secure.covrtech.net
Open in
urlscan Pro
107.21.18.20
Malicious Activity!
Public Scan
Submission: On August 03 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on August 3rd 2021. Valid for: 3 months.
This is the only time secure.covrtech.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-18-20.compute-1.amazonaws.com
secure.covrtech.net | |
onedrive.covrtech.net |
ASN20940 (AKAMAI-ASN1, NL)
officehome.cdn.office.net |
ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com | |
c.s-microsoft.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com
statics-marketingsites-eus-ms-com.akamaized.net |
ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
Domain | Requested by | |
---|---|---|
49 | covrtech.com |
officehome.cdn.office.net
covrtech.com |
20 | www.youtube.com |
covrtech.com
www.youtube.com |
20 | officehome.cdn.office.net |
secure.covrtech.net
|
7 | r5---sn-4g5ednsr.googlevideo.com |
www.youtube.com
|
3 | web.vortex.data.microsoft.com |
officehome.cdn.office.net
|
3 | mem.gfx.ms |
secure.covrtech.net
mem.gfx.ms |
3 | www.microsoft.com |
secure.covrtech.net
www.microsoft.com |
2 | c1.microsoft.com | 1 redirects |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | browser.pipe.aria.microsoft.com |
officehome.cdn.office.net
|
2 | c.s-microsoft.com |
www.microsoft.com
|
1 | c.bing.com | 1 redirects |
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | fonts.gstatic.com |
www.youtube.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | use.typekit.net |
covrtech.com
|
1 | www.googletagmanager.com |
covrtech.com
|
1 | logincdn.msauth.net |
login.live.com
|
1 | onedrive.covrtech.net | 1 redirects |
1 | login.live.com |
officehome.cdn.office.net
|
1 | img-prod-cms-rt-microsoft-com.akamaized.net |
secure.covrtech.net
|
1 | statics-marketingsites-eus-ms-com.akamaized.net |
secure.covrtech.net
|
1 | secure.covrtech.net | |
124 | 25 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
onedrive.covrtech.net R3 |
2021-08-03 - 2021-11-01 |
3 months | crt.sh |
*.cdn.office.net Microsoft RSA TLS CA 01 |
2021-01-26 - 2022-01-26 |
a year | crt.sh |
www.microsoft.com Microsoft RSA TLS CA 01 |
2020-08-28 - 2021-08-28 |
a year | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2020-07-15 - 2021-09-13 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06 |
2021-06-05 - 2022-05-31 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2021-07-28 - 2022-07-28 |
a year | crt.sh |
covrtech.com R3 |
2021-05-30 - 2021-08-28 |
3 months | crt.sh |
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02 |
2020-10-05 - 2021-10-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-03 - 2021-11-07 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-16 - 2022-07-21 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2020-09-14 - 2021-09-09 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
c.msn.com Microsoft Azure TLS Issuing CA 02 |
2021-06-27 - 2022-06-22 |
a year | crt.sh |
*.c.docs.google.com GTS CA 1C3 |
2021-07-27 - 2021-10-05 |
2 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://secure.covrtech.net/
Frame ID: 029C006B9EF86742CF7D7794797EEA15
Requests: 47 HTTP requests in this frame
Frame:
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://secure.covrtech.net/
Frame ID: 34E45E79FA9FC1C7F19CB0B8F7EF49DA
Requests: 2 HTTP requests in this frame
Frame:
https://covrtech.com/
Frame ID: 785CCD2AB53972C7EA0D70FB55532CA8
Requests: 56 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/jmav5Xp4X-c?playsinline=0&controls=0&showinfo=0&rel=0&start=0&end=0&widget_referrer=https%3A%2F%2Fsecure.covrtech.net%2F&enablejsapi=1&origin=https%3A%2F%2Fcovrtech.com&widgetid=1
Frame ID: A60E59FCFF6D1C9B3973CB0EA10E0B6B
Requests: 30 HTTP requests in this frame
143 Outgoing links
These are links going to different origins than the main page.
