URL: https://valleyinmotion.posturestage.com/
Submission: On November 22 via api from US — Scanned from US

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 49 HTTP transactions. The main IP is 143.198.10.229, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is valleyinmotion.posturestage.com.
TLS certificate: Issued by E6 on October 22nd 2024. Valid for: 3 months.
This is the only time valleyinmotion.posturestage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 143.198.10.229 14061 (DIGITALOC...)
2 142.251.167.97 15169 (GOOGLE)
1 172.253.62.95 15169 (GOOGLE)
3 172.253.122.138 15169 (GOOGLE)
5 3.169.183.33 16509 (AMAZON-02)
1 45.60.31.183 19551 (INCAPSULA)
4 142.251.179.94 15169 (GOOGLE)
7 79.127.206.207 60068 (CDN77 Dat...)
1 54.156.125.69 14618 (AMAZON-AES)
4 157.240.229.1 32934 (FACEBOOK)
4 31.13.66.19 32934 (FACEBOOK)
1 1 157.240.229.17 32934 (FACEBOOK)
1 31.13.93.26 32934 (FACEBOOK)
1 44.238.232.77 16509 (AMAZON-02)
49 13
Apex Domain
Subdomains
Transfer
15 posturestage.com
valleyinmotion.posturestage.com
3 MB
9 fbcdn.net
scontent-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 5305
scontent-iad3-1.xx.fbcdn.net — Cisco Umbrella Rank: 5124
external-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 25269
scontent-dfw5-2.xx.fbcdn.net — Cisco Umbrella Rank: 4261
2 KB
8 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3208
api.userway.org — Cisco Umbrella Rank: 3180
66 KB
6 curator.io
cdn.curator.io — Cisco Umbrella Rank: 47448
api.curator.io — Cisco Umbrella Rank: 60099
142 KB
4 gstatic.com
fonts.gstatic.com
95 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
177 KB
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 184
107 B
1 networkforgood.com
valleyinmotion.dm.networkforgood.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
49 10
Domain Requested by
15 valleyinmotion.posturestage.com valleyinmotion.posturestage.com
7 cdn.userway.org valleyinmotion.posturestage.com
cdn.userway.org
5 cdn.curator.io valleyinmotion.posturestage.com
cdn.curator.io
4 scontent-iad3-1.xx.fbcdn.net valleyinmotion.posturestage.com
4 fonts.gstatic.com fonts.googleapis.com
3 scontent-iad3-2.xx.fbcdn.net valleyinmotion.posturestage.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com valleyinmotion.posturestage.com
www.googletagmanager.com
1 api.userway.org cdn.userway.org
1 scontent-dfw5-2.xx.fbcdn.net valleyinmotion.posturestage.com
1 graph.facebook.com 1 redirects
1 external-iad3-2.xx.fbcdn.net valleyinmotion.posturestage.com
1 api.curator.io cdn.curator.io
1 valleyinmotion.dm.networkforgood.com valleyinmotion.posturestage.com
1 fonts.googleapis.com valleyinmotion.posturestage.com
49 15

This site contains links to these domains. Also see Links.

Domain
valleyinmotion.networkforgood.com
curator.io
www.facebook.com
woobox.com
Subject Issuer Validity Valid
valleyinmotion.posturestage.com
E6
2024-10-22 -
2025-01-20
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.curator.io
Amazon RSA 2048 M02
2024-11-21 -
2025-12-20
a year crt.sh
*.dm.networkforgood.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-23 -
2025-05-23
a year crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
1667503734.rsc.cdn77.org
E6
2024-09-25 -
2024-12-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-01 -
2024-11-30
3 months crt.sh
api.userway.org
Amazon RSA 2048 M02
2024-08-02 -
2025-08-31
a year crt.sh

This page contains 2 frames:

Primary Page: https://valleyinmotion.posturestage.com/
Frame ID: BF65695544FCB438080820D6687456DD
Requests: 48 HTTP requests in this frame

Frame: https://valleyinmotion.dm.networkforgood.com/forms/233559?iframe=1
Frame ID: 8D5A598A1EF9662CB64C6B3F49BFCFCF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Valley In Motion – Fostering community and quality of life in the Lackawanna Valley.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

13
IPs

1
Countries

3533 kB
Transfer

4535 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://graph.facebook.com/107364297539549/picture HTTP 302
  • https://scontent-dfw5-2.xx.fbcdn.net/v/t39.30808-1/279358776_314382794144086_305919506196826529_n.jpg?stp=c256.0.1536.1536a_cp0_dst-jpg_s50x50&_nc_cat=107&ccb=1-7&_nc_sid=6738e8&_nc_ohc=jiGDDlKLmAkQ7kNvgHL0nYg&_nc_zt=24&_nc_ht=scontent-dfw5-2.xx&edm=AOf6bZoEAAAA&_nc_gid=AGQ3V3fS_KB2B2MluruZVLT&oh=00_AYB3jADs6sQdFpL7gQk8AL4jABDjXVf70jq8OM-QORYCVw&oe=6745C5CE

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
valleyinmotion.posturestage.com/
27 KB
7 KB
Document
General
Full URL
https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
293056418438640c82dd707d1159158ff2b089c833c4997e4de130c3df55289c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
6256
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Nov 2024 02:00:53 GMT
Keep-Alive
timeout=5, max=100
Link
<https://valleyinmotion.posturestage.com/wp-json/>; rel="https://api.w.org/", <https://valleyinmotion.posturestage.com/wp-json/wp/v2/pages/80>; rel="alternate"; type="application/json", <https://valleyinmotion.posturestage.com/>; rel=shortlink
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
X-TEC-API-ORIGIN
https://valleyinmotion.posturestage.com
X-TEC-API-ROOT
https://valleyinmotion.posturestage.com/wp-json/tribe/events/v1/
X-TEC-API-VERSION
v1
app.d2789cc233cbc1fd309d.css
valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/css/
106 KB
16 KB
Stylesheet
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/css/app.d2789cc233cbc1fd309d.css
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
695b677e5fa7973ee54e6e4e0f73028496babd37bee40ca02d3d19950e18a637

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

Content-Encoding
gzip
ETag
"1a94a-6251232a8810f-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15994
Keep-Alive
timeout=5, max=99
Date
Fri, 22 Nov 2024 02:00:53 GMT
Last-Modified
Tue, 22 Oct 2024 15:12:29 GMT
Vary
Accept-Encoding
Server
Apache/2.4.52 (Ubuntu)
Content-Type
text/css
js
www.googletagmanager.com/gtag/
223 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91397614-42
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
cd3d7269e0f97e1235225c5e61b2f7f75759c9296acc58e5981d0d8f586dc8ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 22 Nov 2024 02:00:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:00:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 22 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81392
x-xss-protection
0
server
Google Tag Manager
style.min.css
valleyinmotion.posturestage.com/wp-includes/css/dist/block-library/
81 KB
11 KB
Stylesheet
General
Full URL
https://valleyinmotion.posturestage.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.1
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

Content-Encoding
gzip
ETag
"145a9-6251232b07ff1-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11191
Keep-Alive
timeout=5, max=98
Date
Fri, 22 Nov 2024 02:00:53 GMT
Last-Modified
Tue, 22 Oct 2024 15:12:30 GMT
Vary
Accept-Encoding
Server
Apache/2.4.52 (Ubuntu)
Content-Type
text/css
vim-logo.svg
valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/images/
7 KB
7 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/images/vim-logo.svg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
bf7dce8b1b19fe03838518852313d3521bc933a29abab216638846bb30dc74d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"1a66-6251232a890af"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6758
Keep-Alive
timeout=5, max=100
Date
Fri, 22 Nov 2024 02:00:53 GMT
Last-Modified
Tue, 22 Oct 2024 15:12:29 GMT
Content-Type
image/svg+xml
Server
Apache/2.4.52 (Ubuntu)
Kennedy-Schoolyard-Construction-4-1024x768.jpg
valleyinmotion.posturestage.com/wp-content/uploads/2024/09/
208 KB
208 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2024/09/Kennedy-Schoolyard-Construction-4-1024x768.jpg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
3aa87efca30631803ce08eb413db8cbe07f4a78235b7031c4e252aea06f2f798

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"33e0b-6213f18ae5b40"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
212491
Keep-Alive
timeout=5, max=100
Date
Fri, 22 Nov 2024 02:00:53 GMT
Last-Modified
Tue, 03 Sep 2024 23:05:41 GMT
Content-Type
image/jpeg
Server
Apache/2.4.52 (Ubuntu)
Walking-Club-nice-lineup-crop.png
valleyinmotion.posturestage.com/wp-content/uploads/2023/12/
919 KB
920 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2023/12/Walking-Club-nice-lineup-crop.png
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
d2675c1105164a778b51fdbff3b6fb5e6c10b86f8a2177b37e233c936777fc9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"e5d07-60c8eda4358c0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
941319
Keep-Alive
timeout=5, max=99
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Fri, 15 Dec 2023 16:25:47 GMT
Content-Type
image/png
Server
Apache/2.4.52 (Ubuntu)
Safe-Streets-Zoom-blurry-1024x626.png
valleyinmotion.posturestage.com/wp-content/uploads/2024/09/
969 KB
969 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2024/09/Safe-Streets-Zoom-blurry-1024x626.png
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
febb6e3b0d9094fa872c30b09108444921daf370811347ddf19d3447fc4b0de6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"f237b-6213d9b1796c0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
992123
Keep-Alive
timeout=5, max=99
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Tue, 03 Sep 2024 21:18:59 GMT
Content-Type
image/png
Server
Apache/2.4.52 (Ubuntu)
IMG_1177-rotated.jpg
valleyinmotion.posturestage.com/wp-content/uploads/2023/11/
63 KB
63 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2023/11/IMG_1177-rotated.jpg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
d918ea079cd4a1a01fceaf392a6553da422ec9e24bc79a2a8bac0b42f3a3d527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"fc22-60a602a97e600"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64546
Keep-Alive
timeout=5, max=98
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Fri, 17 Nov 2023 21:53:28 GMT
Content-Type
image/jpeg
Server
Apache/2.4.52 (Ubuntu)
DN-TTD-LAC-CarbondaleMural-03-1024x684.jpg
valleyinmotion.posturestage.com/wp-content/uploads/2024/08/
308 KB
308 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2024/08/DN-TTD-LAC-CarbondaleMural-03-1024x684.jpg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
960910ef6f4d63b73b5d04e2233471229c44104ad3943a74e114d1e15bc563b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"4d020-61f329dc4a500"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
315424
Keep-Alive
timeout=5, max=96
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Thu, 08 Aug 2024 21:21:56 GMT
Content-Type
image/jpeg
Server
Apache/2.4.52 (Ubuntu)
IMG_20231125_104512135-773x1024.jpg
valleyinmotion.posturestage.com/wp-content/uploads/2024/08/
271 KB
271 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2024/08/IMG_20231125_104512135-773x1024.jpg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
d5a6966f67c90d4e314e73f458b6a70b0d69ab4219c5bb4127eeb0e31112393e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"43aec-61f46efb43380"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
277228
Keep-Alive
timeout=5, max=95
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Fri, 09 Aug 2024 21:36:30 GMT
Content-Type
image/jpeg
Server
Apache/2.4.52 (Ubuntu)
past-projects-e1646855559731.jpg
valleyinmotion.posturestage.com/wp-content/uploads/2022/03/
71 KB
71 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2022/03/past-projects-e1646855559731.jpg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
b0ec83189864b965ed365f8855ee05566a784b89545d68c745aa60b267e9d7e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"11b37-5d9ce70972fc0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
72503
Keep-Alive
timeout=5, max=94
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Wed, 09 Mar 2022 19:52:39 GMT
Content-Type
image/jpeg
Server
Apache/2.4.52 (Ubuntu)
powered-by-vim-logo.svg
valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/images/
6 KB
6 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/images/powered-by-vim-logo.svg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
bcf250f7cf23bb0ae738a702da7523c74acdb526f40e3bab6376d2fe19c4400c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"1679-6251232a890af"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5753
Keep-Alive
timeout=5, max=93
Date
Fri, 22 Nov 2024 02:00:55 GMT
Last-Modified
Tue, 22 Oct 2024 15:12:29 GMT
Content-Type
image/svg+xml
Server
Apache/2.4.52 (Ubuntu)
app.bundle.d7f13dd621d318f15394.js
valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/js/
104 KB
36 KB
Script
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/js/app.bundle.d7f13dd621d318f15394.js
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
9a190320a5b68ea18ef0976b0571afbdd06cdd625d7ed79c40ce337638fd7442

