urlscan.io logo urlscan.io
SecurityTrails logo

skitaos2.com Open in urlscan Pro
23.238.18.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Submission: On September 10 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 50 HTTP transactions. The main IP is 23.238.18.46, located in Tulsa, United States and belongs to HOSTWINDS - Hostwinds LLC., US. The main domain is skitaos2.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 27th 2018. Valid for: 3 months.
This is the only time skitaos2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.238.18.46 54290 (HOSTWINDS)
3 54.230.93.142 16509 (AMAZON-02)
1 32 173.236.11.196 32475 (SINGLEHOP...)
1 209.197.3.15 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 176.32.100.230 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
50 11
1    23.238.18.46 (Tulsa, United States)

ASN54290 (HOSTWINDS - Hostwinds LLC., US)
PTR: dal-reseller-5.hostwindsdns.com
skitaos2.com
3    54.230.93.142 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-93-142.fra2.r.cloudfront.net
www.powr.io
32    173.236.11.196 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: m28.siteground.biz
ahealthjunky.com
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2400:cb00:2048:1::6812:32ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.ahealthjunky.com
1    2400:cb00:2048:1::6812:33ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.ahealthjunky.com
2    2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    176.32.100.230 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ws-na.amazon-adsystem.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
32 ahealthjunky.com 1 redirects skitaos2.com
ahealthjunky.com
3 www.powr.io skitaos2.com
www.powr.io
2 ws-na.amazon-adsystem.com skitaos2.com
2 www.google-analytics.com skitaos2.com
2 www.ahealthjunky.com 1 redirects skitaos2.com
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 connect.facebook.net skitaos2.com
1 fonts.googleapis.com skitaos2.com
1 maxcdn.bootstrapcdn.com skitaos2.com
1 skitaos2.com
50 11
Subject Issuer Validity Valid
ahealthjunky.com
cPanel, Inc. Certification Authority		 2018-03-27 -
2018-06-25		 3 months crt.sh
www.powr.io
Gandi Standard SSL CA 2		 2017-11-20 -
2019-12-09		 2 years crt.sh
www.ahealthjunky.com
Let's Encrypt Authority X3		 2018-07-26 -
2018-10-24		 3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-03 -
2018-10-13		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-05-19 -
2019-05-19		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
ws-na.assoc-amazon.com
Amazon		 2018-06-22 -
2019-06-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh

This page contains 6 frames:

Primary Page: https://skitaos2.com/office365/microsoft_login/email_update/
Frame ID: 4C357A585986A021B96F13E56442AAFC
Requests: 45 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=fullsailmarke-20&marketplace=amazon&region=US&placement=B00C8R2OGQ&asins=B00C8R2OGQ&linkId=2b8fa149357d80092fddec22e4c51a9d&show_border=false&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Frame ID: 1EB6889869E56C1589DF47A5CF4AE410
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=fullsailmarke-20&marketplace=amazon&region=US&placement=B01GINWO9M&asins=B01GINWO9M&linkId=31f096e1463cd9ad8ee4cd8159e13a8c&show_border=false&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Frame ID: 237EA7DC7C2FF02D543A7F00BB9E181B
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/kO5a7GzG6AF.js?version=42
Frame ID: DD3FE19A8939E8D6E2AFD32213C4C154
Requests: 1 HTTP requests in this frame

Frame: https://www.powr.io/plugins/hit-counter/cached_view?load=async&index=0&unique_label=2494b49b_1482606695&powr_token=zoU7tqN14A1482606694&user_label=&demo_mode=false&external_type=wordpress&template_powr_token=&color=rgb(153%2C%20153%2C%20153)&backgroundColor=rgb(86%2C%2084%2C%2084)&fontFamily=Lato%2C%20sans-serif
Frame ID: 5E41AED91F112D2D8C07180FAF3BFA02
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FkO5a7GzG6AF.js%3Fversion%3D42%23cb%3Df1d1cad846eae%26domain%3Dskitaos2.com%26origin%3Dhttps%253A%252F%252Fskitaos2.com%252Ffb550c07ed37ac%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fahealthjunky&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=318
Frame ID: 8BC99C10E91AFC611FCA16332C0EC517
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