Title: Microsoft
Search URL Search Domain Scan URL
Title: Plans and pricing
Search URL Search Domain Scan URL
Title: For families
Search URL Search Domain Scan URL
Title: For individuals
Search URL Search Domain Scan URL
Title: For students
Search URL Search Domain Scan URL
Title: See all home
Search URL Search Domain Scan URL
Title: Plans and pricing
Search URL Search Domain Scan URL
Title: Small business
Search URL Search Domain Scan URL
Title: Schools
Search URL Search Domain Scan URL
Title: Plans and pricing
Search URL Search Domain Scan URL
Title: Enterprise
Search URL Search Domain Scan URL
Title: Frontline workers
Search URL Search Domain Scan URL
Title: Excel
Search URL Search Domain Scan URL
Title: Microsoft Family Safety
Search URL Search Domain Scan URL
Title: Microsoft Teams
Search URL Search Domain Scan URL
Title: OneDrive
Search URL Search Domain Scan URL
Title: Outlook
Search URL Search Domain Scan URL
Title: PowerPoint
Search URL Search Domain Scan URL
Title: SharePoint
Search URL Search Domain Scan URL
Title: Word
Search URL Search Domain Scan URL
Title: See all apps and services
Search URL Search Domain Scan URL
Title: Microsoft Office
Search URL Search Domain Scan URL
Title: Office 365
Search URL Search Domain Scan URL
Title: Windows
Search URL Search Domain Scan URL
Title: Windows 365
Search URL Search Domain Scan URL
Title: Enterprise Mobility + Security
Search URL Search Domain Scan URL
Title: Customer stories
Search URL Search Domain Scan URL
Title: Frequently asked questions
Search URL Search Domain Scan URL
Title: Install Office
Search URL Search Domain Scan URL
Title: IT Pro resources
Search URL Search Domain Scan URL
Title: Office blog
Search URL Search Domain Scan URL
Title: Security & compliance
Search URL Search Domain Scan URL
Title: System requirements
Search URL Search Domain Scan URL
Title: Templates
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: My account
Search URL Search Domain Scan URL
Title: Buy now
Search URL Search Domain Scan URL
Title: Microsoft 365
Search URL Search Domain Scan URL
Title: Windows
Search URL Search Domain Scan URL
Title: Surface
Search URL Search Domain Scan URL
Title: Xbox
Search URL Search Domain Scan URL
Title: Deals
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Windows Apps
Search URL Search Domain Scan URL
Title: OneDrive
Search URL Search Domain Scan URL
Title: Outlook
Search URL Search Domain Scan URL
Title: Skype
Search URL Search Domain Scan URL
Title: OneNote
Search URL Search Domain Scan URL
Title: Microsoft Teams
Search URL Search Domain Scan URL
Title: Microsoft Edge
Search URL Search Domain Scan URL
Title: Computers
Search URL Search Domain Scan URL
Title: Shop Xbox
Search URL Search Domain Scan URL
Title: Accessories
Search URL Search Domain Scan URL
Title: VR & mixed reality
Search URL Search Domain Scan URL
Title: Phones
Search URL Search Domain Scan URL
Title: Xbox Game Pass Ultimate
Search URL Search Domain Scan URL
Title: Xbox Live Gold
Search URL Search Domain Scan URL
Title: PC games
Search URL Search Domain Scan URL
Title: Windows digital games
Search URL Search Domain Scan URL
Title: Movies & TV
Search URL Search Domain Scan URL
Title: Microsoft Azure
Search URL Search Domain Scan URL
Title: Microsoft Dynamics 365
Search URL Search Domain Scan URL
Title: Microsoft 365
Search URL Search Domain Scan URL
Title: Windows 365
Search URL Search Domain Scan URL
Title: Microsoft Industry
Search URL Search Domain Scan URL
Title: Data platform
Search URL Search Domain Scan URL
Title: Microsoft Advertising
Search URL Search Domain Scan URL
Title: Shop Business
Search URL Search Domain Scan URL
Title: .NET
Search URL Search Domain Scan URL
Title: Visual Studio
Search URL Search Domain Scan URL
Title: Windows Server
Search URL Search Domain Scan URL
Title: Windows Dev Center
Search URL Search Domain Scan URL
Title: Docs
Search URL Search Domain Scan URL
Title: Power Platform
Search URL Search Domain Scan URL
Title: Power Apps
Search URL Search Domain Scan URL
Title: HoloLens 2
Search URL Search Domain Scan URL
Title: Microsoft Rewards
Search URL Search Domain Scan URL
Title: Free downloads & security
Search URL Search Domain Scan URL
Title: Education
Search URL Search Domain Scan URL
Title: Virtual workshops and training
Search URL Search Domain Scan URL
Title: Gift cards
Search URL Search Domain Scan URL
Title: Licensing
Search URL Search Domain Scan URL
Title: Microsoft Experience Center
Search URL Search Domain Scan URL
Title: Students and Parents deals
Search URL Search Domain Scan URL