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

Content-Encoding
gzip
ETag
"1a133-6251232a8a04f-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
36286
Keep-Alive
timeout=5, max=97
Date
Fri, 22 Nov 2024 02:00:54 GMT
Last-Modified
Tue, 22 Oct 2024 15:12:29 GMT
Vary
Accept-Encoding
Server
Apache/2.4.52 (Ubuntu)
Content-Type
text/javascript
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans:wght@200;300;400;500;600;700&display=swap
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/css/app.d2789cc233cbc1fd309d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
e44c9bd247a09ea8aa2ec082e581e72db0280bca84961fc71c542887280b0482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 02:00:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:00:54 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 22 Nov 2024 02:00:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/
276 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MTGQ6D52DW&l=dataLayer&cx=c&gtm=457e4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91397614-42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fd7d04c2bc52a22337854a1fed100053f63c1bde8a9859cf13c3161075941057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 22 Nov 2024 02:00:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:00:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98507
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91397614-42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
gzip
age
6735
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 02:08:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 00:08:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
f54f78eb-e6e1-4647-808e-134aa076aeac.js
cdn.curator.io/published/
2 KB
1 KB
Script
General
Full URL
https://cdn.curator.io/published/f54f78eb-e6e1-4647-808e-134aa076aeac.js
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.169.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-169-183-33.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
b9918a26a59dd67d45260a75fc46d19e414e19934b57eaea454c8d3ddf558092

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
gzip
etag
W/"5f44f155-98e"
age
74943
via
1.1 cb0f9f6369baeebf7c66aebe4cb453ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
43wC6CAEfODA-kZLlpodrhsUsyByWghQX7JzEa7PG5XhEp191Xa1vA==
date
Thu, 21 Nov 2024 05:11:53 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 25 Aug 2020 11:09:09 GMT
server
nginx
x-amz-cf-pop
SFO53-P7
vary
Accept-Encoding
233559
valleyinmotion.dm.networkforgood.com/forms/ Frame 8D5A
0
0
Document
General
Full URL
https://valleyinmotion.dm.networkforgood.com/forms/233559?iframe=1
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx + Phusion Passenger(R) / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valleyinmotion.posturestage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Nov 2024 02:00:57 GMT
etag
W/"d565c0d46e2e48e5d7a746932a9d75fb"
referrer-policy
strict-origin-when-cross-origin
server
nginx + Phusion Passenger(R)
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains
x-cdn
Imperva
x-content-type-options
nosniff
x-download-options
noopen
x-iinfo
1042-4649148-4649155 NNNN CT(30 65 0) RT(1732240857648 112) q(0 0 1 1) r(2 2) U12
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
x-request-id
4f54e0df-d908-4000-ae1e-81ed19e3d0bb
x-runtime
0.052750
x-xss-protection
1; mode=block
hero-bg.jpg
valleyinmotion.posturestage.com/wp-content/uploads/2020/08/
133 KB
134 KB
Image
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/uploads/2020/08/hero-bg.jpg
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
6354927a96fea1acc79d97477219827e3b9cb690d5a27c1f79cccf493738925a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"214f1-5d9b67d6b1bc0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
136433
Keep-Alive
timeout=5, max=92
Date
Fri, 22 Nov 2024 02:00:56 GMT
Last-Modified
Tue, 08 Mar 2022 15:18:15 GMT
Content-Type
image/jpeg
Server
Apache/2.4.52 (Ubuntu)
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://fonts.googleapis.com/

Response headers

age
398
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 01:54:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 01:54:18 GMT
last-modified
Tue, 02 May 2023 14:50:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24964
x-xss-protection
0
server
sffe
va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://fonts.googleapis.com/

Response headers

age
47275
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 12:53:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 12:53:01 GMT
last-modified
Tue, 02 May 2023 14:50:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24868
x-xss-protection
0
server
sffe
va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://fonts.googleapis.com/

Response headers

age
47316
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 12:52:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 12:52:20 GMT
last-modified
Tue, 02 May 2023 14:50:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23620
x-xss-protection
0
server
sffe
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://fonts.googleapis.com/

Response headers

age
50201
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 12:04:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 12:04:15 GMT
last-modified
Tue, 02 May 2023 14:50:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23880
x-xss-protection
0
server
sffe
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ef231dcd4cbcad51c72ea21b29dc248d1e1676c4cf125563708aee598fd5b91a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"1da701210c2ad11dca7dc468826427a8"
age
281
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
pqCaFZus6FUzi-XgmNgocJwNMjcq4CSAGHRScQQxDf107WZhcQ11fA==
date
Fri, 22 Nov 2024 02:00:59 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 13:50:15 GMT
x-77-nzt-ray
8705ec3466a035b7dbe53f67d1ed6325
vary
Accept-Encoding
x-77-nzt
EgwBT3/OzgH3aQAAAAwBnJI74gG3AAAAAA
cache-control
max-age=3600, public
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
105
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MTGQ6D52DW&gtm=45je4bk0v9121980993za200&_p=1732240856272&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=401441852.1732240856&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732240856&sct=1&seg=0&dl=https%3A%2F%2Fvalleyinmotion.posturestage.com%2F&dt=Valley%20In%20Motion%20%E2%80%93%20Fostering%20community%20and%20quality%20of%20life%20in%20the%20Lackawanna%20Valley.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3722
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MTGQ6D52DW&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://valleyinmotion.posturestage.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:00:57 GMT
content-type
text/plain
server
Golfe2
curator.css
cdn.curator.io/4.0/css/
55 KB
9 KB
Stylesheet
General
Full URL
https://cdn.curator.io/4.0/css/curator.css
Requested by
Host: cdn.curator.io
URL: https://cdn.curator.io/published/f54f78eb-e6e1-4647-808e-134aa076aeac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.169.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-169-183-33.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
16d5b97d997bee0eaabf67725da093121d942e7aaf2c3c1dd55fe299bca8dec9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
gzip
etag
W/"5ffb2d97-dbf3"
age
55739
via
1.1 cb0f9f6369baeebf7c66aebe4cb453ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
7BHCvCcmCQ1_kDWIs2fLpbJq3FS8dSzsb46G5ZovzbIPsOv7oKX7nQ==
date
Thu, 21 Nov 2024 10:31:57 GMT
content-type
text/css
last-modified
Sun, 10 Jan 2021 16:38:47 GMT
server
nginx
x-amz-cf-pop
SFO53-P7
vary
Accept-Encoding
f54f78eb-e6e1-4647-808e-134aa076aeac.css
cdn.curator.io/published-css/
71 B
427 B
Stylesheet
General
Full URL
https://cdn.curator.io/published-css/f54f78eb-e6e1-4647-808e-134aa076aeac.css
Requested by
Host: cdn.curator.io
URL: https://cdn.curator.io/published/f54f78eb-e6e1-4647-808e-134aa076aeac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.169.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-169-183-33.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
2a78b3398f7a7e6bc6e6a1574de9d57ef0643d301d3d9478d6e5e5653f474bfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
gzip
etag
W/"5f44f156-47"
via
1.1 cb0f9f6369baeebf7c66aebe4cb453ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
PXov7YdolLEQV7ckdu70hcmo5dICLvcuyxaJXZIpfNzAlrHlqU2zQA==
date
Fri, 22 Nov 2024 02:00:57 GMT
content-type
text/css
last-modified
Tue, 25 Aug 2020 11:09:10 GMT
server
nginx
x-amz-cf-pop
SFO53-P7
vary
Accept-Encoding
curator.embed.min.js
cdn.curator.io/4.0/js/
274 KB
62 KB
Script
General
Full URL
https://cdn.curator.io/4.0/js/curator.embed.min.js
Requested by
Host: cdn.curator.io
URL: https://cdn.curator.io/published/f54f78eb-e6e1-4647-808e-134aa076aeac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.169.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-169-183-33.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
a8d338227bbcdb538f7e5812c6446640ca4290491f69f323136320f1762433a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

content-encoding
gzip
etag
W/"5f7be52e-44709"
age
53025
via
1.1 cb0f9f6369baeebf7c66aebe4cb453ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
NUUNSHHJqpa-CtGy64EGUCcOeNjOQcLHI5CRt0BnRzl-8GM9leYVXA==
date
Thu, 21 Nov 2024 11:26:57 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 06 Oct 2020 03:31:58 GMT
server
nginx
x-amz-cf-pop
SFO53-P7
vary
Accept-Encoding
posts
api.curator.io/restricted/feeds/f54f78eb-e6e1-4647-808e-134aa076aeac/
60 KB
61 KB
XHR
General
Full URL
https://api.curator.io/restricted/feeds/f54f78eb-e6e1-4647-808e-134aa076aeac/posts?limit=25&hasPoweredBy=true&version=4.0
Requested by
Host: cdn.curator.io
URL: https://cdn.curator.io/4.0/js/curator.embed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.125.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-125-69.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1da205a48a4ec9b3722105d9f8d24bf2f055c90c789eca00b33219ab1e0bf00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

