.de/ Frame 4CE4 205 KB
51 KB 46ms
45ms Script
application/javascript 13.224.99.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.heise.de/Notice.23ffd.js
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-55.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 487778c9f4a6df308a12c2e74e3f23bcd41009a18e2d6329093cda719a076dd6

Request headers

Referer: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:37:22 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 20:27:04 GMT
server: AmazonS3
age: 1648
etag: W/"a2204e899351f50f2dc37a099729c552"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bx3o3DR1lcgkE-ADNTGEDOp5B_eCW4-Mq4n2s_foHlWByS2kqxb3dw==

GET
H2 200 get Show response
odb.outbrain.com/utils/ 53 KB
21 KB 364ms
303ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fartikel%2FMalware-Analyse-Do-It-Yourself-3910855.html&srcUrl=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Frss%2Fnews-atom.xml&idx=0&rand=57308&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=272&py=11331&vpd=10131&cw=696&settings=true&recs=true&version=2000381&sig=3w20QWzG&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPJOfwrPJOfwrAGABCENBiCgAAAAAH_AAAqIAAAOPAIMBAQAAAEEAAAAECAQAAQAiAAAAABBAAAQBIAEIgACRwEQAIAACAxAQAAAgBAQgwCAAACAIIAgBAAwAAAAiAQAAgAEAAAAEIAADACQAAAAEAICAAiAAEAAAiCAgZCAgIACCAFABAAAqJCAAAMooASBBAPGQBQBHAFLAN4AmIBgQiAMAQAApYBrADqgHyAYEJAAgN_CQDAAEACOAIAAUsAxQBrADeAHyATEAmUBaADAgoAEARQaAOAQAApYBrADeAHVAPkAwIOACANkA38VAGAEcAUsA3gCYgGBANyHQCABHAFiALqAYoA6gC0AF2gNEHgAgBFAN_IQBgBHAFDAMUAdQBdoDRCUAgABAAbQBHAF1AMUAdQA-QC7SYAEBv5SAEAUMBdpUACA38AA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eab9cbe0e363214f928183e217676c08efa4de4469ffd15fd5067c45a400d3fa

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.80
x-cache-hits: 0, 0
x-traceid: fe4bc6ee547545b1c89ae57d8a0087ad
content-encoding: gzip
content-length: 20930
x-served-by: cache-mdw17380-MDW, cache-fra19151-FRA
x-timer: S1626159615.528411,VS0,VE274
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 4CE4 1 KB
1 KB 142ms
48ms Fetch
application/json 13.224.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=14602&consentLanguage=de
Requested by: Host: cmp.heise.de
URL: https://cmp.heise.de/Notice.23ffd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-50.zrh50.r.cloudfront.net
Software: /
Resource Hash: 1a7af394216a04c96a3756d89e219c878b57cc0f8c8602508d5090f472ae5349

Request headers

Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cmp.heise.de
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 9IrTpw_TNzrquCSt3FHvyIBWJ5OJyUPqo4hdg1dgTKsIG4ebqwfLWQ==
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)

GET
H2 200 source-sans-pro-v11-latin-regular.96b158.woff2
www.heise.de/assets/heise/fonts/ Frame 4CE4 16 KB
16 KB 23ms
8ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-regular.96b158.woff2

Requested by

Host: cmp.heise.de
URL: https://cmp.heise.de/index.html?message_id=491125&consentUUID=2365d036-9a14-41b7-802b-5f5bef48c940&requestUUID=ba9bf6d6-30ca-4777-9638-c7eacaa5df78&preload_message=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/fonts/source-sans-pro-v11-latin-regular.96b158.woff2
pragma: no-cache
origin: https://cmp.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://cmp.heise.de/
:scheme: https
sec-fetch-site: same-site
:method: GET
Origin: https://cmp.heise.de
Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:03:59 GMT
server: nginx
age: 5395
etag: "60ec3dbf-3e24"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15908
x-xss-protection: 1; mode=block

GET
H2 200 source-sans-pro-v11-latin-600.bd652d.woff2
www.heise.de/assets/heise/fonts/ Frame 4CE4 15 KB
16 KB 22ms
8ms Font
font/woff2 2a02:2e0:3fe:1001:7777:772e:2:85
PLUSLINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heise.de/assets/heise/fonts/source-sans-pro-v11-latin-600.bd652d.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:2e0:3fe:1001:7777:772e:2:85 , Germany, ASN12306 (PLUSLINE, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/heise/fonts/source-sans-pro-v11-latin-600.bd652d.woff2
pragma: no-cache
origin: https://cmp.heise.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.heise.de
referer: https://cmp.heise.de/
:scheme: https
sec-fetch-site: same-site
:method: GET
Origin: https://cmp.heise.de
Referer: https://cmp.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:30:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 13:04:02 GMT
server: nginx
age: 5402
etag: "60ec3dc2-3da8"
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://cmp.heise.de
cache-control: public, max-age=7200
strict-transport-security: max-age=15768000
accept-ranges: bytes
vary: Origin
content-length: 15784
x-xss-protection: 1; mode=block