50
Requests

88 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

352 kB
Transfer

1178 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png HTTP 301
  • http://www.ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png HTTP 301
  • https://www.ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
skitaos2.com/office365/microsoft_login/email_update/ 		28 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.238.18.46 Tulsa, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US),
Reverse DNS
dal-reseller-5.hostwindsdns.com
Software
Apache / PHP/5.6.25
Resource Hash
56e96e59a4c5b8a727afe4778b4139ce36bd9be004bb4c6b2e36590d31ba7518

Request headers

Host
skitaos2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4C357A585986A021B96F13E56442AAFC

Response headers

Date
Mon, 10 Sep 2018 19:08:26 GMT
Server
Apache
X-Powered-By
PHP/5.6.25
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://ahealthjunky.com/wp-json/>; rel="https://api.w.org/"
Vary
User-Agent
Connection
keep-alive, close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
powr.js
www.powr.io/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/powr.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-142.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
dc39a3d7f03ce322334acd29de47e683d867c03557bbe38c69b1d7a273f988f8

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 06 Sep 2018 21:56:28 GMT
content-encoding
gzip
last-modified
Thu, 06 Sep 2018 21:16:36 GMT
server
Cowboy
age
335520
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200, 200 OK
cache-control
public, max-age=604800
x-amz-cf-id
TcGqY7_FRD9AkemHF_0Tm5ljoN5lCbBjyfbLS6ouboWBNEsGMQ27eA==
via
1.1 vegur, 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)
wp-emoji-release.min.js
ahealthjunky.com/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 00:18:24 GMT
server
nginx
etag
"2efa-57290fb8f3aca-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4382
x-proxy-cache
MISS
styles.css
ahealthjunky.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:35 GMT
server
nginx
etag
"6cf-57160a6fd92ff-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
671
x-proxy-cache
MISS
cff-style.css
ahealthjunky.com/wp-content/plugins/custom-facebook-feed/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/custom-facebook-feed/css/cff-style.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
a11b7c9b22bebe51c97d13dd61a9da974732c86fc071c66f8486debd68314f4c

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 00:18:32 GMT
server
nginx
etag
"2767-57290fbfe0648-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2294
x-proxy-cache
MISS
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 10 Sep 2018 19:08:28 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Feb 2018 21:46:17 GMT
Connection
Keep-Alive
ETag
"1518903977"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
7050
sbfp.css
ahealthjunky.com/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/ 		1 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/sbfp.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
f4c282fcfe37bf397e4297f60cf042d9c9be096ae9f2a43912f0a5c1737b1f60

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:17:35 GMT
server
nginx
etag
"430-55e808a7065c0-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
462
x-proxy-cache
MISS
thrive_flat.css
ahealthjunky.com/wp-content/plugins/thrive-visual-editor/editor/css/ 		321 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
90e7cf287ad1931e417612fd28d6c58fa3491c8cf609bbe4b5b22b3b2ead2c13

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:46 GMT
server
nginx
etag
"5043f-57160a7a2fb0e-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
42419
x-proxy-cache
MISS
default.min.css
ahealthjunky.com/wp-content/plugins/recent-facebook-posts/assets/css/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/recent-facebook-posts/assets/css/default.min.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
d38f2ec8ecb77c09f3439fb2c8ebf73a50f57e0e925f5b306a02c39dab1c8e5b

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Wed, 13 Jun 2018 19:08:18 GMT
server
nginx
etag
"923-56e8ab4a28654-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
762
x-proxy-cache
MISS
style.css
ahealthjunky.com/wp-content/themes/performag-child/ 		370 B
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/themes/performag-child/style.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
c33de89879305aec0f21c4afb92c63e61314a3c59c130cecc151eef6c8c1d8ee

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:14:28 GMT
server
nginx
etag
"172-55e807f4b0100-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
252
x-proxy-cache
MISS
reset.css
ahealthjunky.com/wp-content/themes/performag/css/ 		2 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/themes/performag/css/reset.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
f736d13612e75d53bc08bf148dfe4b9176870747cd90b411995362d6e7c87f43

