www.br.de
Open in
urlscan Pro
2a02:26f0:7100:387::150
Public Scan
Submitted URL: https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter
Effective URL: https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj
Submission: On January 20 via manual from DE — Scanned from DE
Effective URL: https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj
Submission: On January 20 via manual from DE — Scanned from DE
Summary
This website contacted 12 IPs
in 3 countries
across 8 domains to perform 69 HTTP transactions.
The main IP is 2a02:26f0:7100:387::150, located in
Frankfurt am Main, Germany and
belongs to AKAMAI-ASN1, NL.
The main domain is www.br.de.
The Cisco Umbrella rank of the primary domain is 77058.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 30th 2021. Valid for: a year.
This is the only time www.br.de was scanned on urlscan.io!
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 30th 2021. Valid for: a year.
This is the only time www.br.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 27 | 2a02:26f0:710... 2a02:26f0:7100:387::150 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 18.64.79.94 18.64.79.94 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 91.215.100.39 91.215.100.39 | 43407 (INFONLINE-AS) (INFONLINE-AS) | |
| 15 | 2a02:26f0:710... 2a02:26f0:7100:399::150 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 2606:4700::68... 2606:4700::6812:e134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 91.215.103.65 91.215.103.65 | 43407 (INFONLINE-AS) (INFONLINE-AS) | |
| 15 | 34.76.217.83 34.76.217.83 | 15169 (GOOGLE) (GOOGLE) | |
| 1 3 | 108.156.255.206 108.156.255.206 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 216.239.38.21 216.239.38.21 | 15169 (GOOGLE) (GOOGLE) | |
| 69 | 12 |
1
18.64.79.94
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-94.txl50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-94.txl50.r.cloudfront.net
| tag.aticdn.net |
2
2a00:1450:4001:808::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
15
34.76.217.83
(Brussels, Belgium)
ASN15169 (GOOGLE, US)
PTR: 83.217.76.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 83.217.76.34.bc.googleusercontent.com
| comments.br24.de |
1
2a00:1450:4001:810::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 44 |
br.de
1 redirects
www.br.de — Cisco Umbrella Rank: 77058 img.br.de — Cisco Umbrella Rank: 192039 tm.br.de — Cisco Umbrella Rank: 341213 |
896 KB |
| 15 |
br24.de
comments.br24.de — Cisco Umbrella Rank: 444590 |
747 KB |
| 3 |
xiti.com
1 redirects
logs1413.xiti.com — Cisco Umbrella Rank: 65335 |
2 KB |
| 3 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036 onesignal.com — Cisco Umbrella Rank: 1251 |
73 KB |
| 3 |
ioam.de
1 redirects
script.ioam.de — Cisco Umbrella Rank: 13211 85a634c8.de.ioam.de |
10 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
111 KB |
| 1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
20 KB |
| 1 |
aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 20461 |
16 KB |
| 69 | 8 |
| Domain | Requested by | |
|---|---|---|
| 27 | www.br.de |
1 redirects
www.br.de
comments.br24.de |
| 15 | comments.br24.de |
www.br.de
comments.br24.de |
| 15 | img.br.de |
www.br.de
|
| 3 | logs1413.xiti.com |
1 redirects
www.br.de
|
| 2 | tm.br.de |
www.google-analytics.com
www.googletagmanager.com |
| 2 | 85a634c8.de.ioam.de |
1 redirects
www.br.de
|
| 2 | cdn.onesignal.com |
www.br.de
cdn.onesignal.com |
| 2 | www.googletagmanager.com |
www.br.de
www.googletagmanager.com |
| 1 | www.google-analytics.com |
www.googletagmanager.com
|
| 1 | onesignal.com |
cdn.onesignal.com
|
| 1 | script.ioam.de |
www.br.de
|
| 1 | tag.aticdn.net |
www.br.de
|
| 69 | 12 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| news.microsoft.com |
| www.microsoft.com |
| www.facebook.com |
| twitter.com |
| www.instagram.com |
| www.youtube.com |
| br.de |
| apps.apple.com |
| play.google.com |
| www.ard.de |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.br.de GeoTrust RSA CA 2018 |