Title: View Sitemap
Search URL Search Domain Scan URL
Title: Remote Learning in education. Learn more >
Search URL Search Domain Scan URL
Title: Get Office
Search URL Search Domain Scan URL
Title: Sign up for the free version of Office
Search URL Search Domain Scan URL
Title: For business
Search URL Search Domain Scan URL
Title: For education
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Surface Laptop 4
Search URL Search Domain Scan URL
Title: Surface Laptop Go
Search URL Search Domain Scan URL
Title: Surface Go 2
Search URL Search Domain Scan URL
Title: Surface Pro X
Search URL Search Domain Scan URL
Title: Surface Duo
Search URL Search Domain Scan URL
Title: Windows 10 apps
Search URL Search Domain Scan URL
Title: Account profile
Search URL Search Domain Scan URL
Title: Download Center
Search URL Search Domain Scan URL
Title: Microsoft Store support
Search URL Search Domain Scan URL
Title: Returns
Search URL Search Domain Scan URL
Title: Order tracking
Search URL Search Domain Scan URL
Title: Microsoft Store Promise
Search URL Search Domain Scan URL
Title: Financing
Search URL Search Domain Scan URL
Title: Microsoft in education
Search URL Search Domain Scan URL
Title: Office for students
Search URL Search Domain Scan URL
Title: Office 365 for schools
Search URL Search Domain Scan URL
Title: Deals for students & parents
Search URL Search Domain Scan URL
Title: Microsoft Azure in education
Search URL Search Domain Scan URL
Title: Azure
Search URL Search Domain Scan URL
Title: AppSource
Search URL Search Domain Scan URL
Title: Automotive
Search URL Search Domain Scan URL
Title: Government
Search URL Search Domain Scan URL
Title: Healthcare
Search URL Search Domain Scan URL
Title: Manufacturing
Search URL Search Domain Scan URL
Title: Financial services
Search URL Search Domain Scan URL
Title: Retail
Search URL Search Domain Scan URL
Title: Developer Center
Search URL Search Domain Scan URL
Title: Microsoft developer program
Search URL Search Domain Scan URL
Title: Channel 9
Search URL Search Domain Scan URL
Title: Microsoft 365 Dev Center
Search URL Search Domain Scan URL
Title: Microsoft 365 Developer Program
Search URL Search Domain Scan URL
Title: Microsoft Garage
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: About Microsoft
Search URL Search Domain Scan URL
Title: Company news
Search URL Search Domain Scan URL
Title: Privacy at Microsoft
Search URL Search Domain Scan URL
Title: Investors
Search URL Search Domain Scan URL
Title: Diversity and inclusion
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: English (United States)
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Contact Microsoft
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Trademarks
Search URL Search Domain Scan URL
Title: Safety & eco
Search URL Search Domain Scan URL
Title: About our ads
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://onedrive.covrtech.net/savedusers?wreply=https://secure.covrtech.net/&appid=4345a7b9-9a63-4910-a426-35363201d503 HTTP 302
- https://covrtech.com/
- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
- https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
- https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=CAF1BDDC762B412198E17BF9D3A2E65A&RedC=c1.microsoft.com&MXFR=24A91F7B85C8617526900FF381C86712 HTTP 302
- https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=CAF1BDDC762B412198E17BF9D3A2E65A&MUID=3A3826DFDF236DFA10933657DE486C40
124 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
secure.covrtech.net/ |
111 KB 112 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_light.woff2
officehome.cdn.office.net/versionless/webfonts/ |
10 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_regular.woff2
officehome.cdn.office.net/versionless/webfonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_semibold.woff2
officehome.cdn.office.net/versionless/webfonts/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_semilight.woff2
officehome.cdn.office.net/versionless/webfonts/ |
12 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-4332f0494e.css
officehome.cdn.office.net/bundles/ |
150 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedfontstyles-30d1fc43fd.css
officehome.cdn.office.net/bundles/ |
1 KB 723 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12-3fa398
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/ |
166 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/ |
1 KB 907 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-xxl-b79c4b74fa.jpg
officehome.cdn.office.net/images/content/images/ |