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:19:57 GMT
server
nginx
etag
"840-57160bdb9d299-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
776
x-proxy-cache
MISS
main_green_light.css
ahealthjunky.com/wp-content/themes/performag/css/ 		181 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/themes/performag/css/main_green_light.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
b7118c593e5af3b541cb09463cbacc1da024df1245ad4183dd85a22973e4b0d7

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:19:57 GMT
server
nginx
etag
"2d589-57160bdb9c2f9-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
31455
x-proxy-cache
MISS
Amazon.css
ahealthjunky.com/wp-content/plugins/amazon-link/ 		1 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/amazon-link/Amazon.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
78719e2624688606d54e5ebe763eb8ec0abf1cb76ef38f1f2aa3e2f2fd19cc47

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 26 Jun 2018 02:05:25 GMT
server
nginx
etag
"4f8-56f81ee77eae1-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
456
x-proxy-cache
MISS
ytprefs.min.css
ahealthjunky.com/wp-content/plugins/youtube-embed-plus/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
7e99b81a7a7ad7f296a73acc4f8f3ecba1f891dfb2c11b750e03bf1b4d4b38ec

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 00:18:36 GMT
server
nginx
etag
"17b9-57290fc3b8496-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
1340
x-proxy-cache
MISS
wplp_front.css
ahealthjunky.com/wp-content/plugins/wp-latest-posts/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/wp-latest-posts/css/wplp_front.css
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
e2618d716ceb002508df5f4e4d6b52fed44aa0c083723011c83b690477468e96

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 26 Jun 2018 02:07:38 GMT
server
nginx
etag
"2b9f-56f81f6627784-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2922
x-proxy-cache
MISS
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C800%2C900%7CAlegreya%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic%7CVarela+Round&subset=latin%2Clatin-ext
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3e6ef9653644f1084a7dd578c6f2677daab266ff14f9895a4162d924343edbb3
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 19:08:28 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 10 Sep 2018 19:08:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Mon, 10 Sep 2018 19:08:28 GMT
jquery.js
ahealthjunky.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-includes/js/jquery/jquery.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:14:48 GMT
server
nginx
etag
"17ba0-55e80807c2e00-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
33766
x-proxy-cache
MISS
jquery-migrate.min.js
ahealthjunky.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:14:47 GMT
server
nginx
etag
"2748-55e80806cebc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4014
x-proxy-cache
MISS
header.min.js
ahealthjunky.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
5ed53d8fae1c59cb7e6aefc04ca07665dbe066e4fac8288fcbb81dbf58af7f5d

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:57 GMT
server
nginx
etag
"9cf-57160a8413b13-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
1083
x-proxy-cache
MISS
ytprefs.min.js
ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
0f166b46ca6ded2981afd7c71392023400a38ea80b6aa3bb4b70d22fb97bbf55

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 00:18:36 GMT
server
nginx
etag
"1ed2-57290fc3bd69e-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2657
x-proxy-cache
MISS
/
ahealthjunky.com/ 		145 B
372 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/?action=display_custom_css_code
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
36f5df4ecd3673528f8b174ccd2eafd4ec1398085ac92efc32b78327efd0937e

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-type
text/css;charset=UTF-8
content-length
122
x-proxy-cache
MISS
healthjunky_logo.png
www.ahealthjunky.com/wp-content/uploads/2017/01/
Redirect Chain
  • http://ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png
  • http://www.ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png
  • https://www.ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6812:33ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb14229fac99e7ad94c78510c43c46f13558c26071df6d76ad4ba65c31c7bbc4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:30 GMT
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
15073
last-modified
Tue, 21 Nov 2017 16:27:52 GMT
server
cloudflare
etag
"3ae1-55e80af371200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 10 Sep 2018 23:08:30 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
45842f039cd326d2-FRA
x-proxy-cache
HIT