2021-05-30 - 2022-06-08 |
a year | crt.sh |
| tag.aticdn.net Thawte RSA CA 2018 |
2022-01-11 - 2023-01-22 |
a year | crt.sh |
| *.ioam.de Thawte TLS RSA CA G1 |
2021-12-01 - 2022-12-01 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-04 - 2022-07-03 |
a year | crt.sh |
| comments.br24.de R3 |
2021-12-25 - 2022-03-25 |
3 months | crt.sh |
| *.xiti.com Thawte RSA CA 2018 |
2020-02-27 - 2022-05-22 |
2 years | crt.sh |
| tm.br.de GTS CA 1D4 |
2021-11-24 - 2022-02-22 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj
Frame ID: C2B86FC97F1ED1CD630FD10842C4A725
Requests: 55 HTTP requests in this frame
Frame:
https://comments.br24.de/embed/stream?asset_id=SqRrktj&asset_url=https%3A%2F%2Fwww.br.de%2Fnachrichten%2Fnetzwelt%2Fso-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter%2CSqRrktj&initialWidth=794&childId=_0.030101691755853865&parentTitle=So%20l%C3%A4uft%20die%20Betrugsmasche%20der%20falschen%20Microsoft-Mitarbeiter%20%7C%20BR24&parentUrl=https%3A%2F%2Fwww.br.de%2Fnachrichten%2Fnetzwelt%2Fso-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter%2CSqRrktj
Frame ID: 93813F3E00F1D992C4C9CE18A7A4C979
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
So läuft die Betrugsmasche der falschen Microsoft-Mitarbeiter | BR24BR24 LogoRadioVerkehrsmeldungenBayern WetterSucheBR24 LogoRadioVerkehrsmeldungenBayern WetterSuchePer Mail sharenTeilenPer Mail sharenTeilenArtikel mit Video-InhaltenArtikel mit Audio-InhaltenArtikel mit Video-InhaltenArtikel mit Audio-InhaltenArtikel mit Video-InhaltenArtikel mit Audio-InhaltenArtikel mit Video-InhaltenExterner LinkExterner LinkExterner LinkBR24 Facebook KontoBR24 Twitter KontoBR24 Instagram-KontoBR24 YouTube-KontoApp StoreCheck-IconInfoBayerischer RundfunkPage URL History Show full URLs
-
https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mita...
HTTP 301
https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mita... Page URL
Detected technologies
AMP
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel="amphtml"
AT Internet XiTi
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- xiti\.com/hit\.xiti
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneSignal
(Marketing automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.onesignal\.com
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://news.microsoft.com/de-de/microsoft-studie-zu-tech-support-scams-betruegerische-anrufe-in-deutschland-nehmen-zu/
Title: Einer Microsoft-Studie zufolge
Title: Einer Microsoft-Studie zufolge
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/de-de/concern/scam?rtc=1
Title: auf seiner Website
Title: auf seiner Website
Search URL Search Domain Scan URL
URL: https://www.facebook.com/BR24/
Title: BR24 Facebook Konto
Title: BR24 Facebook Konto
Search URL Search Domain Scan URL
URL: https://twitter.com/BR24
Title: BR24 Twitter Konto
Title: BR24 Twitter Konto
Search URL Search Domain Scan URL
URL: https://www.instagram.com/br24/
Title: BR24 Instagram-Konto
Title: BR24 Instagram-Konto
Search URL Search Domain Scan URL
URL: https://www.youtube.com/channel/UCcweJsCV2TUP_kzMX25U-oQ
Title: BR24 YouTube-Konto
Title: BR24 YouTube-Konto
Search URL Search Domain Scan URL
URL: https://br.de/podcast
Title: Podcasts
Title: Podcasts
Search URL Search Domain Scan URL
URL: https://apps.apple.com/de/app/br24/id998904798
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=de.br.sep.news.br24
Title: App Store
Title: App Store
Search URL Search Domain Scan URL
URL: https://www.ard.de/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter
HTTP 301
https://www.br.de/nachrichten/netzwelt/so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://85a634c8.de.ioam.de/tx.io?cp=brde%2Fbr24%2F&st=bronline&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.br.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=001a&i2=001abd16ab2497ede61e90e9d&ep=1664054637&vr=434&id=9n3a2a&i3=001abd16ab2497ede61e90e9d%3A1668583581907%3A1642663581907%3A.br.de%3A1%3Abronline%3Abrde%2Fbr24%2F%3Anoevent%3A1642663581907&n1=2&dntt=0<=1642663581908&ev=&cs=psw82a&mo=1 HTTP 302