x-ratelimit-remaining
299
cache-control
no-cache, private
access-control-allow-origin
*
date
Fri, 22 Nov 2024 02:00:58 GMT
x-ratelimit-limit
300
content-type
application/json
server
nginx
collect
www.google-analytics.com/j/
1 B
304 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=969527961&t=pageview&_s=1&dl=https%3A%2F%2Fvalleyinmotion.posturestage.com%2F&ul=en-us&de=UTF-8&dt=Valley%20In%20Motion%20%E2%80%93%20Fostering%20community%20and%20quality%20of%20life%20in%20the%20Lackawanna%20Valley.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=261028462&gjid=719294777&cid=401441852.1732240856&tid=UA-91397614-42&_gid=99017455.1732240858&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=117501122
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://valleyinmotion.posturestage.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:00:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://valleyinmotion.posturestage.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
426418315_774322641407104_7606344353491940725_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/426418315_774322641407104_7606344353491940725_n.jpg?stp=dst-jpg_p720x720&_nc_cat=111&ccb=1-7&_nc_sid=3635dc&_nc_ohc=0YaG_X8YrSUAX82Wh7w&_nc_ht=scontent-iad3-2.xx&edm=AKIiGfEEAAAA&oh=00_AfCFIGX6-PeeSdrZA12y3QECULmDCL21cWbHAW2VXLlusw&oe=65DA7DF8
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcLkvpzT9Yl4RuhZpB8jop7NSKrt36ecmfI6EjxABMXm-aiLb7VoWOtkqBL5zA"; e_clientaddr="AcJy8wRb7U-4paOpM__J-pG_1nU6KPQ3zkr6A-WWH68TyuH24uVhjCgg8uc3sBQGrJVyB4MPDhsQJ7IZ"; e_fb_vipport="AcK8IuSDbsm-YZgSZQ3yGpbXQJoOL5ipjKkGPgejf2jizoBDnygP3KCLW_Nu"; e_fb_requestsequencenumber="AcLZeqZRvk4FErE3Lg1-SXU9PLXamNoDxd1z42l_CqFgvknKWhgVqQo28w"; e_fb_hostheader="AcL177j8lBDnRXmcx8RpmFrTohmjyuk29_q34AIl2hiFTkIYfomWqICGAZFw5GtPkvM1p_w7jf0Ng4zk_7Hdw01pCXP7sA"; e_fb_vipaddr="AcJGn7oeek8TeCc9VVLaOPIu2PaLwc2qxuMzl-rsXSM99pMrYNxGlQnniReIPXTCzopPn2my4g"; e_fb_requesthandler="AcJpwuznc8ltXY-qrYOUcOauHxQYGmVksRUpr94NdOX5Yl8LOEz-H1sOWAT6y5lGUGfJ7fuOOnkA_pf3"; e_fb_requesttime="AcLxWr39RnTk3ijLKkKLeLea3UBvCWhAwBmh5LOLl_dQ0Zn8WpZ7_2GCUMmVw_I4EjUaXpPYvA"; e_fb_builduser="AcIqFhsGRcK2UR1223i8AKa7XO_GaJA73DH8GmkUjs1qz3lfCItX1tljFjABM8FlIcc"; e_fb_httpversion="AcJfOrm4hcYAEvmy_E1OCikOEnJPVCYdxo9_F-AazJ2aJyudeUsoSH8pZDst"; e_fb_binaryversion="AcJZ8HjvOiINlN12RpOmHQMFgumgZplgDal0d4WBgdzu-BwbMyL3vnjnfMceE7XUNQfIL3d0G4_Y5KXnQP0iEFkhhWClEVo1l24"; e_proxy="AcKeeXokMI1ybKb8bOOWLeIMaBIqV-WKnzjJqcNxx7uySEO_cnR3tDjKiG5Ya--KxzeiYgZVrUJeGU4", http_request_error; e_fb_configversion="AcKGmyB6avke2tAT07FuNNjutNpfmNdWXHtatlcdFfZXoHX3biG6kdliwxjd_A"; e_clientaddr="AcL7tC3A2WEgzDeCr5fZjhsjSLaEkckDGlGu_yGOwdjzmUVpOJzxkWp6xDoi-NOd-ohlF1AuTnHmMbve"; e_fb_vipport="AcKHTw1jM_0OvLB068eV3yRok0MQjvmNq2PXiZkvBvTrOZDa4OSK8QETFha2"; e_fb_requestsequencenumber="AcLK5kpRZmy9rUOwIiky36HeS09UDg0m9l7Ct5oWTxXGwoWl18N4V8zKFw"; e_fb_responsebytes="AcJhXWJCMsaUWpX9CABSQ6dg8o4caIxYtYIK6ACvNYV5myZghEZoykYp1fE"; e_fb_hostheader="AcIsQL3eOR3TJCtGz-z-7NRUdWaSSXCctQ7tOfk65uRO1x5GUykUHb0dFz5JACKglSgr-1UQ1XZRPcnkOJEPuadlg8Jbvg"; e_fb_vipaddr="AcJWR1aO871Uo7loukt2plvLGtjQNwl0Xshky58kjdLkqhaerz9W7xf_n_sd6EK4A1ba-Tr9aw"; e_fb_requesthandler="AcL4cWe13LrafAADCIcpfjnedUdLliek0J4aqSF7KTRKzxKBS2QNFFlSPchkoAwsaks1xULy4xEBH0Kp"; e_fb_requesttime="AcJ2ieKg68bEv6O2l0ZmDbPG4dcg_uBWBSB4einYvvIxj7GwvNx6p7qBji8wE1HaA0Mgnjsyaw"; e_fb_builduser="AcK8A0COtKlZPYp5-ctnLor1DXsl_kFL4_AHWs42oY99u6QIm1tke1nhrPIGLmy24As"; e_fb_httpversion="AcI-jvEGT2MrE55vEE8Zy2sPaWzn712S3YjwSiKm7KSOibHS5W5VWk7p2Xba"; e_fb_binaryversion="AcId4PM5KgmtzHFfN3oowLDBmywQcnu7kHxcCldDgF8QowJx_exu7NmTVvpOhuNE1S2kGetA1LTGT7YM0_5M6kCuenJ3DTvcz1s"; e_proxy="AcJm9yCEg8LMCUhDLLQBgAVBov1nulnhaNkD9HETJAqx34n-yKG5-HCaVnDUdlY2No_9RckYJgmte6Q"
x-fb-connection-quality
GOOD; q=0.7, rtt=80, rtx=0, c=23, mss=1232, tbw=8544, tp=14, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
7D49F02658DB8ACF3AF5F975D3154AA6
priority
u=3,i
crt-icon.woff2
cdn.curator.io/4.0/fonts/
8 KB
9 KB
Font
General
Full URL
https://cdn.curator.io/4.0/fonts/crt-icon.woff2?32623403
Requested by
Host: cdn.curator.io
URL: https://cdn.curator.io/4.0/css/curator.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.169.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-169-183-33.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
4c645066ca3a11ca4bfa58b72a71fd93fa3fa222d40e5c4759e6e771b6f2b784

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://cdn.curator.io/4.0/css/curator.css