Redirect headers

Date
Mon, 10 Sep 2018 19:08:30 GMT
CF-Cache-Status
HIT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://www.ahealthjunky.com/wp-content/uploads/2017/01/healthjunky_logo.png
Expires
Mon, 10 Sep 2018 23:08:30 GMT
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45842effa0549718-FRA
X-Proxy-Cache
MISS
popup-close-light.png
ahealthjunky.com/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ahealthjunky.com/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/images/popup-close-light.png
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
6ee9c205bf2ed52c669542e70759c40f4561ac954cc57744c8affb001c926731

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
last-modified
Tue, 21 Nov 2017 16:54:16 GMT
server
nginx
etag
"bdb-55e810da0fe00"
content-type
image/png
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
3035
x-proxy-cache
MISS
no-campaign.min.js
ahealthjunky.com/wp-content/plugins/thrive-ultimatum/js/dist/ 		480 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.0.29
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
4910b8615a4b39d53380c94d10920db711f0510f79bb6e40fa562917a0645dd2

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:14:15 GMT
server
nginx
etag
"1e0-57160a95a19f2-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
316
x-proxy-cache
MISS
scripts.js
ahealthjunky.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
c6138c4b65aaff6e46d51c26096ffffadd202974003ad0f6d4475b45204bd0ab

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:35 GMT
server
nginx
etag
"38f9-57160a6fd92ff-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4040
x-proxy-cache
MISS
cff-scripts.js
ahealthjunky.com/wp-content/plugins/custom-facebook-feed/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/custom-facebook-feed/js/cff-scripts.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
ced46e5b5a86d2031528a0e4d7eb9d64a160fe8f8f00c491361f47800a4ef331

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 00:18:32 GMT
server
nginx
etag
"28ba-57290fbfe0260-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
3968
x-proxy-cache
MISS
wpsb-frontend-custom.js
ahealthjunky.com/wp-content/plugins/speedupwpsite/js/ 		282 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/speedupwpsite/js/wpsb-frontend-custom.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
e16d3fd7756a63652bb86e4313dccd075e92fa739bf7d272fd547065f0b518ec

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:17:29 GMT
server
nginx
etag
"11a-55e808a14d840-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
184
x-proxy-cache
MISS
sbfp-script.js
ahealthjunky.com/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/sbfp-script.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
8a8378ab2cb9d5bce538edb753fdc25e811425a8041a3367e0fa4058a1e9f0d1

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:17:34 GMT
server
nginx
etag
"ce6-55e808a612380-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
1141
x-proxy-cache
MISS
triggers.min.js
ahealthjunky.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
5f80f1ab2faeca82776b6b5de9fcb09362258bfd3f7bd8443d0c89c8cc7b9e80

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:57 GMT
server
nginx
etag
"11e0-57160a8413b13-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
1419
x-proxy-cache
MISS
frontend.min.js
ahealthjunky.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
6f9367d86975cba7269571a351630b6c6ba4610bccd6eb15c18c3f943dc5ac24

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:46 GMT
server
nginx
etag
"ebbc-57160a7a1f16e-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
17301
x-proxy-cache
MISS
waypoints.min.js
ahealthjunky.com/wp-content/themes/performag/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/themes/performag/js/waypoints.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
06275abceb61821fb34bc7d8d8d018203c9a3ba0ee85e9d686cdd432f79d142d

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:19:57 GMT
server
nginx
etag
"41d6-57160bdb9b741-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
3217
x-proxy-cache
MISS
script.min.js
ahealthjunky.com/wp-content/themes/performag/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/themes/performag/js/script.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
55195bb8becc425d73bf258d0fb94888e0f94b400579e490f9d0fd91a5a834c2

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:19:57 GMT
server
nginx
etag
"689b-57160bdb9b741-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
7218
x-proxy-cache
MISS
frontend.min.js
ahealthjunky.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
d2526fcff7bc8e304f5397b5a7533835ef4b45ace8f777cae2f5b5d63145e621

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Thu, 19 Jul 2018 21:13:46 GMT
server
nginx
etag
"728-57160a7a54ccf-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
909
x-proxy-cache
MISS
fitvids.min.js
ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
9aa8a04fabdda76673b068b2f5e6f5fb3b82039baa72f80b0582a58bbfd10395