- https://85a634c8.de.ioam.de/tx.io?cp=brde%2Fbr24%2F&st=bronline&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.br.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=001a&i2=001abd16ab2497ede61e90e9d&ep=1664054637&vr=434&id=9n3a2a&i3=001abd16ab2497ede61e90e9d%3A1668583581907%3A1642663581907%3A.br.de%3A1%3Abronline%3Abrde%2Fbr24%2F%3Anoevent%3A1642663581907&n1=2&dntt=0<=1642663581908&ev=&cs=psw82a&mo=1&sr=71
- https://logs1413.xiti.com/hit.xiti?s=596277&ts=1642663581902&vtag=5.14.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=7x26x21&lng=en-US&idp=0726218716699&jv=0&p=netzwelt::So%20l%C3%A4uft%20die%20Betrugsmasche%20der%20falschen%20Microsoft-Mitarbeiter%20&s2=2&vrn=1&x1=[BR24]&x2=[ohne%20Welle/Angebot]&x4=[Netzwelt]&x5=[keine%20Sendereihe]&x6=[Artikel]&x7=[so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj]&x8=[So%20l%C3%A4uft%20die%20Betrugsmasche%20der%20falschen%20Microsoft-Mitarbeiter%20]&x9=[|globale%20Computerwartungssabteilung|Microsoft|Anrufe|Betrug|]&x10=20211207&x11=%5Bhttps%3A%2F%2Fwww.br.de%2Fnachrichten%2Fnetzwelt%2Fso-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter%2CSqRrktj%5D&x12=[article:SqRrktj]&x14=[Web]&x20=[ohne%20Geo-Position]&ref= HTTP 302
- https://logs1413.xiti.com/hit.xiti?s=596277&ts=1642663581902&vtag=5.14.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=7x26x21&lng=en-US&idp=0726218716699&jv=0&p=netzwelt::So%20l%C3%A4uft%20die%20Betrugsmasche%20der%20falschen%20Microsoft-Mitarbeiter%20&s2=2&vrn=1&x1=[BR24]&x2=[ohne%20Welle/Angebot]&x4=[Netzwelt]&x5=[keine%20Sendereihe]&x6=[Artikel]&x7=[so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj]&x8=[So%20l%C3%A4uft%20die%20Betrugsmasche%20der%20falschen%20Microsoft-Mitarbeiter%20]&x9=[|globale%20Computerwartungssabteilung|Microsoft|Anrufe|Betrug|]&x10=20211207&x11=%5Bhttps%3A%2F%2Fwww.br.de%2Fnachrichten%2Fnetzwelt%2Fso-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter%2CSqRrktj%5D&x12=[article:SqRrktj]&x14=[Web]&x20=[ohne%20Geo-Position]&ref=&Rdt=On
69 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
so-laeuft-die-betrugsmasche-der-falschen-microsoft-mitarbeiter,SqRrktj
www.br.de/nachrichten/netzwelt/ Redirect Chain
|
311 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open-sans.css
www.br.de/nachrichten/fonts/ |
4 KB 952 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
smarttag.js
tag.aticdn.net/596277/ |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iam.js
script.ioam.de/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bc5a322b0f24fd3f.css
www.br.de/nachrichten/_next/static/css/ |
13 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
webpack-97951af65cb8dee8.js
www.br.de/nachrichten/_next/static/chunks/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
framework-28a57f2ce88e708f.js
www.br.de/nachrichten/_next/static/chunks/ |
147 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main-58005e0678bbaa63.js
www.br.de/nachrichten/_next/static/chunks/ |
169 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_app-9467213b41acefff.js
www.br.de/nachrichten/_next/static/chunks/pages/ |
661 KB 223 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ea88be26-757fddb8cffd3492.js
www.br.de/nachrichten/_next/static/chunks/ |
265 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a4c92b5b-8b88afa52346da25.js
www.br.de/nachrichten/_next/static/chunks/ |
122 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
919-d8bda69352d2282d.js
www.br.de/nachrichten/_next/static/chunks/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
675-9d4c50082d2d97d9.js
www.br.de/nachrichten/_next/static/chunks/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
519-811c579a5821d3b2.js
www.br.de/nachrichten/_next/static/chunks/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
99-dab3ca0feedab904.js
www.br.de/nachrichten/_next/static/chunks/ |
115 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
520-2795954634695423.js