Response headers

etag
"5eb5dd69-21a0"
age
34328
via
1.1 9a448e42428e8683fe0fc64dff7a7112.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
8608
x-amz-cf-id
_edMZYRrwgPaOfNJkoEm3gWibrw6KSMJpXas-L26O_HDKQd-zwijQw==
date
Thu, 21 Nov 2024 16:32:16 GMT
content-type
font/woff2
last-modified
Fri, 08 May 2020 22:30:01 GMT
server
nginx
x-amz-cf-pop
SFO53-P7
vary
Accept-Encoding
425696010_911614133646997_8120517143812386561_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/425696010_911614133646997_8120517143812386561_n.jpg?stp=dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=SP8yQkkCU9cAX-o04vp&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfB1Nx_zXzuzppx-aDNh0F7BSoACly5kkBvE07GS26oQwQ&oe=65DA05B3
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcL7n5Ug0ghRnbjhG-nJT3XySjwtdh2Ce69kajCr2g7Fl3-3SD6Ws8GYDTvR8w"; e_clientaddr="AcI0RKA9kNApq57tEkc95iqXxfSDkfs_TU3TLEu_YYwSqTinUxjs4vFTcxxJbMiUKWB41d3JTDXormQ9"; e_fb_vipport="AcIu_YZc5ry28Ka5YWWAlImfLW2ZU-NTTUW9daqj4TWXNsXOdTqc4amiQ1Jy"; e_fb_requestsequencenumber="AcJanvl_5pY9sf-Hvmk50XmiBjdSV6Gx3oTa3H-bv0G9aCpQ1KiDQqYKLA"; e_fb_hostheader="AcLv9aeekZADq2M5PkcfsivOg3tbMk98790Z0VZqQzzO3S8p_qvb7XS6vCbTHR4ZJ_hBV40yzcu3OwqE61nLK16yhauxRg"; e_fb_vipaddr="AcKsZfM6GN6vA4IvATUEhKZOi0Zbb3zSEOjNV-Ns91knRlh9xE1E0uRiOhXa1lSIs3L4Sug"; e_fb_requesthandler="AcK5dVMBrZ506NVR62nivkEWbZjXp8xtGdwmPhXn6EfM32-0l1zP9UKaLubm6tyauzTcwgrAu6p6K8Cx"; e_fb_requesttime="AcKVCe6o8lwqjgQp0W0I8KcMQYSCnVzHPk2CpeLOC8V8wQg7pHbUdtdQmfcG8ipryHOczeV-BA"; e_fb_builduser="AcIuXR3ORtYnjgkI-JmS8tsp7HAl02_2Z8UjXOO5FHG0w9Zjip4McAjTzQV8Q4YCf2w"; e_fb_httpversion="AcJfWf7_L-STi24pDxv1G_0nzHjn3lGbL3FKp9x86gqCDCdoJK-JcejN7C8x"; e_fb_binaryversion="AcLxGqzBUA8W_xHLXxgv09wUTFmx3nZwr5f0CHBdGRHff9YYuPcfjcmMfu7pqOi9eF4EgGh2GXkS7u7WnrpUdpUAnMLLy-9ZG94"; e_proxy="AcLQ55k7BN0HDBHsKtAKVi_pOTbnFOFi76kWUR2dOI_vjyHpVi71hMn3KtEzIoOAa1X-_fMOhK3U6jo", http_request_error; e_fb_configversion="AcLOSiz2zaN2KG3s7A1LOXE3lz8gA8UFC9miu1JYPouor1uZMRFScv53TkmjhQ"; e_clientaddr="AcIm8d1fgo5u7DaDA8_Euk3nzf347f_dQ21a7Usj-5S5TZ4UMXnDNMhTmD54UwZlgzlvF0NFUfRxWYNl"; e_fb_vipport="AcIEQ1qxWnY0klQMku1xkTQln2ep1j8A_o_aGdtDvxt4CM8LqLXBZz62Xulj"; e_fb_requestsequencenumber="AcIoou18Fc8KwDXAcgDKt1D-DtFR6yWKImmCXphrK6mPblcJSIZnzdLTUg"; e_fb_responsebytes="AcJ6WFH8-i6tDA4EB0cXKgB2g8QOZrNeCfxg-FKXxxpw5QCOE8FCacEFM60"; e_fb_hostheader="AcJ1eDWHrgFzMChS1yinw3BPtXPcnG1XneEDoBcmL0YUhpXE-6cby340e44AlgSRpHEMATbMS8WaUaJiWPHdyPEIkUFCgA"; e_fb_vipaddr="AcJz9rKhyFSyZ-g94xBzFmWvP85RJi2hbE0wu8OOS3FFe0iI8X_LeeZT36sO6AhHGLklGwk"; e_fb_requesthandler="AcINlrdxlVSlQkG78d_UdfCrRiGpORKmcwb4RsrZ0mtWGF9m0vtTxPbsWup_qy48xI8JeNJNKVHVSDoE"; e_fb_requesttime="AcLS5DKmTgcessHt3TNCE_3G4vr5s3sF6s_ErUV7fSb8GoS7vl9FqtYYm5J6K3uaiqBxgXZTQg"; e_fb_builduser="AcKRJjmt3W7f210Bfvya1fCxSsKfe_XMgoweRs-7iReoPNy-gsoa0WogS0ZOSj2jkg4"; e_fb_httpversion="AcJnadfJAyqHVqB5MrbP7tuV4kKnHjcv57hkveRCq8ORw6y3MrumNHAnmGwe"; e_fb_binaryversion="AcL0mbqno4uy27FuoUGeYLHfiqulzDbTBosQvYFNYEtvifblCbKPZxtg87yz-TyicrgSlLCnLeUeLNcrjeU_2jI9eTbuaYx7gMo"; e_proxy="AcKBeIDOPNXQPFeWamP3STsUAOB7mkS_giyPqN5HIflcyWIozDBJ5zNRVk7_eZPAn38wk5XWS2RLgDI"
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=23, mss=1232, tbw=4284, tp=10, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
584011CD0341730BB543E974D7A0A0BA
priority
u=3,i
424780990_886919713441967_3386935867981604832_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/424780990_886919713441967_3386935867981604832_n.jpg?stp=dst-jpg_p720x720&_nc_cat=101&ccb=1-7&_nc_sid=3635dc&_nc_ohc=OyaQQxbcXogAX-BQt-B&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfAIXMcx6P9EaaO6JsLZdNOf7CuBHTex8DhjqdCbiI5KLg&oe=65DA9689
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcJ4QV8-lXW9nUTU_8IO7_yJ5RpDMtRgyUdcgIyJJMotvI0BpkbE43PdvXGNag"; e_clientaddr="AcLEBQeHyV5EcJrhGepz0fuNL87yp7pKocFvQgX9W-dJBRA8fx8hPGTVO8NrKjPpyjK9SbZOczmseGzY"; e_fb_vipport="AcJL1xJFjHsvH8AIDkqKHuOOGTqwvpbOptPhDPkuzsmIFAslN4Yp5k9pwirT"; e_fb_requestsequencenumber="AcIm3ZAP4sUdwhZLl2ZP8IfICAd3CgMh1ExCoikYAQrWvtY-tdRj4w7-TA"; e_fb_hostheader="AcIN1JeJUSNgh-DjQeF0oAUvfPoZUIcrOclI6rnLJzMo708ZMa2B_yPlr_mDq-4Zo_SfUnRyDQJbyEuKyZmFGlu_61ywIQ"; e_fb_vipaddr="AcJ0w4B1o-sWPsJeFnUMiPBgIcFGijWQhx4KcwdP70iQs4hpqW0fQT49edjaIJuFP7286So"; e_fb_requesthandler="AcLnaPN1bX8obPNjVNlGqrl69v4GBtP7YTkZZfjqFh_aQw_qDF4P7MTVAa--SrnmIPtRxLLS5_sc241T"; e_fb_requesttime="AcKJMYD94PGluD7OQtkb1GzpkY5QQzmEFuknH0tSOBtTCmGtNkbU2EO-_a2E2eFrllwh2gCaFQ"; e_fb_builduser="AcLSXUTNd5CMUa0te1vNyPQNrUIsBppFYDLO7sg5-r55uoMKARIcROewLRRtmKTLaTE"; e_fb_httpversion="AcKrnYpRmsR5QCny3g5khjxYrMxoJ11KfCLoGPEjLPtH3Qs9Lsc5ElgRLeaj"; e_fb_binaryversion="AcJsU8u9zNS17tSYSsYIc9wb91pIyyI-nBqgcW3ESLQjeAnJd7wjX8u5KcPvwV_xGqK1J2JSLwpXzx-BGX7PRbbvxvs__R6afds"; e_proxy="AcJcz3e5xVrZIaQir7bN_X77VyRT7QiMcumgQHNVmYN3AB1BijvisiFwaFzeWgAEjPEUwmp6os-QU-g", http_request_error; e_fb_configversion="AcJ35uxLLVeQaIfE6AS_UD1-VQJ-HxufMCZ6TSC8V1RQ-LCzZN3GdN9dY-DJPg"; e_clientaddr="AcL8xLlCmxnBzl_GKoFpcbFSDua_eF3Y9X8-XoV8DRWudOcWbOtgrD7Pxu30QaAvB1PBvGbX_Uy_gPRq"; e_fb_vipport="AcKO05ZN57SGhj_F26nBywFpLZd-ATOyvQ5aBec_ddhAmCugeZejL0mINeBF"; e_fb_requestsequencenumber="AcJSGd1hsbKljjfkAaO1jbzXUZA6K9h6iQCPcPbXiMYmYM9OVwSjZksiMw"; e_fb_responsebytes="AcIa8at1pelAXbhaurheIJZHMVBnZx7eGSq2Sak38VtOkGtpymij_qVPLjo"; e_fb_hostheader="AcK5-ZI0dFGc0CKa34dEa40sBfuywzshtHEOTIybYDIRt-KgoTWTOP3BgQTE4H_KJAW5DfB9wOqTz5RXd7Ql4eTEsUQJdw"; e_fb_vipaddr="AcIIYJVNDMWYsrVaQpfAleP_B2WSRnRYCXmgEuqoTyDM4k_l8qkJHQUpIDTyGHan_j-crU8"; e_fb_requesthandler="AcIOx69U6DGUiQGdd0sa92KJ3D72ah1jim7xO_V6Em9-ZF1hF0cB2SXkC3uiTtKizTTE_gGAoemI9ER_"; e_fb_requesttime="AcJioFmwIPyR2UpFoJS2JPsg6kvFzd4LuO1BjFOejTeIVGTzj_nDuWn3HiEK8ghxoAGAezBx9w"; e_fb_builduser="AcLfCj6sHcrUzT9vVDmEpzFhNld2lG_iu37TIQ4BWhYTtql35PSW0OijBMFcxjAksgM"; e_fb_httpversion="AcKn0kHiH_41cl0yZR76aYGVNuDuJWzW7YmYqqZNjmVq6SIuuW_lzZeFfs4i"; e_fb_binaryversion="AcKsR9yLSHRzs7bd0Fguyjeqp7ATozI8YS621dFi51A2TE7JJfqz0m94BMxiN_OqD-uPEDskke4VlNsRojwgqtlKLAU1Lim3D4U"; e_proxy="AcJDUAWYaTABIf_06tpAQ0d8bfiK1_90tWJa086zFXhH7cBlkL0BfQGv2E3CQAUgPKUxqXcEI3b6W0E"
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=23, mss=1232, tbw=10796, tp=17, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
584011CD0341730BB543E974D7A0A0BA
priority
u=3,i
421606006_250188548114121_5913765726806387657_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/421606006_250188548114121_5913765726806387657_n.jpg?stp=dst-jpg_p720x720&_nc_cat=100&ccb=1-7&_nc_sid=dd5e9f&_nc_ohc=6GYyPBpVgk4AX8ZPJmi&_nc_ht=scontent-iad3-2.xx&edm=AKIiGfEEAAAA&oh=00_AfDXKFTkuM98G3nQ-phDZK5vO3R5234Sb09EsXKEzez_RA&oe=65DA7277
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcLhbTOh1FJ7p_81X5Fw-KOr5_8-7MWQtXKhzuhQxe5GtY2PeHp4e2HUMbrsRw"; e_clientaddr="AcKYoDD-JUx-yFa4tnOeLcBMkCbJIcspejnSsyMqXt_CLD9y5YasZV4pdMP8IhPnDej9aAo_E_vaWX7e"; e_fb_vipport="AcIi_OIPtdtETsyEaXqcQ9hreuxE91YT-R7Av-yvB-aFsFqpFtL4ubay9JTL"; e_fb_requestsequencenumber="AcI7kx1TTe6xIHepDffoU2zvcslsKF0MK1K07AnspM1NNCXOnHL_jCICdg"; e_fb_hostheader="AcKZk7fOvkJblgi4P5FWJ77Vmup54ZCbuxW1ZjqZExPK3l0CLSQ3ZbRDWtnlchg8H1EITf6QHFB3-Q7tHmBayjV-cjseZg"; e_fb_vipaddr="AcL3H5tiPAQtVxp5hT8uDPPkhIZdAQIQEMBDAFo91iX-E4cBAdCsq61sOQJayYTDPMgogqdGdA"; e_fb_requesthandler="AcLlz1hYyjMF8fDlHlx4ArAYv-jC_jnqfyeRjF60nwz2_vigpxSuAGTcBJODldTWiHXflqcVSJA5mKzy"; e_fb_requesttime="AcIuVcmqcU5hAuMGNyz-q2Qxnd-EPhrAIeRi6QVZLWrOsbSVKLi0QMF_LdG8w38tUH-0F7BhrQ"; e_fb_builduser="AcJH_gHs5hOTet2mGGAsq_k4SLa91LGTCspajItnbKA2N5RLHFP08l0C4kXM4eEmj84"; e_fb_httpversion="AcITU7X4KvDBHDB4x608rLOXbJYdxcYFBzxZKKqpgZPz6BtxR25ZEKD1zIF_"; e_fb_binaryversion="AcK6u-gMjPzHDSf7_X0MVRdG3HqnAXEq0M8qwU3YpDYLmXvuYDD2Rfi58Z4cT74xu4V-AxpKt1K9SyNeUn4a8ZFZ6RNz0WmEYDY"; e_proxy="AcKoohpZd5OFeZxYm-gRsAYrD_NmDh8WjFOY8tBmok0jOzHbxVNieaWlXsd78MU8mNXHQhMICovYg3g", http_request_error; e_fb_configversion="AcIdy7F2ZV7JPy-W22U9qorF18jmUSDgpPi4yZeR5YqHGxTDd2B5-rITHmSvYg"; e_clientaddr="AcIqOkKOCpyJ14EY65tPuvTMg7kiKIoI4T-bVWtNMZr8PhDUWyUtZuyK8P2PAuoRVOr01z9feMOzYzAJ"; e_fb_vipport="AcKFWzNFFLqazZ9Xk1Mnkfu7MQQqLcvfiBx8PB9yLkLKUaHRkIIckWDO-ExR"; e_fb_requestsequencenumber="AcLmFeFv7nT-g5bpTTThqfswik-Hz_ePyQaDj-ElGx-lU5oWAEkIONoEPg"; e_fb_responsebytes="AcLt5SYTgjofH7UmyGlFOE0ZG-QMJ4RVueEipvjoy-5iC-MVNHcSo9fegXE"; e_fb_hostheader="AcK_bHTEJW2ygUseYRNwmpC04T9nPuGyfr3menlLI4YfZAPeGVvgQKJkBVR_nJZ9xg-iH_Ntbao21zqVjM_vRGADc42DuA"; e_fb_vipaddr="AcKMpoQ0v1M8mpJSGba71yE7a5UUbapbsESM9quDrN61xSJ_OQGDj04cV2wJqLQ5hS2Br9Stgw"; e_fb_requesthandler="AcK8FoTHrL9_AJPS4NcKga-AcdsS8DJ6J0YjvoBold1dA0xZmGeN3DJF6TpScY5KXWmQXxyS-hDAJs9z"; e_fb_requesttime="AcK00pZ_XSGZ87YznKnNmegZganciBQ4KLDX-lmK6uBcqIYfNJV2nhoCnxP3Lw0-Rsx0pil28w"; e_fb_builduser="AcI8uaDe1Ud_nz9bZyXVC2txlVp5xVrunf5DGnj3nsuf-TVjyA7O15FhYu1QFB3YLXw"; e_fb_httpversion="AcIjwSNbHsWhshyLgd_nxU9WK4TEBd_xbYIU-rSMGImMmC2Z7cq7ZzV7hvI2"; e_fb_binaryversion="AcIJesy-BG1yUn95vpNwi3ffqhJ0N7fjAAlQCJQeuoUYcZ-Ceznxn5Z7k451nRYgwqtrg_nhqLMohJAYNd772D8xB4jc1IfwWbY"; e_proxy="AcL1B11xaAv1DonIr-dlut-gp2qrwvCf3vgTvGvH3Hz9GsvWIZK8xNoAGyjrx2vQ5hwScDJ3ydLCr0U"
x-fb-connection-quality
GOOD; q=0.7, rtt=80, rtx=0, c=23, mss=1232, tbw=6464, tp=12, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
7D49F02658DB8ACF3AF5F975D3154AA6
priority
u=3,i