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 00:18:36 GMT
server
nginx
etag
"75b-57290fc3bd69e-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
834
x-proxy-cache
MISS
wp-embed.min.js
ahealthjunky.com/wp-includes/js/ 		1 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-includes/js/wp-embed.min.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
nginx /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Sep 2018 19:08:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2017 16:13:22 GMT
server
nginx
etag
"576-55e807b5bec80-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
751
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
5363
date
Mon, 10 Sep 2018 17:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Mon, 10 Sep 2018 19:39:06 GMT
q
ws-na.amazon-adsystem.com/widgets/ Frame 1EB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=fullsailmarke-20&marketplace=amazon&region=US&placement=B00C8R2OGQ&asins=B00C8R2OGQ&linkId=2b8fa149357d80092fddec22e4c51a9d&show_border=false&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
176.32.100.230 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
ws-na.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://skitaos2.com/office365/microsoft_login/email_update/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4C357A585986A021B96F13E56442AAFC
Referer
https://skitaos2.com/office365/microsoft_login/email_update/

Response headers

Date
Mon, 10 Sep 2018 19:08:30 GMT
Server
Server
Content-Encoding
gzip
Cache-Control
must-revalidate
Pragma
no-cache
Expires
-1
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset
UTF-8
Access-Control-Allow-Origin
*
Content-Length
333
Vary
User-Agent
Cneonction
close
Content-Type
text/html;charset=UTF-8
q
ws-na.amazon-adsystem.com/widgets/ Frame 237E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=fullsailmarke-20&marketplace=amazon&region=US&placement=B01GINWO9M&asins=B01GINWO9M&linkId=31f096e1463cd9ad8ee4cd8159e13a8c&show_border=false&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
176.32.100.230 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
ws-na.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://skitaos2.com/office365/microsoft_login/email_update/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4C357A585986A021B96F13E56442AAFC
Referer
https://skitaos2.com/office365/microsoft_login/email_update/

Response headers

Date
Mon, 10 Sep 2018 19:08:30 GMT
Server
Server
Content-Encoding
gzip
Cache-Control
must-revalidate
Pragma
no-cache
Expires
-1
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset
UTF-8
Access-Control-Allow-Origin
*
Content-Length
3423
Vary
User-Agent
nnCoection
close
Content-Type
text/html;charset=UTF-8
Lato.ttf
ahealthjunky.com/wp-content/themes/performag/thrive-dashboard/css/font/ 		0
0
performag-icomoon.woff
ahealthjunky.com/wp-content/themes/performag/fonts/ 		0
0
Cabin.ttf
ahealthjunky.com/wp-content/themes/performag/fonts/ 		0
0
Ubuntu.ttf
ahealthjunky.com/wp-content/themes/performag/fonts/ 		0
0
sdk.js
connect.facebook.net/en_US/ 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
92d78fc1939bbf6345991b0aabee3a2202c76f9f087f14ee85edf008d37d30bf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5BcOmVgf543JIhxVlNHxQQ==
status
200
content-length
71939
x-xss-protection
0
x-fb-debug
m+p4WsDNoPvJX8IHqyOe+NLWxbp4AIAWduiCDa1Nbf6HQMoSa+7hPUrE8l/PuO2xnaYl1ftGujmPQonwvqtrzg==
x-fb-content-md5
e40cd3939e548b50b2f56bfbcfb2dfa0
x-frame-options
DENY
date
Mon, 10 Sep 2018 19:08:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3d7f8bb25a37f8dddea680a8a43242bf"
timing-allow-origin
*
expires
Mon, 10 Sep 2018 19:09:36 GMT
admin-ajax.php
ahealthjunky.com/wp-admin/ 		0
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ahealthjunky.com/wp-admin/admin-ajax.php
Requested by
Host: ahealthjunky.com
URL: https://ahealthjunky.com/wp-includes/js/jquery/jquery.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.11.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
m28.siteground.biz
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skitaos2.com/office365/microsoft_login/email_update/
Origin
https://skitaos2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
content-type
application/json; charset=UTF-8
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1394717343&t=pageview&_s=1&dl=https%3A%2F%2Fskitaos2.com%2Foffice365%2Fmicrosoft_login%2Femail_update%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20A%20Health%20Junky&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=989445838&gjid=693560964&cid=1534601477.1536606510&tid=UA-26727847-3&_gid=1924095714.1536606510&_r=1&z=1951075562
Requested by
Host: skitaos2.com
URL: https://skitaos2.com/office365/microsoft_login/email_update/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://skitaos2.com/office365/microsoft_login/email_update/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Sep 2018 19:08:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
kO5a7GzG6AF.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame DD3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/kO5a7GzG6AF.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/kO5a7GzG6AF.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://skitaos2.com/office365/microsoft_login/email_update/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4C357A585986A021B96F13E56442AAFC
Referer
https://skitaos2.com/office365/microsoft_login/email_update/