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 39ms
38ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1624546045.043304"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Thu, 12 Aug 2021 07:00:14 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 47ms
47ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.heise.de
URL: https://www.heise.de/security/artikel/Malware-Analyse-Do-It-Yourself-3910855.html?seite=all
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 12 Aug 2021 07:00:14 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
291 B 438ms
113ms Fetch
text/plain 50.31.142.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=9848dc6826c270026bb668b01d30375b_27285_1626159614727&tm=688&eT=0&widgetWidth=696&widgetHeight=743&widgetX=272&widgetY=11332&tpcs=0&wRV=2000381&pVis=1&lsd=-1&eIdx=&cnsntV2=CPJOfwrPJOfwrAGABCENBiCgAAAAAH_AAAqIAAAOPAIMBAQAAAEEAAAAECAQAAQAiAAAAABBAAAQBIAEIgACRwEQAIAACAxAQAAAgBAQgwCAAACAIIAgBAAwAAAAiAQAAgAEAAAAEIAADACQAAAAEAICAAiAAEAAAiCAgZCAgIACCAFABAAAqJCAAAMooASBBAPGQBQBHAFLAN4AmIBgQiAMAQAApYBrADqgHyAYEJAAgN_CQDAAEACOAIAAUsAxQBrADeAHyATEAmUBaADAgoAEARQaAOAQAApYBrADeAHVAPkAwIOACANkA38VAGAEcAUsA3gCYgGBANyHQCABHAFiALqAYoA6gC0AF2gNEHgAgBFAN_IQBgBHAFDAMUAdQBdoDRCUAgABAAbQBHAF1AMUAdQA-QC7SYAEBv5SAEAUMBdpUACA38AA.YAAAAAAAAAAA&cheq=0&rtt=385&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 13 Jul 2021 07:00:15 GMT
content-encoding: gzip
X-TraceId: 4261a3e0676f7b9afcb35cdcd26173e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame BB35 16 KB
6 KB 55ms
55ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03756393a5bd0a892eca673f2c8bd7d6e8f72b3d667e8dfe912d13bf4c1e0edf

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heise.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heise.de/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "969a8e0424552ce44cc1188280e497e5:1625574515.546906"
last-modified: Tue, 06 Jul 2021 12:28:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Wed, 14 Jul 2021 07:00:14 GMT
date: Tue, 13 Jul 2021 07:00:14 GMT
content-length: 5500
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1626159614~rv=2~id=9e6d8cc4f5ee37e6d8c58ef02a1c36a1; path=/; Expires=Tue, 13 Jul 2021 07:00:14 GMT; Secure; SameSite=None

GET
H2 200 eyJpdSI6ImVkMjU5ZjU4NGMyOGU5MDQ3MTNjMmQ3OGM1MzQ3OTAyZmMwZGY2YzRkYjcxYzU1MmY4YmRiMWJjM2JiNGE1M2QiLCJ3Ijo4MCwiaCI6MjQsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 2 KB
2 KB 125ms
38ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMjU5ZjU4NGMyOGU5MDQ3MTNjMmQ3OGM1MzQ3OTAyZmMwZGY2YzRkYjcxYzU1MmY4YmRiMWJjM2JiNGE1M2QiLCJ3Ijo4MCwiaCI6MjQsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d8b7f46dbfbdf1b94e87efe1d06bc521268749a7343a50f56909244c0ce0c4f

Request headers

Referer: https://www.heise.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:00:14 GMT
cache-control: max-age=1347893
last-modified: Fri, 05 Feb 2021 08:45:36 GMT
x-traceid: a19008cadeafaf6b7deadf56ab800472
timing-allow-origin: *
content-length: 1630
content-type: image/webp