422942603_122127616040093766_507236564315241413_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/422942603_122127616040093766_507236564315241413_n.jpg?stp=dst-jpg_p720x720&_nc_cat=107&ccb=1-7&_nc_sid=3635dc&_nc_ohc=WzMxWnt0rNcAX8SujuG&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfCJzs7sgH8NwsLPbvIuu1OujQmfbTupYeaVGAxTYzE2GA&oe=65DB297D
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcLByWik9vyf1xvh-AwyCu6t32VQQ0dDg3miO5zufvRirn74cPY3JEqsVM3WKg"; e_clientaddr="AcIIKzyvzt-id3mhgIWti81FQeapy7tKART8N4gynajn4sNZgIaU4_7naz8-v7BKFO54CnoAH_HRbweq"; e_fb_vipport="AcKnqMq1-ZOV4xbQria8aKYLheFsLywgaa6iS1cLox6PoQnK415LoEWG8dMs"; e_fb_requestsequencenumber="AcLSWjhPjwP-QeARHxTyT5z9S3RWidXoGClpqWJvHkdRPSzwWKjNLFEHoA"; e_fb_hostheader="AcK7CC4hxOx5FdjqgYRHBvD1vnwowpuw-y6iu0wlApfSHCjYyrTcAqjTwc4xSkDS-gl_g57sSbZRI4EJ5T6s-8b9mY0Oww"; e_fb_vipaddr="AcJOhDemku3nDJi7372a1us-JXHzSRyE007FguV0U3Uao1cbPL9E9SBQ5I4UxCXWbhZ4q0w"; e_fb_requesthandler="AcJbtEV1JAn3W0M14fwBPQBM6tSJ98RuCkTGHzsrop2h8hiFhoDGo4Q3onvygpjPBeYxJ0nZX7Yr6QLK"; e_fb_requesttime="AcL-9aZvnQg_cN5gVgjfdljGt7eKbSAJKjrpnCZkF4QB5SbnCzUezdjyoe7mGbflPqsfGtTudA"; e_fb_builduser="AcKAe1s3LLbpWoQ9q6l0XQ7pjzrT7QjnxZ9ds4eMWnf8U1NAL-4x8NggDqTYLdSaqKQ"; e_fb_httpversion="AcIK7vX07jJeX9V-ruDQnOL6xFvleZXls4VH44l0nh76TS0cT4nUiLINcfZI"; e_fb_binaryversion="AcLsl3UgNEG_7CgDkqUDxlMAbXdvtfjQH5VKvOzlQMPFgZRb-qsO1D12B7IbVCDOnW_uI68QSlM6RiT83T1AG9tu4QiWPMCSV1o"; e_proxy="AcJiB7s1-xnbR68phTBC34B2cNxrsIiRrdp9OU3udz0y_BMjYjRsNp4VcOumsi4I36xSFE6JEbpS_Vc", http_request_error; e_fb_configversion="AcJQtgJl69pQ9HFSHbAd4yWJ41otxcts6niOHpgEprbKCWV7GmGq-Twrk__AqA"; e_clientaddr="AcLNeYuoQBk-_M_8UWr_kkayJYKBUpCFy8NFNbwQcQr0dnqjQjtNa7eLc0cGG7WQNjmfDwUiqo2fHG81"; e_fb_vipport="AcJJQOvUnapEZOAZZU3sihhrnQESdgwfzdym1rll2RZjhxxQ4kDTCTUeTfn6"; e_fb_requestsequencenumber="AcJ-MUvF9OBmcsLuQxLJDzehuM4Lk9k6hQtmuDPmIQC4vA9zNHfC1izf3w"; e_fb_responsebytes="AcIKtCRpk6a22vHe1OFDUP6oOgUaY5U4Lz9ugtldVPMwrptMn4ihSp6EDUc"; e_fb_hostheader="AcLxNcUY6p0RXblrwlkWu-qQcrJB8iw5gre5AR-ElkLQLCUHiWF-gFrp3k2KRm75_ng4IlshT0udYHjOs0SA0TToQL4gqw"; e_fb_vipaddr="AcKm4UoVIcGkkbqxt8jRKKyTTnEMlXoRl2nWFDOZgsEfMqewqK27GyWs2YC5vboeuBHJm1w"; e_fb_requesthandler="AcJacp_08FdCptvvlty2q9rXCPXR-mGNT2wgxStfFsZowdhU0okxkuwnp-TzPVu54DdnSefpyIcdbghu"; e_fb_requesttime="AcJQ1w7Yl7IYnhqjdmksy1iAEpuLsYijnawXS9B5GsoFGTZQ4EoVwcZiaq9DRdSEpZkGjcShiw"; e_fb_builduser="AcJZmh48yFShx_G9x3GW87DIGkAARLe7KQng3N_ebw4v74hs0sq7fUzb8gTF7cL3Jo8"; e_fb_httpversion="AcIFKUbW39RdqWGqQNDKd4ZTC7-4Iy0yaF6zX053YuC38Mf5prrJP6swV9Fc"; e_fb_binaryversion="AcLrXhQC4QM3Y2q2569CcT_Il0aMHqxch1OTwYb7eTorcoBRNm_HOL3aKFY72x1uWBtb9t8YiD38IUFPkXBThH0p558PKPUhBWE"; e_proxy="AcJnm6C2GmaK1P9WN6MTRfRdsupR80F-2LaGru4AQ1MHAEo2pls93VLgtYGR2Omc9hjJ8TRRJsjPqTI"
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=23, mss=1232, tbw=6460, tp=12, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
584011CD0341730BB543E974D7A0A0BA
priority
u=3,i
3582157997098421438
external-iad3-2.xx.fbcdn.net/emg1/v/t13/
21 B
21 B
Image
General
Full URL
https://external-iad3-2.xx.fbcdn.net/emg1/v/t13/3582157997098421438?url=https%3A%2F%2Fwoobox.com%2Foffers%2Fshareimage%2F7hrzri%2F00e375ae42dff42a07587299f5776af3.jpg&fb_obo=1&utld=woobox.com&ccb=13-1&stp=dst-emg0_q75&ur=50234c&_nc_sid=64c8fc&oh=06_AbEl-4d3gcXTw_lZqgQzln9j-bqLuk5_QJsEnMF6WxKwkA&oe=65D76DD6
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcLB-HMfbTRL9qFS9049W5a6_Ih9luoscWn3AR08jMXEA1yeOd2r9O46BuJp4Q"; e_clientaddr="AcIpS1YGVLjVrAMD5R5NhV7kh75iAakrABa5PUhPVRzNO-w9NRlG0YG_gmKjfsa0NN2z4YXUJnYaXUmr"; e_fb_vipport="AcIXHFwOu3hE6EIVvPcf7socl04PJx8mJ4dJU6KY2h5pilaoFbzqmBQT6r0Z"; e_fb_requestsequencenumber="AcIuZh_cxMbbeAxwhN3FtGBrKs5CnwsG6IvDx1rPil8ynQI_AJQJDmnl4w"; e_fb_hostheader="AcJz0TmZC9hoi8lMvBVLXnCFEHK1LffeYXmcXotrJGKxA9JKrmsBopShgneQ4Qi0NnwSKf8J5FnoR02rbWwfQFHehfdkgA"; e_fb_vipaddr="AcL8jnDby6C8nixRMP_38bYrkVSDoBmSKUqiYvWjA6S2MZu68hbjaSbfJvoGVGx4sUr_MwrBiQ"; e_fb_requesthandler="AcJ29cqm1XrnB-V7ZMecfqdau51X50-nQtkTSXs_FWYTBZW-7biHeN4Avj8WJ74"; e_fb_requesttime="AcJ-78xVlTzIKBNNcf730S6YDwhlxJTxA4bPTohbFMwlgDAlsljOpLQcCdqYZ-yaSbTszdOQzQ"; e_fb_builduser="AcLm7Hs5gdkXLaiogUZudnxT5OQaYkwDJTGVeSKP614ZMy52xrlREP26JEIauVK1nUw"; e_fb_httpversion="AcKGggyieDMn5dQBght1AbBJ6a6Ib6GQkRrjD_AiXN0iiFgtE7rwBUWhvcO0"; e_fb_binaryversion="AcJbAiYm4IiS0Cbp2B3XmLygA3uCeG4uAmZNYqYH1sbIctM2dsPai20aVOEt2KaCdMWNu-7RGc67YcaMryGS5DtZbmWPKuFqxpY"; e_proxy="AcI4DAArSOl63HVP-F78z8eY4zMJebyYsSl9Dz--tsY0xjwD1qLqpmLtyy7sa9-zRDobW419M8dDUPw", http_request_error; e_fb_configversion="AcK7hoFxgdYEilecinfXo4q0COOV7brZnFEGxRJ6_fKeNbmZBXDCiJVaVhpUtQ"; e_clientaddr="AcIiHYUJ8feoczYlaXUl16FeRd679JkoVzQL-28DGos283fnNFaAUZ48qnOJHhSgYuQMfMaXtNwZT7oD"; e_fb_vipport="AcKFBeg9Wc6EQL5ncySpHDa7EdUe8nhTo4qyM5VrbyWnEBp0zVsoY6ioTFZk"; e_fb_requestsequencenumber="AcIZkhdXW5SjB3wybcCTd26cNu91eUc6j3Pwn8irzi2d1JmUrDUuooQjNA"; e_fb_responsebytes="AcJRcocIWq3Ovs221vpT8aZmNZc5S2et7cMabP3ahBj-6lJScM4DO212aPo"; e_fb_hostheader="AcILUi2ZXkzy3YarIDqvIn67mw5Us444iNNBiNmv67LMMTLjswkEZcpjVGMrvN2us1VSRUtxx4_72zthebTIwP9kP9Q9DQ"; e_fb_vipaddr="AcKwGplWVaq-wqippdPm7rnhyMpPuCbWj61qZPvg9G1IzjGNzehh6x_3ILziV6ICPo_ttq8s_Q"; e_fb_requesthandler="AcI9Qb3jFRuGg4CTXYXsSX5B7U3O0shhNbsna0DfCbkZvtOndQK8aPkyQ_YEKYs"; e_fb_requesttime="AcIO6Zuu-VDFgD02Qm49IZjsnaqV_CjbCvinong9L9e3NMLSenjWdtQPIDjCrwxvmeiJG3Wn1A"; e_fb_builduser="AcI6G1NWelp31KxluWFzJaXdA-Aa2XbwLVS6emhKfLJzpw7su3S6XKE_7hBwnk65BB4"; e_fb_httpversion="AcKx77N8Z_6UvaMZcM66F9NqBPk8Ettp0YU5_9YubK6-S8echirTi6KHTpjE"; e_fb_binaryversion="AcLnwgeRYRGUIKLKWb3Rl2MEIhbwrMBFSnyuwTvK9Z2iPZ6hW-2WbPc2XmTjdZRytcOe_JKyfSxM6-weQB5TYtxGujGgVN3LmzI"; e_proxy="AcJM048CS0gtY-p6dq4cBGrpGnXEUEoutQh6sal3yiNBMIChtIiqCh82W_P_eF6cGYc4ucN3HF6yZnY"
x-fb-connection-quality
GOOD; q=0.7, rtt=80, rtx=0, c=23, mss=1232, tbw=10960, tp=19, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
408644812_221042394362070_94899557458088910_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/408644812_221042394362070_94899557458088910_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=3635dc&_nc_ohc=uolfzYzh6dYAX8jh-h9&_nc_ht=scontent-iad3-2.xx&edm=AKIiGfEEAAAA&oh=00_AfCg5xVMZ8nBzpadSwrsvvcYpCtuFi3R83Ajh0U12qoxPw&oe=65DAF39E
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcLY4eDPplzlzSIy_3TktXnIWOfR6DqcrYFPI9lytTvOz6A_k1jQiYmA4YuVUA"; e_clientaddr="AcI2J34u_hYFuHi-34MaRudQhAPQlfn1Zna0VzstbAy6v7Im-ljfAgafg-5ZtMMc5TutIMWoPITP_DtC"; e_fb_vipport="AcIkOcmnU8phLB5THvMo0HZuWfbsBxueR5psS7R1CxOo1ABqLmFzF1RQE5A2"; e_fb_requestsequencenumber="AcLacOg9Zi3u7ChnQKrrxegW37TSYDH-1MfdE6PWMgnSHqBV8racycduQw"; e_fb_hostheader="AcJJNRoSZZhMUOI6FNpqyTtucKk9JzJAXJeC73esBB-chOiokI0gA7j-tKsVh9VkjEsWTxv4NwYpixM4U6768nPYdP2yww"; e_fb_vipaddr="AcItFJgyMq-Hqln9OcKmuA7soN8-G_C4xodIgsW6OZdftcc6s9V9H981pvHwAPLuq28Ls-QcOQ"; e_fb_requesthandler="AcLfAA3-TaoR14ZBG0vzHCkph-UxYR4LjTA4qd-JRVGwLiYANeNs5LfZce1JIimeuMffefmBm0X5I-KP"; e_fb_requesttime="AcIdsq4EnDwmjKyzsaWtu2cx_eDzxO9GeCtvrpQjlBpmEhF6sMd3VdUWD77JzsW7MLigfNtYCw"; e_fb_builduser="AcJdXhHvPPfXC7yTjLjYyqzaYnfj-jjOVTIPZ114axOrqyBqLMhKuPDtc0C7hD_SxEc"; e_fb_httpversion="AcIvI1ZuezS6qjjCnDEMFw-I0rlZN0H-wOYtJ53BqIgHshWukxXbvBlEfyhd"; e_fb_binaryversion="AcJ1PSwgPuMu2PGFyjgEZSTJsz8ZfGdowxmAzT6Rc9aoz1JGj-qYo54iav_Ns7nRJ25sGJzZl-BN3JCnzADTXF92kQ_5Zujg6CE"; e_proxy="AcIlgznAX7Sky-v1fQxjUdmBEDFy_XI1M1B_VfmwYX_BpucTshwmTr14LWIa3MprnupthngSEnAzOqE", http_request_error; e_fb_configversion="AcIUxo8ZFSLwhEcshnYCyOOwsWD4TmrW7gUDa-bjGO5FD9Y3CGqDRDxPw4nFMQ"; e_clientaddr="AcLI22ctbwPov7cHogfNvaPMPL4kZrmwKxpUQFiO8GhQorkjsKFPonPwL3nhhdtUhHFli3YRMGVV4n6q"; e_fb_vipport="AcLrs9dZyMcw5Rk4g83xTHhmAMnDN57_I3mCuyXkSuyWlaavOUr4YyXEOHp7"; e_fb_requestsequencenumber="AcJsVrx89M4moU7Ng5QrTcjoYtu9x1iBXF-65MD7GJp4UToe3oDqVBBveg"; e_fb_responsebytes="AcLtFvR0A5mx0mo2jERQzNVaHnNjjl93cD7UI9dx1J3Usys_gTdPWjJsA_g"; e_fb_hostheader="AcLhSAkgYrIk39TKtrL2QbroE5_EWnCZ7F8dgUvYVveNRUGyi9ukluSuDq66ab6aMAsvVN4IQTAC6aX_cvmDT5glOugzpw"; e_fb_vipaddr="AcJ5f2MbDxkRkyK9aB5W9ZZgGdAhiHYthJFITIGE3AVhxaPi0J0AZj60jEYN9othj213ZuDPEQ"; e_fb_requesthandler="AcKAtg7qyuKosjsgcyVfNELHnHxzK7gWEr5bkjxVoSVNWarxGoOJP0rhSBvJm83hc6oDYioSsvRLE_le"; e_fb_requesttime="AcLFctSmuwknWa8OPfLzJlA_nSeyWDiWAdprpKTtiYq_UhFxEvwoUVzynDr6Km7G2AYpLMYOdA"; e_fb_builduser="AcLSg64CI6NlnW82jXoIwnTH_vl-MUDXVgo2ydxhq9TwI7HFsMWXX5eg0kWxnLwtUgE"; e_fb_httpversion="AcKmdql1MH9FYvxOMvmXr8O5omv_K12eiEUa8gwTQ-fARK2U1Yz2Zh_jd8ap"; e_fb_binaryversion="AcLw24bQM7z_pPy1jfLNrxqAfRzijay3mBOd7KjTTA5wSN7c-hdruYX26R-bzAHHqqG0xH8Th-R_YGHQ5EReL6eKfRHvD3dtogs"; e_proxy="AcLa7LRPpddC4-N7Yebd8o-qsOnt5gUvQ5w5bAW9fhGdeXhyfaKQWS6Rat43FeiKEWFo-VFmacNn8E4"
x-fb-connection-quality
GOOD; q=0.7, rtt=80, rtx=0, c=23, mss=1232, tbw=4288, tp=10, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
7D49F02658DB8ACF3AF5F975D3154AA6
priority
u=3,i
408695760_749061920595607_3073614609730643708_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/408695760_749061920595607_3073614609730643708_n.jpg?stp=cp1_dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=7i-TwJoiMa8AX94aAVN&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfClz6sTYdKkp75Ttov9royPwp_gpeYo-HqV91qpZrJZvg&oe=65D9C363
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