Response headers

status
200
expires
Sat, 07 Sep 2019 22:07:18 GMT
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
/RjUCdcELFeIKy2AM81VII+lyaYAtZbydDiZyvBgOAJA5rrkNYvtLB13UZeikm5vGz0eAR7+GuyAKsqQ7r0a0w==
content-length
13884
date
Mon, 10 Sep 2018 19:08:29 GMT
performag-icomoon.ttf
ahealthjunky.com/wp-content/themes/performag/fonts/ 		0
0
cached_view
www.powr.io/plugins/hit-counter/ Frame 5E41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/plugins/hit-counter/cached_view?load=async&index=0&unique_label=2494b49b_1482606695&powr_token=zoU7tqN14A1482606694&user_label=&demo_mode=false&external_type=wordpress&template_powr_token=&color=rgb(153%2C%20153%2C%20153)&backgroundColor=rgb(86%2C%2084%2C%2084)&fontFamily=Lato%2C%20sans-serif
Requested by
Host: www.powr.io
URL: https://www.powr.io/powr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-142.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
www.powr.io
:scheme
https
:path
/plugins/hit-counter/cached_view?load=async&index=0&unique_label=2494b49b_1482606695&powr_token=zoU7tqN14A1482606694&user_label=&demo_mode=false&external_type=wordpress&template_powr_token=&color=rgb(153%2C%20153%2C%20153)&backgroundColor=rgb(86%2C%2084%2C%2084)&fontFamily=Lato%2C%20sans-serif
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://skitaos2.com/office365/microsoft_login/email_update/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4C357A585986A021B96F13E56442AAFC
Referer
https://skitaos2.com/office365/microsoft_login/email_update/

Response headers

status
200 200 OK
content-type
text/html; charset=utf-8
server
Cowboy
date
Mon, 10 Sep 2018 19:04:49 GMT
x-frame-options
ALLOWALL
cache-control
max-age=300, public
etag
W/"de0be1089dbbaff6fe7957203451bf13"
x-request-id
456c5625-ab41-4b9e-8977-9c14767b0b35
x-runtime
0.028833
content-encoding
gzip
via
1.1 vegur, 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
221
x-cache
Hit from cloudfront
x-amz-cf-id
7-T2aA-RXBCveM7967Wy9xSzvSQHEInGwJ0UZ6CrMXlZEkFk5w8O3Q==
view.json
www.powr.io/plugins/hit-counter/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/plugins/hit-counter/view.json?unique_label=2494b49b_1482606695&powr_token=zoU7tqN14A1482606694&user_label=&demo_mode=false&external_type=wordpress&template_powr_token=&url=https%3A%2F%2Fskitaos2.com%2Foffice365%2Fmicrosoft_login%2Femail_update%2F&request_url=https%3A%2F%2Fskitaos2.com
Requested by
Host: www.powr.io
URL: https://www.powr.io/powr.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-142.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
088c1ca701966475994e6131d9c3445b1058fd68f538cdab8314766e8df0f723
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://skitaos2.com/office365/microsoft_login/email_update/
Origin
https://skitaos2.com