515 KB 517 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-home-22b0da7562.png
officehome.cdn.office.net/images/content/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-business-7a6cb040bd.png
officehome.cdn.office.net/images/content/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-enterprise-b5e0072ea2.png
officehome.cdn.office.net/images/content/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-education-5ca7026e70.png
officehome.cdn.office.net/images/content/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-vendor-320f34a99e.js
officehome.cdn.office.net/bundles/ |
103 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedscripts-872a45ae72.js
officehome.cdn.office.net/bundles/ |
52 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-5f5f2e67f5.js
officehome.cdn.office.net/bundles/ |
57 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17-f90ef1
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4... |
133 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meversion
mem.gfx.ms/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Me.srf
login.live.com/ Frame 34E4 |
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
covrtech.com/ Frame 785C Redirect Chain
|
120 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
office-apps-347d86a528.gif
officehome.cdn.office.net/images/content/images/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin-refresh-02734a460c.png
officehome.cdn.office.net/images/content/images/ |
315 B 810 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-refresh-090a700c0f.png
officehome.cdn.office.net/images/content/images/ |
256 B 773 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter-refresh-93ca1a80ff.png
officehome.cdn.office.net/images/content/images/ |
369 B 806 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram-refresh-5d315a943e.png
officehome.cdn.office.net/images/content/images/ |
410 B 847 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blog-33305b0d90.png
officehome.cdn.office.net/images/content/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ |
155 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MeControl_EgJbqJOU_WgTDwJ3YZdEcg2.js
logincdn.msauth.net/16.000/content/js/ Frame 34E4 |
17 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
358 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
768 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ |
26 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 785C |
100 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
bb-plugin.min.css
covrtech.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/ Frame 785C |
302 B 472 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
style.min.css
covrtech.com/wp-content/themes/astra/assets/css/minified/ Frame 785C |
71 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
style.min.css
covrtech.com/wp-includes/css/dist/block-library/ Frame 785C |
79 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.bxslider.css
covrtech.com/wp-content/plugins/bb-plugin/css/ Frame 785C |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
all.min.css
covrtech.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/ Frame 785C |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
style.css
covrtech.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/ Frame 785C |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.magnificpopup.min.css
covrtech.com/wp-content/plugins/bb-plugin/css/ Frame 785C |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
3373-layout.css
covrtech.com/wp-content/uploads/bb-plugin/cache/ Frame 785C |
179 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles.css
covrtech.com/wp-content/plugins/contact-form-7/includes/css/ Frame 785C |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
contact-form-7-main.min.css
covrtech.com/wp-content/themes/astra/assets/css/minified/compatibility/ Frame 785C |
850 B 729 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tyd3cdg.css
use.typekit.net/ Frame 785C |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
astra-addon-600716b1571379-21940372.css
covrtech.com/wp-content/uploads/astra-addon/ Frame 785C |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
style.css
covrtech.com/wp-content/plugins/cf7-conditional-fields/ Frame 785C |
2 KB 817 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
frontend-gtag.min.js
covrtech.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ Frame 785C |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.min.js
