rewards.valley-weightloss.com Open in urlscan Pro
18.238.4.46  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rewards.valley-weightloss.com/	4 KB 2 KB	1063ms 877ms	Document text/html	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash a32eeff3e5961d45c1a523283d942248063ffbe04697c3062218ab88bc1feb90 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes cache-control public, max-age=0 content-encoding gzip content-length 1518 content-type text/html; charset=UTF-8 date Wed, 22 Nov 2023 15:13:25 GMT etag W/"eab-18b1b403033" last-modified Tue, 10 Oct 2023 20:21:13 GMT vary Accept-Encoding via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amz-apigw-id OzkXXESRIAMED4Q= x-amz-cf-id m6Nr3bsGLq6QXp1kSwxDmmBzMVaUC45k3gM-4tOGFrZZjek8BfRjbg== x-amz-cf-pop PHL51-P1 x-amzn-remapped-connection keep-alive x-amzn-remapped-date Wed, 22 Nov 2023 15:13:25 GMT x-amzn-requestid 20859bdb-decd-4eef-af8f-46beadda998a x-cache Miss from cloudfront x-powered-by Express
GET H2	200	main.18e66c05.css rewards.valley-weightloss.com/styles/	635 KB 99 KB	216ms 215ms	Stylesheet text/css	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/styles/main.18e66c05.css Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash 9748236188c889b36b6156db9eafeea52d3758f5ea706eed501d75a68ac3257b Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-amzn-requestid 96af9c7c-1b17-49db-b0d6-f7c21e70b1c6 x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXfEb5oAMErcQ= content-length 101070 last-modified Tue, 10 Oct 2023 20:21:13 GMT etag W/"9ec93-18b1b403029" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-id kTgSKkVlX1Ob6ToHijgvj_cKC9tazQoBdkNxl-1Juef-qrBnSq8Ztg==
GET H2	200	vendor.121f52bc.js Show response rewards.valley-weightloss.com/scripts/	1 MB 366 KB	258ms 257ms	Script application/javascript	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/scripts/vendor.121f52bc.js Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash 3f20de9c0be9629c38464270da8b45fe7692493cf55b1e555726878fc85d16a2 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-amzn-requestid d6e7af54-f861-432d-bdf4-da6e433cd205 x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXfEuVoAMEGrg= content-length 374169 last-modified Tue, 10 Oct 2023 20:21:11 GMT etag W/"169f00-18b1b402845" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-id Akj9wffCI7akRT-QfHxlNGUFlLlKm0VcftpyBGKdmMo_xVIqj3QPEw==
GET H2	200	templates.94ef5d92.js Show response rewards.valley-weightloss.com/scripts/	98 KB 14 KB	169ms 168ms	Script application/javascript	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/scripts/templates.94ef5d92.js Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash 9b9e45e22943abf7df0830376d98e994340424589170340399fb999ac6c16c0c Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-amzn-requestid 2f903dc7-5f29-4a16-a0ae-af37a837806a x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXfHLHIAMEZfw= content-length 13867 last-modified Tue, 10 Oct 2023 20:20:51 GMT etag W/"186fe-18b1b3fdb3d" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-id LKFzqyDGO6lb_plbqXorQrP1pYT0NxNMFakMcrpR3lwrCNe58RJa9A==
GET H2	200	us-communication.js Show response cdn.getambassador.com/	58 KB 13 KB	103ms 27ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.getambassador.com/us-communication.js Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Express Resource Hash 9d57fef7f10f9f9723ab97bfbf791afe4e6734e0e6b00ac6c91245d24f736d21 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 vegur, 1.1 varnish nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} age 2216051 x-powered-by Express x-cache HIT content-length 12848 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1698449954&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=8NTdmrgmdbak32n%2B9tlBD5ZHygo4JSj%2B90KXf8snAGs%3D x-served-by cache-mia-kmia1760045-MIA last-modified Fri, 27 Oct 2023 23:37:38 GMT server Cowboy x-timer S1700666006.055739,VS0,VE1 etag W/"e6f6-18b73801dd0" vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698449954&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=8NTdmrgmdbak32n%2B9tlBD5ZHygo4JSj%2B90KXf8snAGs%3D"}]} content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-allow-methods GET, OPTIONS cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url x-cache-hits 1
GET H2	200	scripts.de312f2a.js Show response rewards.valley-weightloss.com/scripts/	329 KB 75 KB	100ms 99ms	Script application/javascript	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/scripts/scripts.de312f2a.js Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash a28692c243c36ac0a958d5be91065cacf58b7e2df32514a2a30c205240b4a37d Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-amzn-requestid 88a2ce21-d55f-49ba-925b-88dbb9289f78 x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXfFZPIAMEjYw= content-length 76543 last-modified Tue, 10 Oct 2023 20:21:13 GMT etag W/"52533-18b1b402ff7" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-id e33wd9A97U1Tm7-G4ev085RS9jOgPvWcOsivyAaW_2Cd9aFLRhM-Zg==