proxy-status
http_request_error; e_fb_configversion="AcJCS0LJZLPUmkSlrVkkXWjHiTG50tYOBw09MpMjI9VbMx8jK14HzuN4khUw9w"; e_clientaddr="AcKLalMB4ITlwnE6SbV37QwNmPZF7sXsbhXH-zbsKxbdlByQf7e0IV4OZ4GxzzWNX9YNorK97Zwepkg_"; e_fb_vipport="AcKY3BuCSGUte5qKvB0PuWL0b6rislZZRdrsVg2zWVI-vHeV_aT2i1ecE-g9"; e_fb_requestsequencenumber="AcJpXz9Zc6FtBqDLGfsGZ0QI0rHl7030bNtkfFgvntADoi78rPh-C0SXiA"; e_fb_hostheader="AcJ4Yehg8bQWS_HyklD-mGGtJlha2-SSSKabAwX0IUhLpdiGu7o5xA70lDP0VLGPYA0dfJtQBtor-I7LWKwz0qxa-GgRBw"; e_fb_vipaddr="AcLSrG4zpb3Z8ubm6FmYr3hyldMle4XvPSOwd0IOBpA3pOJ0rR___QNXsnFAikBvomnt1RE"; e_fb_requesthandler="AcLzumlEIF0sDLEqWG4Puw34MKvOuXS3EWFojEvlJoDQnVIfmCwFAOTDZU8Bz9AVK3A88QOB8QrVCVvH"; e_fb_requesttime="AcJTXQlnI4n6EjEOT8WyBNV1P6WAcfs6966hgcUnSKKp75padUJDINJhMG_Lo1m8g6a1GDXlpA"; e_fb_builduser="AcKf538r4Fuy5NeF7XqaVqyjvwJ_4onkFD_4sCdhCaFzj3HH-xQ3gO61eqMICDnlPkg"; e_fb_httpversion="AcIuwBwgIphhRgW9U5rJTQLKEHt67vOPeTuwcbOXreda8sopIzzOhu8aeBUX"; e_fb_binaryversion="AcKaeFXc--d18CdWfLOesaYxtGNbG_a37jKAqcWDPkSsjyhqMSzM2N7_DsE2oJH8xhaUDaZnTdM_XtOrLdbtEzG08yb-2GSO3Sc"; e_proxy="AcJwMiHCTgJGgDqZuQciAfIGKkpQxFlAbH5wysTuPVfcG-dhhpz05qPiQbHPbVX2_Huc0X3Yg6W0W3k", http_request_error; e_fb_configversion="AcKir-07It_Z4Zo8RMATYaXcjoY_Ngs4p-3-GyNcn4-UgSYkV99iX7JxEy_IyQ"; e_clientaddr="AcKxR8RPt3a14YZIczsAwcjvzwuWtVW8rFK0o93Mc8HZIjjrHs3c_gQANB3rGqfNEilvjGUs2EG1er2k"; e_fb_vipport="AcLiIF91q9PcdNByfkkUSeFL4c7ISBHEaapi4n26Ar7u_g2R0vYbeH_BgFoY"; e_fb_requestsequencenumber="AcImu9nPzB6liZMa6X4G98DEev8uue9o76s7eFobTDbmn2nN1oNvENGnpg"; e_fb_responsebytes="AcIn3mL-o4rmDcwpL7IUjLBOG5B4BHE_yjCIsJKOX_5CsaDh607ostrjJYw"; e_fb_hostheader="AcKpEB0TWDLIAemIKiyXvMwqVRWZG0O1WhavdSTLuNw2ZjvLJf0oCHJmBlWZC9c38BOc2nGvU8GDxwHufreozXccnNYFDQ"; e_fb_vipaddr="AcLbfrG7ydVd3AdVv8lSaF8ZyXv69ns8ju1wTilxwVGhlLuvAhk4h33h_0PJVZ72duCYiM0"; e_fb_requesthandler="AcK1qtcElw1wKyLVY87pjJFKwTAPce2cUJCYmwRoyoXvd7y1kRL9QIMHzYOnMb5C4KTqMKfuf4-QwobW"; e_fb_requesttime="AcKxCRQEJFz34AFynQtvhwD1jJ8Qd0VEwcS1iM8tH3uC6dYVNTk7yi4HanIbYv-KdRVaRDci9w"; e_fb_builduser="AcJieMzo3hJXLynT70nlgEE0fe6aAGKTkxM10VYYxM5WJtrFDaJV_xp-R2o4KwK_4OU"; e_fb_httpversion="AcKig1d6h6CZnX7OzZ0W7BFzwJDfgUU_V7ZfD5bwdOFacrQBayxWTRc-eJVS"; e_fb_binaryversion="AcJff-e_q0QR9aD9QuCmuo2pef3eUZRaGg7y-CriaHOY7x1aSyy0u5Q9ZYEmnJGuzAH_xVz1AjUdU1TgvUVpG529CZltVr_AW_Y"; e_proxy="AcI0Cj9TOYT-Djays3KA16_JokoaMhfIEOdAUZPn2lsqgrEnXWzPUxn9822rRx9mJYRTOjIrSXswOzw"
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=23, mss=1232, tbw=8508, tp=14, tpl=0, uplat=0, ullat=-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
text/plain
server
proxygen-bolt
x-fb-ptm-uuid
584011CD0341730BB543E974D7A0A0BA
priority
u=3,i
279358776_314382794144086_305919506196826529_n.jpg
scontent-dfw5-2.xx.fbcdn.net/v/t39.30808-1/
Redirect Chain
  • https://graph.facebook.com/107364297539549/picture
  • https://scontent-dfw5-2.xx.fbcdn.net/v/t39.30808-1/279358776_314382794144086_305919506196826529_n.jpg?stp=c256.0.1536.1536a_cp0_dst-jpg_s50x50&_nc_cat=107&ccb=1-7&_nc_sid=6738e8&_nc_ohc=jiGDDlKLmAk...
2 KB
2 KB
Image
General
Full URL
https://scontent-dfw5-2.xx.fbcdn.net/v/t39.30808-1/279358776_314382794144086_305919506196826529_n.jpg?stp=c256.0.1536.1536a_cp0_dst-jpg_s50x50&_nc_cat=107&ccb=1-7&_nc_sid=6738e8&_nc_ohc=jiGDDlKLmAkQ7kNvgHL0nYg&_nc_zt=24&_nc_ht=scontent-dfw5-2.xx&edm=AOf6bZoEAAAA&_nc_gid=AGQ3V3fS_KB2B2MluruZVLT&oh=00_AYB3jADs6sQdFpL7gQk8AL4jABDjXVf70jq8OM-QORYCVw&oe=6745C5CE
Requested by
Host: valleyinmotion.posturestage.com
URL: https://valleyinmotion.posturestage.com/
Protocol
H2
Server
31.13.93.26 Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-dfw5.fbcdn.net
Software
/
Resource Hash
17d219fcad16f66ba11ed1e64e6ce61e3a1a76e6674ea05022e8cdaa5752d97b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