covrtech.com/wp-includes/js/jquery/ Frame 785C |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery-migrate.min.js
covrtech.com/wp-includes/js/jquery/ Frame 785C |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
imagesloaded.min.js
covrtech.com/wp-includes/js/ Frame 785C |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
phone.svg
covrtech.com/wp-content/plugins/bb-ultimate-addon/modules/uabb-devices/includes/svg/ Frame 785C |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
laptop.svg
covrtech.com/wp-content/plugins/bb-ultimate-addon/modules/uabb-devices/includes/svg/ Frame 785C |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wp-emoji-release.min.js
covrtech.com/wp-includes/js/ Frame 785C |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
desktop.svg
covrtech.com/wp-content/plugins/bb-ultimate-addon/modules/uabb-devices/includes/svg/ Frame 785C |
23 KB 14 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
style.min.js
covrtech.com/wp-content/themes/astra/assets/js/minified/ Frame 785C |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ Frame 785C |
980 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.waypoints.min.js
covrtech.com/wp-content/plugins/bb-plugin/js/ Frame 785C |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.easing.min.js
covrtech.com/wp-content/plugins/bb-plugin/js/ Frame 785C |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.fitvids.min.js
covrtech.com/wp-content/plugins/bb-plugin/js/ Frame 785C |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.bxslider.min.js
covrtech.com/wp-content/plugins/bb-plugin/js/ Frame 785C |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery-carousel.js
covrtech.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/ Frame 785C |
82 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.magnificpopup.min.js
covrtech.com/wp-content/plugins/bb-plugin/js/ Frame 785C |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
js_cookie.js
covrtech.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/ Frame 785C |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
3373-layout.js
covrtech.com/wp-content/uploads/bb-plugin/cache/ Frame 785C |
94 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
regenerator-runtime.min.js
covrtech.com/wp-includes/js/dist/vendor/ Frame 785C |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wp-polyfill.min.js
covrtech.com/wp-includes/js/dist/vendor/ Frame 785C |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
index.js
covrtech.com/wp-content/plugins/contact-form-7/includes/js/ Frame 785C |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
astra-addon-600716b169f1d0-02461752.js
covrtech.com/wp-content/uploads/astra-addon/ Frame 785C |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
scripts.js
covrtech.com/wp-content/plugins/cf7-conditional-fields/js/ Frame 785C |
132 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wp-embed.min.js
covrtech.com/wp-includes/js/ Frame 785C |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ Frame 785C |
5 B 162 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 785C |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-widgetapi.js
www.youtube.com/s/player/2840754e/www-widgetapi.vflset/ Frame 785C |
126 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 785C |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sbli.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
pacific-life.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
new-york-life.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
legal-and-general.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
aflac.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
carrier-logo-mutalofOmaha.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
carrier-logo-bestow.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
carrier-logo-assurity.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jmav5Xp4X-c
www.youtube.com/embed/ Frame A60E |
54 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-player-webp.css
www.youtube.com/s/player/2840754e/ Frame A60E |
327 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-embed-player.js
www.youtube.com/s/player/2840754e/www-embed-player.vflset/ Frame A60E |
193 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
base.js
www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/ Frame A60E |
2 MB 492 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fetch-polyfill.js
www.youtube.com/s/player/2840754e/fetch-polyfill.vflset/ Frame A60E |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A60E |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