www.br.de/nachrichten/_next/static/chunks/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
886-f1e9c47f20364e2a.js
www.br.de/nachrichten/_next/static/chunks/ |
75 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
217-10cdb1fdd45c3ef2.js
www.br.de/nachrichten/_next/static/chunks/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
419-60fb472d3eee37c0.js
www.br.de/nachrichten/_next/static/chunks/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
article-2c23520629dd234b.js
www.br.de/nachrichten/_next/static/chunks/pages/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_buildManifest.js
www.br.de/nachrichten/_next/static/Dv-gbNBw_HnOSmhzCjZUQ/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_ssgManifest.js
www.br.de/nachrichten/_next/static/Dv-gbNBw_HnOSmhzCjZUQ/ |
77 B 494 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_middlewareManifest.js
www.br.de/nachrichten/_next/static/Dv-gbNBw_HnOSmhzCjZUQ/ |
92 B 495 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
edcf090f-b010-43a0-af3e-a4a44367df7f.jpeg
img.br.de/ |
518 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
edcf090f-b010-43a0-af3e-a4a44367df7f.jpeg
img.br.de/ |
528 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
160 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
247 B 0 |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open-sans-v15-latin_latin-ext-regular.woff2
www.br.de/nachrichten/fonts/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open-sans-v15-latin_latin-ext-600.woff2
www.br.de/nachrichten/fonts/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open-sans-v15-latin_latin-ext-700.woff2
www.br.de/nachrichten/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open-sans-v15-latin_latin-ext-italic.woff2
www.br.de/nachrichten/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5b0a577e-cf0e-44ed-9a33-809de067ac87.jpeg
img.br.de/ |
682 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tx.io
85a634c8.de.ioam.de/ Redirect Chain
|
0 717 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
comments.br24.de/static/ |
53 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
70ba39af-8347-4e2b-a292-ac4bd6d4368c.png
img.br.de/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hit.xiti
logs1413.xiti.com/ Redirect Chain
|
35 B 306 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
12d7f755-0adb-48c8-91d9-30a6227e6ca0.jpeg
img.br.de/ |
525 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
60df0f62-bf03-4532-97e3-ab7421fe2a0d.jpeg
img.br.de/ |
535 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e6313ab9-5400-455b-bb60-23668080992b.jpeg
img.br.de/ |
521 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
12276c05-7b1f-4c1d-83f7-7c4fed66b242.jpeg
img.br.de/ |
572 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
32f03ec6-0d9d-444c-90d0-d93a5e82d709.jpeg
img.br.de/ |
483 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
https%3A%2F%2Fwww.br.de%2Fkultur%2Fkulturbuehne-teaserbild-100~_v-img__16__9__xl_-d31c35f8186ebeb80b0cd843a7c267a0e0c81647.png
img.br.de/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
https%3A%2F%2Fwww.br.de%2Fwissen%2Finhalt%2Fteaserbild-br-wissen-100~_v-img__16__9__xl_-d31c35f8186ebeb80b0cd843a7c267a0e0c81647.png
img.br.de/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
https%3A%2F%2Fwww.br.de%2Fmediathek%2Fstatic%2FBrand_ogp.png
img.br.de/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b492b6c4-fc50-4706-bbb4-ee5c03262fda.jpeg
img.br.de/ |
578 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
edcf090f-b010-43a0-af3e-a4a44367df7f.jpeg
img.br.de/ |
125 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
edcf090f-b010-43a0-af3e-a4a44367df7f.jpeg
img.br.de/ |
593 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
283 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
stream
comments.br24.de/embed/ Frame 9381 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
material-icons.css
comments.br24.de/public/fonts/ Frame 9381 |
931 B 821 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
open-sans.css