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.e73233a10e71dc827f14(Line 15) Message: Performance Polyfills [ms]: 11
console-api	log	URL: https://cmp.heise.de/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.privacy-mgmt.com
cmp.heise.de
de.ioam.de
images.outbrainimg.com
log.outbrainimg.com
mcdp-chidc2.outbrain.com
odb.outbrain.com
script.ioam.de
ssl-heise.met.vgwort.de
tcheck.outbrainimg.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.heise.de
13.224.99.50
13.224.99.55
151.101.14.132
161.156.66.178
2.18.232.28
2.18.234.190
2a02:2e0:3fe:1001:7777:772e:2:85
50.31.142.191
70.42.32.191
91.215.100.39
91.215.103.65
03756393a5bd0a892eca673f2c8bd7d6e8f72b3d667e8dfe912d13bf4c1e0edf
1a7af394216a04c96a3756d89e219c878b57cc0f8c8602508d5090f472ae5349
1df4e66be0ca49bc4d82de7d06e86bceb1e64bc7d20c9706ac9ad55272b47913
217539993768df2d75293bf2bacc50ce2c819fe88c07a49b1fdfa0ae253f2da3
235c12905da1a2f7a1617cf0b1473704f3683d6ae715e6f513effdb1381f6fe1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27ebfb38c9bcee8e9d0a07e5c7270268965af886fb485b5984ffaf28c66bce9f
2a77c40fb9b1b438a2436728719cf8ad3065c924abce24865c8662a657e525de
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ee65681169097d090e910d0525bb09e60a2ddd405f46d976daad8f29d0a1a67
2fc8d5a993405c4c58b580ae5bef22a0e47f6a0070218e4430feeb69c808614e
3b900d1bd9278077b58c6dd6f9199268bb05ebf9771d0beca8fc0c1601ae9fbc
45bc5a157ae3fa53f54b7f062d593e4b0f7b0d31cb572970263e35f0564a4da8
487778c9f4a6df308a12c2e74e3f23bcd41009a18e2d6329093cda719a076dd6
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
582b5b2618ab8ee1fb8b820f68cb254a9976d574ecb9d69ce5bcae389558d884
5984be1d18258bb41d09c11c47d66b5d8af6a999a87df7394054ec36f0d5e0e9
5d8b7f46dbfbdf1b94e87efe1d06bc521268749a7343a50f56909244c0ce0c4f
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61c555c7cf3320e0d9198642a5fb6a5abb1dbdf1ea0fdf1fca47a6cd96721fd5
638e629a60065f054c9e4ce2bf5f32b82b0c651e1f02c3c0732a315a5d4407a3
75609a73ddf4dc3de543a24f6ec12ed84828ede710e7e62eed49d6d736551d4f
75e425ff2c4c1b1e8c711b441ed964dc93e064b7692497bb73abdbd425d26ecf
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9f2cb711f34fabc46f91a693d1c157e6bd9c8188f3c267794fba7b7ee397401f
a08adf66364706967a0809e5409cbba6207dcfcfeacbf641cb1ce45c1dee15c8
a5c359755c7f05d5cac39b9dbff199335b8155e0a872ba46cf966d154d3e2955
ab3a93b8c7a644bd7be9af6f1a72db904733a3ffb3fd9c9fa2f1d6f1803a5df3
affc8b9d9bf8252e87533498fc49c3f3d126d3d13cd3dd7ab4ce2115004d50cb
b409cde19aea8b33e07edac3f624395600cde1b10ac298788b8ecd403d6bd6af
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8bc1261cdca43de0f821cd8ca176a47f203352a9b9cf0fb6b489ad9e52da4b5
c1cf8769347c954fb5cb714ddb4c25948dde3469168851e0385135898d2a8859
c7c1c477b5d221535ced4b2cfc393808155da899f3408a94fcca0ed65f5cbd33
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
dd5b1f8a8736bb703254a870792dc5705ce99a7779dd418d1cf83316af9876ab
e23a7b58894774640f82a2dd1ca6dd8433c524b3fcefd189a9325aab8b3bf0ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9cbe0e363214f928183e217676c08efa4de4469ffd15fd5067c45a400d3fa
efbfbbcfcb947618a71bdd68bcc5a6fef5356c183168e032c374bbe905a418f5
f54f455a59a0d06123cc94c3487243626d70a15f41f7165df7a7c23cf4c7a7fc
f939f13636f1332b9fb0fa55d68aebc5a5413ed65b38ab94761e1e1a0fcaab67
fa57d6b89d218254e0945e5fe7ebba0ff2da9184de979a212e391dbb6502085c
fb0c962c2a46b261dcf2c64acd439dabce75c448235038f38b6d5eef64318f6b
fe4a3697452188b5e2515e5836d01e1cc2b8da7de0d34c5481a54582c8ff6be5

www.heise.de Open in urlscan Pro 2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

9 %IPv6

6 Domains

13 Subdomains

12 IPs

2 Countries

602 kBTransfer

2216 kBSize

0 Cookies

40 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heise.de Open in urlscan Pro
2a02:2e0:3fe:1001:7777:772e:2:85 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

9 %
IPv6

6
Domains

13
Subdomains

12
IPs

2
Countries

602 kB
Transfer

2216 kB
Size

0
Cookies

51 HTTP transactions
1 data transactions