id
googleads.g.doubleclick.net/pagead/ Frame A60E Redirect Chain
|
113 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame A60E |
29 B 523 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LyxMIXggjSXNO7T-trzCNJN2UV0KCdYDm0c-45mwyOU.js
www.google.com/js/th/ Frame A60E |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
embed.js
www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/ Frame A60E |
25 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
player
www.youtube.com/youtubei/v1/ Frame A60E |
50 KB 17 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
refill
covrtech.com/wp-json/contact-form-7/v1/contact-forms/3171/ Frame 785C |
2 B 550 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ |
100 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
generate_204
www.youtube.com/ Frame A60E |
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
legal-and-general.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c1.microsoft.com/ Redirect Chain
|
42 B 363 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
qoe
www.youtube.com/api/stats/ Frame A60E |
0 19 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
105 KB 106 KB |
XHR
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
13 KB 14 KB |
XHR
audio/webm |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
endscreen.js
www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/ Frame A60E |
26 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
next
www.youtube.com/youtubei/v1/ Frame A60E |
5 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
legal-and-general.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
104 KB 104 KB |
XHR
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
12 KB 12 KB |
XHR
audio/webm |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
181 KB 181 KB |
XHR
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
playback
www.youtube.com/api/stats/ Frame A60E |
0 17 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ptracking
www.youtube.com/ Frame A60E |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
468 KB 468 KB |
XHR
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log_event
www.youtube.com/youtubei/v1/ Frame A60E |
28 B 299 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
atr
www.youtube.com/api/stats/ Frame A60E |
0 19 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
videoplayback
r5---sn-4g5ednsr.googlevideo.com/ Frame A60E |
370 KB 371 KB |
XHR
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log_event
www.youtube.com/youtubei/v1/ Frame A60E |
28 B 197 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
watchtime
www.youtube.com/api/stats/ Frame A60E |
0 17 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
qoe
www.youtube.com/api/stats/ Frame A60E |
0 19 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carrier-logo-minnesota.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
carrier-logo-minnesota.jpg
covrtech.com/wp-content/uploads/ Frame 785C |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- r5---sn-4g5ednsr.googlevideo.com
- URL
- https://r5---sn-4g5ednsr.googlevideo.com/videoplayback?expire=1628007387&ei=excJYZmQLs311gLsqK7QBA&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOX5Moej50PzF7P0WPeZB04o-KkhS-Acbxp7YhC7tdiQ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=vU&mm=31%2C29&mn=sn-4g5ednsr%2Csn-4g5e6nz7&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=510000&vprv=1&mime=video%2Fmp4&ns=0E9AIjnaYlsypIWfrhdaP1kG&gir=yes&clen=1150551&otfp=1&dur=28.128&lmt=1605818594071341&mt=1627985348&fvip=5&keepalive=yes&fexp=24001373%2C24007246&beids=9466588&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=Z5NPQrJzI4O2ew&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgMbJAdKWskEjnx3E3PTRKBRNivseVI1YaBaunRl7Ij7UCIQC7CdaBSbrSRkcCFwBkPo7yvfFBybOCavZYxYr5oNkAtQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgDcLb6HmOxwZqo6TPo9yaTHhaOzotfE4jCRCgNUTn12ICIFUZ6E0B1aHxm89E_0Jh3ZXtdebl4qYcN-KIRblCvyk3&alr=yes&cpn=J36F-t7NJUAiK6TW&cver=1.20210801.0.0&range=107470-214096&rn=3&rbuf=3485