comments.br24.de/public/fonts/ Frame 9381 |
2 KB 776 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
source-sans.css
comments.br24.de/public/fonts/ Frame 9381 |
1 KB 694 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
comments.br24.de/public/font-awesome/css/ Frame 9381 |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.035bb6b3e363c1d8c13fe9f42859c3a6.css
comments.br24.de/static/embed/stream/ Frame 9381 |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.13c99aec9871472bb0ebfad78b52d112.css
comments.br24.de/static/embed/stream/ Frame 9381 |
88 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
br-custom-talk-style.css
www.br.de/nachrichten/ Frame 9381 |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.55ba2b98a12284475524.js
comments.br24.de/static/embed/stream/ Frame 9381 |
3 MB 537 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web
onesignal.com/api/v1/sync/c2f61305-571d-4773-b5ae-b13cb6eaf3d4/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
165 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hit.xiti
logs1413.xiti.com/ |
35 B 307 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
auth
comments.br24.de/api/v1/ Frame 9381 |
0 212 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
open-sans-v15-latin_latin-ext-regular.woff2
comments.br24.de/public/fonts/ Frame 9381 |
18 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
ql
comments.br24.de/api/v1/graph/ Frame 9381 |
15 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
tm.br.de/j/ |
35 B 460 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
tm.br.de/g/ |
0 308 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
open-sans-v15-latin_latin-ext-600.woff2
comments.br24.de/public/fonts/ Frame 9381 |
19 KB 20 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MaterialIcons-Regular.woff2
comments.br24.de/public/fonts/ Frame 9381 |
43 KB 44 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
comments.br24.de/public/font-awesome/fonts/ Frame 9381 |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| dataLayer object| ATInternet function| ATCustomEvent string| szmvars object| iom object| webpackChunk_N_E object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| applyFocusVisiblePolyfill object| google_tag_manager function| __NEXT_PRELOADREADY object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST function| OneSignal object| Coral number| __oneSignalSdkLoadCount function| __jp0 string| gtmCachedBotScore object| google_tag_data string| GoogleAnalyticsObject function| ga object| ATTagGTM object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .br.de/ | Name: iom_consent Value: 0000000000&1642663581906 |
|
| .br.de/ | Name: ioam2018 Value: 001abd16ab2497ede61e90e9d:1668583581907:1642663581907:.br.de:2:bronline:brde/br24/:noevent:1642663581907:vta4u1 |
|
| .xiti.com/ | Name: atid Value: 365079C5-DE6F-40AC-92B1-56A7F07B6ABC |
|
| .ioam.de/ | Name: i00 Value: 00287da54de3e9b1b61e90e9d0001%3B61e90e9e%3B639234c0 |
|
| www.br.de/ | Name: atidvisitor Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-596277--618883-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D |
|
| .br.de/ | Name: _gid Value: GA1.2.827297469.1642663583 |
|
| .br.de/ | Name: _gat_UA-35691033-14 Value: 1 |
|
| .br.de/ | Name: _ga_LS0MSX8DVE Value: GS1.1.1642663582.1.0.1642663582.0 |
|
| .br.de/ | Name: _ga Value: GA1.1.1082386694.1642663583 |
|
| .br.de/ | Name: FPLC Value: kMQEkIlWBd%2FhIm2J3DFK9cf8eOTlI6W4lYV44LXg7l4dAaxcwI6WjodFbeLYJgQgJ0vY1PDCkbb9v6DlxG7DsQbHuzKTmp9uWtdTH1s56Qp%2Fd%2BJZvyNYl6GDE1WCsA%3D%3D |
|
| .br.de/ | Name: FPID Value: FPID1.2.Ha6zOV995HtV2lrdWTVOyVmegNpOPnAFxBxUfnBcZuE%3D.1642663583 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
85a634c8.de.ioam.de
cdn.onesignal.com
comments.br24.de
img.br.de
logs1413.xiti.com
onesignal.com
script.ioam.de
tag.aticdn.net
tm.br.de
www.br.de
www.google-analytics.com
www.googletagmanager.com
108.156.255.206
18.64.79.94
216.239.38.21
2606:4700::6812:e134
2a00:1450:4001:808::2008
2a00:1450:4001:810::200e