cache-control
max-age=1209600, no-transform
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=12, mss=1380, tbw=2915, tp=-1, tpl=-1, uplat=4, ullat=0
cross-origin-resource-policy
cross-origin
content-digest
adler32=396248745
access-control-allow-origin
*
x-needle-checksum
1435654162
content-length
1683
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 02:00:58 GMT
accept-ranges
bytes
last-modified
Wed, 27 Apr 2022 14:15:38 GMT
content-type
image/jpeg
x-fb-edge-debug
D1_k-tXqET5uVuGSQw1BBvEgM1NApArD0DTeGhxK-68PE3dzBrFq_VwRf9HCfEZAACQxgrheyICRhl2RXBeYab8shA_gxrqePaZsYuZHyNU
x-additional-error-detail

Redirect headers

x-fb-trace-id
FELUiY3g2yU
facebook-api-version
v16.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 02:00:58 GMT
content-type
image/jpeg
x-fb-debug
Rz06TEeVnpZMHGdkpk4spsqvhrUft/LEINV0KDQmKJiYJFme0hyqT0nv1QVvGSJ6jJ20vUU13U9uE6LTOHrJdw==
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-fb-rev
1018406759
cache-control
private, no-cache, no-store, must-revalidate
location
https://scontent-dfw5-2.xx.fbcdn.net/v/t39.30808-1/279358776_314382794144086_305919506196826529_n.jpg?stp=c256.0.1536.1536a_cp0_dst-jpg_s50x50&_nc_cat=107&ccb=1-7&_nc_sid=6738e8&_nc_ohc=jiGDDlKLmAkQ7kNvgHL0nYg&_nc_zt=24&_nc_ht=scontent-dfw5-2.xx&edm=AOf6bZoEAAAA&_nc_gid=AGQ3V3fS_KB2B2MluruZVLT&oh=00_AYB3jADs6sQdFpL7gQk8AL4jABDjXVf70jq8OM-QORYCVw&oe=6745C5CE
x-fb-connection-quality
GOOD; q=0.7, rtt=78, rtx=0, c=23, mss=1232, tbw=4431, tp=9, tpl=0, uplat=93, ullat=0
pragma
no-cache
x-fb-request-id
AGQ3V3fS_KB2B2MluruZVLT
access-control-allow-origin
*
content-length
0
widget_app_base_1731678445949.js
cdn.userway.org/widgetapp/2024-11-15-13-47-25/
129 KB
40 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
65cdc73c86e3d902c50f0ed241f93d440515390dd48e33e245fae2a3a17f18af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"de1906d04b0b6988f60d448bb93a2a06"
age
279
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
PV-eaJxzC0ai9prxO0pUmAJu17kNSfYNjTAa-74Ndbt1SqOb6yk7Tw==
date
Fri, 22 Nov 2024 02:00:59 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 13:50:03 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec348ecb85c1dbe53f67e2336434
x-77-nzt
EgwBT3/OzgH3xJIIAAwBWbuxDAG3AwAAAA
cache-control
max-age=25920000, public
via
1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
561860
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
bIxS4GTcnP
api.userway.org/api/tunings/
460 B
846 B
XHR
General
Full URL
https://api.userway.org/api/tunings/bIxS4GTcnP
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.238.232.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-232-77.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
df7d07417f85e38f7dfe82dcd17d4a33779f15eb1bfcb9d436fa38ff8e7a0bb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usr110b7056ca974ee
etag
W/"1cc-+qiRX5m4VwsHFsn3ULl6u6Uejbo"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
460
date
Fri, 22 Nov 2024 02:01:00 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
en-US.json
cdn.userway.org/widgetapp/2024-11-15-13-47-25/locales/
607 B
943 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"971644f50e2020e1ff22e37edcad46f6"
age
281
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
wr2YSqL7ptByyqXnFQ8jNUtr-1sAHuYPnkpK-SL3i7WrQaF9PE6Vlg==
date
Fri, 22 Nov 2024 02:01:00 GMT
content-type
application/json
last-modified
Fri, 15 Nov 2024 13:50:02 GMT
x-77-nzt-ray
8705ec348ecb85c1dce53f67f4c6891b
vary
Accept-Encoding
x-77-nzt
EgwBT3/OzgH3xZIIAAwBuTvfFAG3AAAAAA
cache-control
max-age=25920000, public
via
1.1 3b596e6534b28f6cf60d32fc6bf542dc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
561861
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
favicon-32x32.png
valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/images/favicons/
2 KB
2 KB
Other
General
Full URL
https://valleyinmotion.posturestage.com/wp-content/themes/VIM/dist/assets/images/favicons/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.10.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
staging3.posturedns.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
509082c7f0cceb17ab5b41253c1da7ee9c6e26e6f574472fb7abf0f4610cad0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

ETag
"68f-6251232a890af"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1679
Keep-Alive
timeout=5, max=91
Date
Fri, 22 Nov 2024 02:01:00 GMT
Last-Modified
Tue, 22 Oct 2024 15:12:29 GMT
Content-Type
image/png
Server
Apache/2.4.52 (Ubuntu)
remediation-tool-free.js
cdn.userway.org/remediation/2024-11-15-13-47-25/free/
31 KB
13 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-11-15-13-47-25/free/remediation-tool-free.js?ts=1731678445949
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
17e339a0658da095c4a43f76b0e8c449203e13b603929d28d9b9a32569c69613