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)89 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| isSessionStorageAvailable function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| isValidMsaUser function| isValidAadUser function| getAadData function| getMsaData function| getAadMsaData function| getAccount object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions boolean| enableConsoleLog boolean| msaFedEnabled function| $ function| jQuery object| StandaloneAriaLogger object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| __awaiter function| __generator object| HomePage object| awa string| behaviorKey object| DefaultSignInHandler object| el object| config string| signInUrl string| viewType object| myConfigOptions function| setShellOptions function| SendMeControlSignInEvent function| SetConsent object| shellOptions object| onShellReadyToLoad string| aadUserForgetUrlFormat function| clearStorage function| clearStorageWithExceptions object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| lazyImages number| lazyLoadAnimationId object| msCommonShell10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: iiJOQH4lb6M |
|
.login.live.com/ | Name: uaid Value: 91541539b6f9403e820a814fc61a9bb2 |
|
secure.covrtech.net/ | Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 2021-08-03T10:16:26.252Z |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: IhRGXmf6GbQ |
|
secure.covrtech.net/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 953ad3c9-c372-4b68-b60d-700d0eb3c2bc |
|
.covrtech.net/ | Name: MUID Value: 0B5E474F96E86A4A028B57C797A76BB2 |
|
secure.covrtech.net/ | Name: OH.DCAffinity Value: OH-eus |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1627985786&co=1 |
|
secure.covrtech.net/ | Name: MSFPC Value: GUID=f79a07a6265b483e8759423f46ba8a06&HASH=f79a&LV=202108&V=4&LU=1627985786489 |
|
secure.covrtech.net/ | Name: OH.SID Value: a2996c87-7b2b-450d-9941-bb7b8929e642 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.pipe.aria.microsoft.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
covrtech.com
fonts.gstatic.com
googleads.g.doubleclick.net
img-prod-cms-rt-microsoft-com.akamaized.net
login.live.com
logincdn.msauth.net
mem.gfx.ms
officehome.cdn.office.net
onedrive.covrtech.net
p.typekit.net
r5---sn-4g5ednsr.googlevideo.com
secure.covrtech.net
static.doubleclick.net
statics-marketingsites-eus-ms-com.akamaized.net
use.typekit.net
web.vortex.data.microsoft.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.microsoft.com
www.youtube.com
r5---sn-4g5ednsr.googlevideo.com
107.21.18.20
141.193.213.20
192.229.221.185
2.16.186.18
20.190.160.67
2620:1ec:bdf::42
2620:1ec:c11::200
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:401e:28::a
2a02:26f0:6c00:28b::356e
2a02:26f0:6c00:294::4b36
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba28
40.77.226.250
52.114.159.33
52.142.114.2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
0420fccb3dec0819fe7660237788c5aae445ba38dd5306d71b0e6a7d48d8b38a
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
0b75122d2175e707d39f057ce20a9212b62c52817f0250de28b6c2c058344238
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
15678649e81294c4b3bca2030f0f0516d83bbdae4e1fb4ff513771b1ac5d0159
16ee9e65eecb22edde02df0c0b971edf9d6f72b4b0401606eb8052cc39c446cb
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
207f50299063fbb1f3b17bc02663cc5e8fb3b385e8ea29919d1af13a7baa6247
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
25a22f01d97ff4ddde37b0ba8b2d934cf8a88d5239bdd44e158776ca646b667a
286ec71b7d18a1ff8431d457bce278b9c6cedb8fb4d238ed9b24c073cd37c3ca
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2940cc93d9795724348695d2ab376ec686135077e35ca27c78fcf5c0ee3fdd07
2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
2ed3fa8c76740090829d5d4566efb8eb76de9224e0c894f94e8b5fbf8efea8a9
2f2c4c2178208d25cd3bb4feb6bcc2349376515d0a09d6039b473ee399b0c8e5
2faed8a5b8611ced29bd53267d47173058b5a448b3ff65b0fdf2fdb047cbf0da
30ebebf79fcac7ea57280ff640cc50c12a449c1fc0eb9a4b9acd43bc23f74f51
32e39c536506ad906117b922959442b8a953f78326cc1bd97ef3e63b59a0a18b
3324b2cd08aad6c76d04f27fc32de7b22bfd725ab91e883b5cefc75077a9c36e
33defce04234275d0ec8d92eb264e007d9bdf33fb59de95a579c9a213b5bbdc5
340aa3c8373ddcf380bf52676d5e6ac3d39c7837a98a00c4acf0211781e67650
38ccec1fc395d0e037e0898297a0fecb652dfefab7f5fbd110d468757f0681f5
3a5576b76ceb6d22ef53ed1940e7a15f5053d13961022006fa7b7ab88877022b
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
3ba488de1b733ac45c7e10513f1a45074f49c431d2ab8428ee20ebf8513468d9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f352c6699c3ab87071233c31db4ef9b18cb409ff04d85256e2b41061d93e700
40db04138535c990bedc912ead14739cfe6cf957c7f853f786eabdf067edd6e0
40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d
414895a70bb967624e4e93f558423bfee12734e3c55c5ed6d8c3f7c0588b391f
41c7e05e604e0bc6b8814d00221eac3e3db342d996362a2cfa1cd057ad2c809b
447ee2a25be3a9dd41d96942cfe0a62f79d420b6e4bd5421a0ea81aaa18f6c0c
47dcd4b08e39ff3a3f349eb5388a0179c16c99cf79fcd337a95fa55e73d916a8