2a02:26f0:7100:387::150
2a02:26f0:7100:399::150
34.76.217.83
91.215.100.39
91.215.103.65
05135c3fa26d88e1827e61b9eaa613db78d44f59379856214b6d84ac41e12eee
09693403400132f85506c401070288811b161545299aa18cc6f11383ed2356e3
0e0e200e27ce5951afb11bb119e2a83efcb17e9bb54454250802449a9c1e29da
17382ac4d34e8cc061259f90dac8b6022055067ece679faaf7b8b5b08b2a3836
19dfeb367e38d35aac066c40d6f22726292e685e06243e93603f1a48e4202272
22333650c89c03feb09a77a78be89d1c699edfca7f06ffaf68172b37bc2c386a
29e838b6bdd28de8abf682dd578a55a4e78e3e4a713060cc08d96a258b2352ea
2a8f7db0d5a2edf48ea4f3b6794eab746c6889c9f59d300593a1faff3a9a78b1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30324014fe120acedd2e4d2d7c7e7c3c6fbf03627616f6b574ff19801a30cfc8
30fc11c0b28bd17268f9367030f5f3f3d48f6d8a2e398ead86263c54ab67612f
310583afd81c307eada81f14845f2f5b825e3a40d70d733317eaffcb6e652907
39bfb58b420052a59b76dc802b5e2d4c61b43f5863dcbb1abce26e98442af803
3a5dbcc05ec19e6baf15827670cda1311320f4fdb2aeea04fbf37fc5f2ac12b6
3b39268d3d8186c509577a9a470cf5a9dcc5f397a2b358a7f857ea3ca0933785
4331c30176ec43ab9f5aaae445bedac2afaa1794fd75372ae069b1460cf8ecf7
447db0eb5e980e60e0446a24608fb1d8570dce733a7e58ae20ade49b5fc5207c
4a3c06952846e4a4df0db3deddaecee141322fdb3abfd5140c24a0f7fa92b310
4f97088dcb2db5ecaf8a64dd40cd92c4069c42a17b8eb8dc29ba8e99af7a6a10
519a5d25955de4cb73ca35e076b5e687de4171709f748fe8b5a58643b2aecd99
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b
6469fb842f429cf5f983c7f857f5b26270387d66d901297a6054281997070df7
67afafa0395327340c29a6c845edb4dd70d3829ce9101627813e15751eb273a1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
784a7423298c587ce89819cd81d6e225877b32605b4b40eb3ccafb3f3f3e5750
78e8a6e3baf7f20326f2af67c64a9e0fd46f81f2b3a9b9da81b5c6fcc60d1027
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857e9185eac438e86a3f25901e565af5612ea86913b5b77a8dca76eedf32160e
85af39162ed24e08c046a330d738682e135d4aa64c2ec85e08c81c62d42f54c2
87280d09a46f02ddc3bd350767707f02e6e99176675442d24ca431fe4fb3332c
880e16dc17e2fb3b0919cdfda8e0803ef52bfa74c92ec3844d8d03ba437a2a6b
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
8b54578c9e9bf004d4eb1c4523aea2c881a642b8b8e046830dd947392e52ebd8
8e37f1a07096a91782f98531e72d787e3723b5fc6cb39090ebf6fdbdad1425e2
9ac2f31d4dc01c1b1c102d6a80b63484cf5acf3b8bc7b4eccf04bf851948f884
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9e256f62623f99f7ab0aa12cc4e51f20758d4ba229ace115539753f4282b6be2
a0f54c057573e1db24fff2ab27c2c9af4b880643086116461b35e16ad63ce1ed
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7ba40a375ab92d25a15ad396d8f1fe3ee0f34831d1172452069c0f22aaae697
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356
b43b1687255315c179f1bd0704e3bbb4a25080f19d16b9aee38ffbde65da11f9
b5ffc15150b7a4696ac493dad356c447b8f820411a476ffb200efb03765d30ce
bc553a8be5c6709f284f37173a0e6eecb508bde4f1ff74b015d3d6544a9d3f5e
bc95bd1bc756a1701ba74d8d3c30c49d1eae346751f9da2f611ea1cf620ed59f
c7dd25d29284b1e91d4877f72a0a4967bf2c9242dd9cedfd5946b4d35f6bc99d
c891cc9cc135d09591b23c7490df8dd9c8351a69c3445802f7ce30038d9806a4
cc9a799dc0cc9088eb54016a0bca4321b6fc31494e1dd70cab5a417d8841511c
cc9c8d9450f3ba70a4dd58530ff368e2cb57041b7267c3b31b02f8bcb936e478
ce8c3ba56e5248e7d7fe3f2da0d1ebff209ed518e8ad7eeb80056e1f157b144e
cf8594772458d9e54f646def851aa64c133fcf1900c1d20d48fe3f5b09f1af55
d19240db8ad56c528dec609e35e6c5bff30cb7e6e55e9fc98f0810965b401d25
de4aa4e897ee9a64f5327c18388a88108cc29d7dbcc3dde18464b4ddc24e1e63
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de736e54b14c0c73a2a62b593651d0fd47c6afef0ae73b85f8c5816167b5b596
df559fb82f736e5d863e7260dcef1260fbaf89bd687c478b2868c983694875b8
e2dd1392a86ae65a4d9be17242ba5643be5aa3b129d0526e20aabccfccd9fec6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40808eac7e5e61e2608cb0562f23c6b84a702ae05b9689dcf7c412c74a4b736
e8f72ea34761dd35e9e904a19f3745b2ad7b98668a560f85ee09eb0b1ee3f0e4
ec0fba24c62282cd42ce85ce4ef812f7951f03bd223619fb627969034bb4961f
f99784b55885606028406ac7e61f0d6210efca1ceec4d59bd30024fc70572b87