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valleyinmotion.posturestage.com
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f7897b42dc30bdc88d7030dda469c2c1"
age
280
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
5TKrKvFjJRFh3Z5wIoKk1mwadyk6YdQ3_423oKkHfR2W8N24t67MsA==
date
Fri, 22 Nov 2024 02:01:00 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 13:50:13 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec348ecb85c1dce53f676dae7c39
x-77-nzt
EgwBT3/OzgH3xJIIAAwBWbuxDAG3AQAAAA
cache-control
max-age=25920000, public
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
561860
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/
30 KB
5 KB
Stylesheet
General
Full URL
https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f2af0550fd876a33ddea966e61b5093b"
age
276
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date
Fri, 22 Nov 2024 02:01:00 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 13:49:27 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec3466a035b7dce53f67a5fd8839
x-77-nzt
EgwBT3/OzgH3xJIIAAwBnJI73wG3BQAAAA
cache-control
max-age=864000, public
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
561860
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
body_bl.svg
cdn.userway.org/widgetapp/images/
4 KB
3 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
de583c448ba7298a3d03f7a08756d0f0f7776a2ac59e2e3720b84fb30fd2919b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"fea90479d6c22e0aa948a8c80f616fa0"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
r70X0mlk0um8DU_Y1TfR32Yvm0GkTgJPeMUEiQDR1jtNT4B93Duveg==
date
Fri, 22 Nov 2024 02:01:01 GMT
content-type
image/svg+xml
x-77-nzt-ray
8705ec3466a035b7dde53f672914a504
vary
Accept-Encoding
last-modified
Fri, 15 Nov 2024 13:50:04 GMT
x-77-nzt
EgwBT3/OzgH3xZIIAAwBWbuxDAG3BAAAAA
cache-control
max-age=25920000, public
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
561861
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
spin_bl.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.206.207 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
887883143.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valleyinmotion.posturestage.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f1006e80919a554a181eeffcb6b3e381"
age
2
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
bjOyblOQAgUXvTs7cWVOI3cmkKngMaNilxB59sq_8ApfYANXt3UvvQ==
date
Fri, 22 Nov 2024 02:01:01 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Nov 2024 13:50:05 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec3466a035b7dde53f67dcc8ab04
x-77-nzt
EgwBT3/OzgH3xZIIAAwBuTvfFAG3AgAAAA
cache-control
max-age=25920000, public
via
1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
561861
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| google_tag_manager object| google_tag_data object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga function| $ object| tribe_l10n_datatables object| gaGlobal function| $crtZepto function| CuratorZepto object| Curator number| _zid object| gaplugins object| gaData object| UserWayWidgetApp function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

9 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANOXeZwNG6g-6RzojBGIjkMY_shoGiIa3PVqVi0WrtYZT4iXHTUP7uzwKZqSXMBfCFx2z1zV5gBOAZ1VCNDHqRs
.posturestage.com/ Name: _ga_MTGQ6D52DW
Value: GS1.1.1732240856.1.0.1732240856.0.0.0
.posturestage.com/ Name: _ga
Value: GA1.2.401441852.1732240856
.posturestage.com/ Name: _gid
Value: GA1.2.99017455.1732240858
.posturestage.com/ Name: _gat_gtag_UA_91397614_42
Value: 1
.dm.networkforgood.com/ Name: visid_incap_3098403
Value: 2rVQMD9CT/ymuJeRSynJENnlP2cAAAAAQUIPAAAAAAB0Pbz/U4IvxsFMObSxphOk
.dm.networkforgood.com/ Name: nlbi_3098403
Value: AAZGANJ2aB/2NsMKt2hncgAAAABs0hpaKYJTwCmD3EBjzxu3
.dm.networkforgood.com/ Name: incap_ses_1684_3098403
Value: l6eMV8NKazq91kJ+QsVeF9nlP2cAAAAA2AkSojOhGocBj5WrUiBQUQ==
valleyinmotion.dm.networkforgood.com/ Name: AWSALBCORS
Value: aY9gIGhlbv+u4/Vtt9wwMTm3hc20ma0CKIxbGGfGG8IJZqHsPjfbBu26pDVJ1HoeOQiMk/O7fgkwtRdDRMWWP0bUyTBT8AaVi/sz4CVCUzIIubSAzAJy9hnjTANz

8 Console Messages

Source Level URL
Text
network error URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/408644812_221042394362070_94899557458088910_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=3635dc&_nc_ohc=uolfzYzh6dYAX8jh-h9&_nc_ht=scontent-iad3-2.xx&edm=AKIiGfEEAAAA&oh=00_AfCg5xVMZ8nBzpadSwrsvvcYpCtuFi3R83Ajh0U12qoxPw&oe=65DAF39E
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/421606006_250188548114121_5913765726806387657_n.jpg?stp=dst-jpg_p720x720&_nc_cat=100&ccb=1-7&_nc_sid=dd5e9f&_nc_ohc=6GYyPBpVgk4AX8ZPJmi&_nc_ht=scontent-iad3-2.xx&edm=AKIiGfEEAAAA&oh=00_AfDXKFTkuM98G3nQ-phDZK5vO3R5234Sb09EsXKEzez_RA&oe=65DA7277
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/426418315_774322641407104_7606344353491940725_n.jpg?stp=dst-jpg_p720x720&_nc_cat=111&ccb=1-7&_nc_sid=3635dc&_nc_ohc=0YaG_X8YrSUAX82Wh7w&_nc_ht=scontent-iad3-2.xx&edm=AKIiGfEEAAAA&oh=00_AfCFIGX6-PeeSdrZA12y3QECULmDCL21cWbHAW2VXLlusw&oe=65DA7DF8
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/425696010_911614133646997_8120517143812386561_n.jpg?stp=dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=SP8yQkkCU9cAX-o04vp&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfB1Nx_zXzuzppx-aDNh0F7BSoACly5kkBvE07GS26oQwQ&oe=65DA05B3
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/424780990_886919713441967_3386935867981604832_n.jpg?stp=dst-jpg_p720x720&_nc_cat=101&ccb=1-7&_nc_sid=3635dc&_nc_ohc=OyaQQxbcXogAX-BQt-B&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfAIXMcx6P9EaaO6JsLZdNOf7CuBHTex8DhjqdCbiI5KLg&oe=65DA9689
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/408695760_749061920595607_3073614609730643708_n.jpg?stp=cp1_dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=7i-TwJoiMa8AX94aAVN&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfClz6sTYdKkp75Ttov9royPwp_gpeYo-HqV91qpZrJZvg&oe=65D9C363
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/422942603_122127616040093766_507236564315241413_n.jpg?stp=dst-jpg_p720x720&_nc_cat=107&ccb=1-7&_nc_sid=3635dc&_nc_ohc=WzMxWnt0rNcAX8SujuG&_nc_ht=scontent-iad3-1.xx&edm=AKIiGfEEAAAA&oh=00_AfCJzs7sgH8NwsLPbvIuu1OujQmfbTupYeaVGAxTYzE2GA&oe=65DB297D
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://external-iad3-2.xx.fbcdn.net/emg1/v/t13/3582157997098421438?url=https%3A%2F%2Fwoobox.com%2Foffers%2Fshareimage%2F7hrzri%2F00e375ae42dff42a07587299f5776af3.jpg&fb_obo=1&utld=woobox.com&ccb=13-1&stp=dst-emg0_q75&ur=50234c&_nc_sid=64c8fc&oh=06_AbEl-4d3gcXTw_lZqgQzln9j-bqLuk5_QJsEnMF6WxKwkA&oe=65D76DD6
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.curator.io
api.userway.org
cdn.curator.io
cdn.userway.org
external-iad3-2.xx.fbcdn.net
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
scontent-dfw5-2.xx.fbcdn.net
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
valleyinmotion.dm.networkforgood.com
valleyinmotion.posturestage.com
www.google-analytics.com
www.googletagmanager.com
142.251.167.97
142.251.179.94
143.198.10.229
157.240.229.1
157.240.229.17
172.253.122.138
172.253.62.95
3.169.183.33
31.13.66.19
31.13.93.26
44.238.232.77
45.60.31.183
54.156.125.69
79.127.206.207
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
16d5b97d997bee0eaabf67725da093121d942e7aaf2c3c1dd55fe299bca8dec9
17d219fcad16f66ba11ed1e64e6ce61e3a1a76e6674ea05022e8cdaa5752d97b
17e339a0658da095c4a43f76b0e8c449203e13b603929d28d9b9a32569c69613
293056418438640c82dd707d1159158ff2b089c833c4997e4de130c3df55289c
2a78b3398f7a7e6bc6e6a1574de9d57ef0643d301d3d9478d6e5e5653f474bfd
3aa87efca30631803ce08eb413db8cbe07f4a78235b7031c4e252aea06f2f798
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
4c645066ca3a11ca4bfa58b72a71fd93fa3fa222d40e5c4759e6e771b6f2b784
509082c7f0cceb17ab5b41253c1da7ee9c6e26e6f574472fb7abf0f4610cad0f
6354927a96fea1acc79d97477219827e3b9cb690d5a27c1f79cccf493738925a
65cdc73c86e3d902c50f0ed241f93d440515390dd48e33e245fae2a3a17f18af
695b677e5fa7973ee54e6e4e0f73028496babd37bee40ca02d3d19950e18a637
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
960910ef6f4d63b73b5d04e2233471229c44104ad3943a74e114d1e15bc563b5
9a190320a5b68ea18ef0976b0571afbdd06cdd625d7ed79c40ce337638fd7442
a8d338227bbcdb538f7e5812c6446640ca4290491f69f323136320f1762433a0
b0ec83189864b965ed365f8855ee05566a784b89545d68c745aa60b267e9d7e4
b1da205a48a4ec9b3722105d9f8d24bf2f055c90c789eca00b33219ab1e0bf00
b9918a26a59dd67d45260a75fc46d19e414e19934b57eaea454c8d3ddf558092
bcf250f7cf23bb0ae738a702da7523c74acdb526f40e3bab6376d2fe19c4400c
bf7dce8b1b19fe03838518852313d3521bc933a29abab216638846bb30dc74d3
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
cd3d7269e0f97e1235225c5e61b2f7f75759c9296acc58e5981d0d8f586dc8ed
d2675c1105164a778b51fdbff3b6fb5e6c10b86f8a2177b37e233c936777fc9b
d5a6966f67c90d4e314e73f458b6a70b0d69ab4219c5bb4127eeb0e31112393e
d918ea079cd4a1a01fceaf392a6553da422ec9e24bc79a2a8bac0b42f3a3d527
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de583c448ba7298a3d03f7a08756d0f0f7776a2ac59e2e3720b84fb30fd2919b
df7d07417f85e38f7dfe82dcd17d4a33779f15eb1bfcb9d436fa38ff8e7a0bb8
e44c9bd247a09ea8aa2ec082e581e72db0280bca84961fc71c542887280b0482
ef231dcd4cbcad51c72ea21b29dc248d1e1676c4cf125563708aee598fd5b91a
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347
fd7d04c2bc52a22337854a1fed100053f63c1bde8a9859cf13c3161075941057
febb6e3b0d9094fa872c30b09108444921daf370811347ddf19d3447fc4b0de6