48a094e289d692ea433432a99dc97530ae3ad08aef9f06c66a39ed4a84f72a86
4a0bc5d8cda05dc8c2f379561a52df8214ba617827f422ce6e48cbc63bf53a2c
4d9481536dbf3b0823d5254b666466873a2f577f1222a19aec88cd6157781f2c
4e1b1da7a21e6051f74370893d904c910272cf815f5188e528648ae0301f6008
4e675e2b5243b30ce025407ca3ef7b21214a96830430d18507a92bb541fb6b09
4ec97f831ae0ec07f6e1d4b8a02dcb7b55c2342182e668bd995beb10e46a4f83
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
543e1ac86a960efb7efcb3ff85f2732f5760fa72e0aa4c623b9288e1d774a29f
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e98a06d32992635d74f2b76d661983640222e95f2c6d1d97c0dea3b79cd42ef
611e867580088ba5df82f170c837dec34abb28091db3474ac849bc5a52baf174
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
63572e4e3d35a24388986822f397b8cf12ad5e0af29713f97a64d4414f743d73
65f5e116b152127853bcceef2864070a979cfac6f9fac3a6a3800709db4d809c
68a626d145a6a176a36643c588a57e475b7e00d21fdcd4857f3a4bb63cc20158
6f44107c546c33dbf33f9807cbdf27a4236568e2fd6e4d72d830a187df5fb4fa
7179ab6c679711f00faf306b292e1d4bdde3b3c66d99857fa0aca5861c8f45de
71edbbdac41799addbc0f83b2286b4544e98215614a132708bcbd4f618cdcb80
72e7341a9675af36650cd1849272f72516dbc792af597dae1cb48a9f286dfbd1
7841ad6452649f311cce6306e59b3e0fa3b0b1ed3176ce7aeeb577b5bb253447
7c72b0aa97903e7ab050bdcae739c31b6ec7c28cccaffffecdd0120d65f3fdcf
81dd42197f137d54b0833fb24aab0c9a05ac07bd4aecec3f79ac281bbc46b64a
822a550b7328b801cac377ea76a819aef566c11113a7ced5cf5c59a68bf18544
8541626a921a315dac6a3476da757308b0ec5ada034c6e9392ce54026ca2ffd7
86f77405160814ca6482553bf8b65b503f4a3158d68376a0d17ac515b8ad2f83
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c6ea3761fe60f9fc525b54b15862f4b6c1c17c68732b54b24075f03c820667c
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9ede85d6c2139703e1a1dfa94105f6063607bc0f2f53cfb98d30daf90134bc51
a0b73831c650a86ab12dc9dc06f8745583ef21ee26ee7ffab155f10c9693f7d1
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd
a82c6e3878d9522fde6caa3a4daf0a049b7cec0cf979bc1cb5e14da19013f6e9
a8f3410ffadb2229de6a8b195dba40f0c642b702a4230f907f7af5a26e8efade
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b2b7dcc112bd3f5a63731ced46f5badac53d553ca4d254be9921b256f0f307bb
b48c3484dca153a689cdb6e4a1276dc85a5503092be036b8bdcbcd1506f45315
b4e215cf2ce2e74a7f2715df662aa866de5e44949c4976a3338cc777ee89c270
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd6023722c1f2936e1876aeb3e9ba95337c0b7babdee4f122a4360514506fe56
bda92bee1511a66bc18fd93308ddb92cef49d90bc718d38db91bd5ecce6d6a4f
c136857d2449fb47e6c43792d4b296dff96f4ba5aab06f899bf525b17dd4d4bc
c21c920a0ef5cff515381a39efc26873405cad25390eac53a78b9603ef1e2e55
c2f8b76e474078058923f68e31f199b83ce706a1791c26a5d1c28c14fa47d8d8
c4ef1eac6d45617f442055bba8863c8ce34b9fe69f54bbb124eb105816d59a79
c6cf4385b30cd06abb86ff9f835ef63152230e38152f298496cd5439b2e732af
ca321c1e1ca9b03c8fa8391108aade2a4807fe2c428cefde4b75903a06dcc373
cbfd55e6d467d488ed3a456e0ca01639b945aa656f0824626ef28eeeecd2d4f0
d108948fa70d0a358981cdf68c0d5362a290afc3cb48ee20134a43a7718eaedb
d60e5c7028b183b1297a8000e4bc8d2c2723671295bc76f718cc75a025b993b3
d64bea7d525ed5fb9b6c89ad17257f77862c2b95f98efb6e8ea9ca711e411cfd
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
d88efbcac3e561b2df14c42fcd4ff81697ed0bcde211fffaaf90a87f3effbcbd
dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dea1903c9f2a6a837eaa1ad5aad6f845ed4a37ee2daba7eb6b0a84fe1d21cb85
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df62c7a1b123bee0a4f986dcab7b3af1b37fc4fd09895cf1cf6e56bce449be32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e75e26c425087ea59a51f3f9157c51eb30334481886d4d67ce4965f8c05cd384
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ead46caac003896735edae621ee4c3d439d82ca8d84f1a61cc81fab6aafb3174
eb4506c6341c8bed31416f698406b26cadf9773b1a70f65a6115bedf88960b02
ebb51a30ebffc3923af2d4c01b48fdb04dfbfc2ef2cab8d79049472b7a7ac3b5
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ee74532919b86d147a917a5c87d7b3002fff7f7287693c7d1908b9bcd6556f61
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
eea44f55ea33b8b7e98ff8bc2bea6abdc17a1443b469b1cdcdaf32be07c7b5c5
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b6a048828ba900123bc05b019ded3252e9b21260d7402fc9d11a321fb3dc1
f4bd80e92ce90b7824e08d7e54e2b73d4e71207fe21fd6066f388810ec458351
f7a104bcf63b56b567686085b892d0eba5b7042d3f21e3cb196f99531ee74929
f7eb4a6e059d1265c204a61a13c7c309304e5d2aa02962fa6627f6ede3da5096
f8b0010d017514a0e1ec3fceba8fda76bb99b120fe8f2c09dae640b35b142b24
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869