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	167ms 60ms	Stylesheet text/css	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600&display=swap Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/styles/main.18e66c05.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 24b387f67ec384413834766c481448600d867cb42caf01b897bb656d72a5adbe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 22 Nov 2023 15:04:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Nov 2023 15:13:26 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 744 B	167ms 62ms	Stylesheet text/css	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600&display=swap Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/styles/main.18e66c05.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 22 Nov 2023 14:17:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Nov 2023 15:13:26 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/	107 KB 30 KB	228ms 73ms	Script text/javascript	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash cff941fcda099e4a28e6ccf30def6e4118b957a9f297db472fe6e1d5c9b6dd19 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-amz-version-id 5a9al3OwK3bS6K1G3BSvXmcYL6UMER8P content-encoding gzip via 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront) date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-pop PHL50-C1 age 50 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 15 Nov 2023 21:42:54 GMT server AmazonS3 etag W/"361253ab6d430646b4315a7483102356" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id U8Q6K0KNfm1_W-cWitAfW94HgkTQOkiBNuHsH4jGRfG4gjGNjnTX0A==
GET H2	200	portal.json Show response api.getambassador.com/	6 KB 3 KB	385ms 232ms	XHR application/json	44.196.223.14 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.getambassador.com/portal.json?host=rewards.valley-weightloss.com Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/scripts/vendor.121f52bc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.223.14 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-223-14.compute-1.amazonaws.com Software nginx / Resource Hash f6c056845c7451e4587c8fa027914426016e9586b02bcb164f4114fe4ed973c3 Security Headers Name Value Content-Security-Policy default-src 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com getambassador.com admin.getambassador.com prod-space.getambassador.com app.getambassador.com static.getambassador.com api.getambassador.com requests.getambassador.com browser.getambassador.com cdn.getambassador.com cdn-api.getambassador.com; script-src 'self'; script-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; style-src 'self'; style-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; connect-src 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept application/json, text/plain, */* Referer https://rewards.valley-weightloss.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-security-policy default-src 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com getambassador.com admin.getambassador.com prod-space.getambassador.com app.getambassador.com static.getambassador.com api.getambassador.com requests.getambassador.com browser.getambassador.com cdn.getambassador.com cdn-api.getambassador.com; script-src 'self'; script-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; style-src 'self'; style-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; connect-src 'self'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip server nginx x-permitted-cross-domain-policies none referrer-policy same-origin vary Accept, Origin, Cookie, Accept-Encoding allow GET, HEAD, OPTIONS content-type application/json access-control-allow-origin * x-frame-options sameorigin content-length 1691
GET H2	200	proximanova-regular-webfont.woff rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/	26 KB 27 KB	93ms 92ms	Font font/woff	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/proximanova-regular-webfont.woff Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/styles/main.18e66c05.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash 8bb64dbc62c6dfdacfbccc5bfb0ffb57bebbc5f4d69ba0046076fee899870a80 Request headers Referer https://rewards.valley-weightloss.com/styles/main.18e66c05.css Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amzn-remapped-content-length 26620 x-amz-cf-pop PHL51-P1 x-amzn-requestid 4096beb6-a765-430e-870a-ecb5c21f2d4a x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXlGvQoAMEVjw= content-length 26587 last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"67fc-7438674ba0" content-type font/woff cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-id 1w-4kcEwW2tk1Qd2w1iwSZH4YQ6zIgBivGLethqiAV_XOvUIDqcNbw==