Response headers

date
Mon, 10 Sep 2018 19:08:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
https://skitaos2.com
x-cache
Miss from cloudfront
status
200, 200 OK
x-request-id
acc2d51b-4c63-4f1d-ab38-93c0934fe08a
x-runtime
0.067524
server
Cowboy
etag
W/"7d022d339551cea76da3a325d4cdae4a"
x-frame-options
ALLOWALL
content-type
application/json; charset=utf-8
via
1.1 vegur, 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
fcqLHYGOgEdHhSiD3O8T-giSyyZURAg9ToeLZPgBzc21rjwKnGvtiw==
page.php
www.facebook.com/v2.5/plugins/ Frame 8BC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FkO5a7GzG6AF.js%3Fversion%3D42%23cb%3Df1d1cad846eae%26domain%3Dskitaos2.com%26origin%3Dhttps%253A%252F%252Fskitaos2.com%252Ffb550c07ed37ac%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fahealthjunky&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=318
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.5/plugins/page.php?adapt_container_width=true&app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FkO5a7GzG6AF.js%3Fversion%3D42%23cb%3Df1d1cad846eae%26domain%3Dskitaos2.com%26origin%3Dhttps%253A%252F%252Fskitaos2.com%252Ffb550c07ed37ac%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fahealthjunky&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=318
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://skitaos2.com/office365/microsoft_login/email_update/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4C357A585986A021B96F13E56442AAFC
Referer
https://skitaos2.com/office365/microsoft_login/email_update/

Response headers

status
200
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v2.7
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma
no-cache
x-xss-protection
0
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset="utf-8"
x-fb-debug
rE5Xp9gwvgn55QlMquIkPUu2ICw0FZqEDckVNJaYB67ybnbO/pVgywbx8A3VGI4rHh7zrcHM4mvcb4qDqzXeDw==
date
Mon, 10 Sep 2018 19:08:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ahealthjunky.com
URL
https://ahealthjunky.com/wp-content/themes/performag/thrive-dashboard/css/font/Lato.ttf
Domain
ahealthjunky.com
URL
https://ahealthjunky.com/wp-content/themes/performag/fonts/performag-icomoon.woff?4seflc
Domain
ahealthjunky.com
URL
https://ahealthjunky.com/wp-content/themes/performag/fonts/Cabin.ttf
Domain
ahealthjunky.com
URL
https://ahealthjunky.com/wp-content/themes/performag/fonts/Ubuntu.ttf
Domain
ahealthjunky.com
URL
https://ahealthjunky.com/wp-content/themes/performag/fonts/performag-icomoon.ttf?4seflc

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| POWR_RECEIVERS function| loadPowr object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| THO_Head function| tho_change_titles function| tho_brute_search_replace function| tho_get_title_variation function| tho_output_title function| tho_random_key function| tho_get_cookie function| tho_set_cookie string| THO_Titles object| THO_Variations number| tho_title_interval object| _EPYT_ object| jQuery1124007704051948950852 object| _EPADashboard_ function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga string| cfflinkhashtags object| TVE_Ult_Data object| ThriveGlobal object| wpcf7 boolean| cff_js_exists function| cff_init object| sbfp_script_data string| sbfp_countdown string| sbfp_timeout string| sbfp_fbpage object| THO_Front object| tve_frontend_options undefined| __thrive_$oJ object| TVE_jQFn object| TCB_Front function| isExternal function| unserialize object| ThriveApp number| _isAdmin object| _overlayElement object| tve_dash_front object| TVE_Dash function| epdofitvids object| TL_Const object| tcb_autofill number| TCB_PAGE_INDEX number| _thriveCurrentPost object| gaplugins object| gaGlobal object| gaData object| FB number| _is_blankPage

1 Cookies

Domain/Path Name / Value
www.powr.io/ Name: unique_id
Value: 4b4f728c_1536606510

5 Console Messages

Source Level URL
Text
console-api log URL: https://ahealthjunky.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2)
Message:
YT API init check
console-api log URL: https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2)
Message:
YT API init check
console-api log URL: https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2)
Message:
YT API init check
console-api log URL: https://ahealthjunky.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2)
Message:
YT API init check

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahealthjunky.com
connect.facebook.net
fonts.googleapis.com
maxcdn.bootstrapcdn.com
skitaos2.com
staticxx.facebook.com
ws-na.amazon-adsystem.com
www.ahealthjunky.com
www.facebook.com
www.google-analytics.com
www.powr.io
ahealthjunky.com
173.236.11.196
176.32.100.230
209.197.3.15
23.238.18.46
2400:cb00:2048:1::6812:32ba
2400:cb00:2048:1::6812:33ba
2a00:1450:4001:819::200a
2a00:1450:4001:819::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
54.230.93.142
06275abceb61821fb34bc7d8d8d018203c9a3ba0ee85e9d686cdd432f79d142d
088c1ca701966475994e6131d9c3445b1058fd68f538cdab8314766e8df0f723
0f166b46ca6ded2981afd7c71392023400a38ea80b6aa3bb4b70d22fb97bbf55
36f5df4ecd3673528f8b174ccd2eafd4ec1398085ac92efc32b78327efd0937e
3e6ef9653644f1084a7dd578c6f2677daab266ff14f9895a4162d924343edbb3
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4910b8615a4b39d53380c94d10920db711f0510f79bb6e40fa562917a0645dd2
55195bb8becc425d73bf258d0fb94888e0f94b400579e490f9d0fd91a5a834c2
56e96e59a4c5b8a727afe4778b4139ce36bd9be004bb4c6b2e36590d31ba7518
5ed53d8fae1c59cb7e6aefc04ca07665dbe066e4fac8288fcbb81dbf58af7f5d
5f80f1ab2faeca82776b6b5de9fcb09362258bfd3f7bd8443d0c89c8cc7b9e80
6ee9c205bf2ed52c669542e70759c40f4561ac954cc57744c8affb001c926731
6f9367d86975cba7269571a351630b6c6ba4610bccd6eb15c18c3f943dc5ac24
78719e2624688606d54e5ebe763eb8ec0abf1cb76ef38f1f2aa3e2f2fd19cc47
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e99b81a7a7ad7f296a73acc4f8f3ecba1f891dfb2c11b750e03bf1b4d4b38ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a8378ab2cb9d5bce538edb753fdc25e811425a8041a3367e0fa4058a1e9f0d1
90e7cf287ad1931e417612fd28d6c58fa3491c8cf609bbe4b5b22b3b2ead2c13
92d78fc1939bbf6345991b0aabee3a2202c76f9f087f14ee85edf008d37d30bf
9aa8a04fabdda76673b068b2f5e6f5fb3b82039baa72f80b0582a58bbfd10395
a11b7c9b22bebe51c97d13dd61a9da974732c86fc071c66f8486debd68314f4c
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
b7118c593e5af3b541cb09463cbacc1da024df1245ad4183dd85a22973e4b0d7
bb14229fac99e7ad94c78510c43c46f13558c26071df6d76ad4ba65c31c7bbc4
c33de89879305aec0f21c4afb92c63e61314a3c59c130cecc151eef6c8c1d8ee
c6138c4b65aaff6e46d51c26096ffffadd202974003ad0f6d4475b45204bd0ab
ced46e5b5a86d2031528a0e4d7eb9d64a160fe8f8f00c491361f47800a4ef331
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d2526fcff7bc8e304f5397b5a7533835ef4b45ace8f777cae2f5b5d63145e621
d38f2ec8ecb77c09f3439fb2c8ebf73a50f57e0e925f5b306a02c39dab1c8e5b
dc39a3d7f03ce322334acd29de47e683d867c03557bbe38c69b1d7a273f988f8
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e16d3fd7756a63652bb86e4313dccd075e92fa739bf7d272fd547065f0b518ec
e2618d716ceb002508df5f4e4d6b52fed44aa0c083723011c83b690477468e96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4c282fcfe37bf397e4297f60cf042d9c9be096ae9f2a43912f0a5c1737b1f60
f736d13612e75d53bc08bf148dfe4b9176870747cd90b411995362d6e7c87f43
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e