GET H2	200	powered-by.png rewards.valley-weightloss.com/images/	2 KB 3 KB	82ms 82ms	Image image/png	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://rewards.valley-weightloss.com/images/powered-by.png Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash 0d2f3e8e35dffaf958db01afec64770832b0e2cc6a8070cfaf3fb60883b38d1a Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amzn-remapped-content-length 2381 x-amz-cf-pop PHL51-P1 x-amzn-requestid e835098a-6e0f-4ef7-9dab-2910596deb45 x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXlHuCoAMElyA= content-length 2404 last-modified Fri, 23 Dec 2022 23:54:16 GMT etag W/"94d-1854168ac15" content-type image/png cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-id 1EaqpBlier_ojTe4iExadfWb1gxS6d7vQsGBYRHFpLfPE9JImxy6Cg==
GET H2	200	settings Show response cdn.segment.com/v1/projects/KMIe4Dz2ke/	1 KB 1 KB	181ms 65ms	Fetch application/json	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/KMIe4Dz2ke/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash c3ed46367d552531a69761e75b48bf06b7c6f1a63d380974dc2e9308e5fbb41e Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-amz-version-id UPzD7eEHrGIHc3MHf2QWhCrX7k88KV7T content-encoding gzip via 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront) date Wed, 22 Nov 2023 15:13:26 GMT x-amz-cf-pop PHL50-C1 age 3198 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 11 May 2023 08:01:11 GMT server AmazonS3 etag W/"b297e95b60f2c96a616a15b554597c81" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding x-amz-cf-id 5AYOuI5tijxtoQJRrcskLqVuqeoS-f6QWbuTbYLtjn2-0bk6baofyA==
GET H2	200	ajs-destination.bundle.13362ca512563a10e34d.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	61ms 59ms	Script application/javascript	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:49:01 GMT x-amz-version-id p6tk_itArJhm1.zmwaH5aXhODx_TUmzt content-encoding br via 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront) x-amz-cf-pop PHL50-C1 age 584666 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 15 Nov 2023 20:12:01 GMT server AmazonS3 etag W/"0dec480089dae7da1834489f95aca4e7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id Z7zKq0KaUkC6w_OHrGqx0KVp6ypxNH57ratKTDFDnINl9egPYRNrKA==
GET H2	200	us.js Show response cdn.getambassador.com/	270 B 635 B	28ms 27ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.getambassador.com/us.js Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/scripts/scripts.de312f2a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Express Resource Hash 8de46f2e70768702b7c6541feca2d150b9553173ef51c12791272ea26c0535ba Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT via 1.1 vegur, 1.1 varnish nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} age 725316 x-powered-by Express x-cache HIT content-length 270 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1698449960&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=7NGsNfasN1k2aH6N2I4FSZiXepCa965FNbx90A7oXAw%3D x-served-by cache-mia-kmia1760045-MIA last-modified Fri, 27 Oct 2023 23:37:38 GMT server Cowboy x-timer S1700666007.925116,VS0,VE0 etag W/"10e-18b73801dd0" vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698449960&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=7NGsNfasN1k2aH6N2I4FSZiXepCa965FNbx90A7oXAw%3D"}]} content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-allow-methods GET, OPTIONS cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url x-cache-hits 15
GET H2	200	proximanovacond-light-webfont.woff rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/	27 KB 27 KB	103ms 100ms	Font font/woff	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/proximanovacond-light-webfont.woff Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/styles/main.18e66c05.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash a7271eb753d0ecfac54f8dd9eef969f68d3540f6f1a75f00d7bb27c011a09e29 Request headers Referer https://rewards.valley-weightloss.com/styles/main.18e66c05.css Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:27 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amzn-remapped-content-length 27140 x-amz-cf-pop PHL51-P1 x-amzn-requestid ebe8da7e-dbe0-4c87-8b61-60b815e427db x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXoHJYoAMEkAQ= content-length 27114 last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"6a04-7438674ba0" content-type font/woff cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:27 GMT x-amz-cf-id kdP53gbydyxtr7qezzSsPoVKazaO0cK37aE_fWJJF5nJfWvFLK4zGQ==
GET H2	200	proximanovacond-semibold-webfont.woff rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/	26 KB 27 KB	93ms 91ms	Font font/woff	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/proximanovacond-semibold-webfont.woff Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/styles/main.18e66c05.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash 85a23481190636ff9b53eafc7c73108d4c4fd741739f9cbcac61bffe174a3af5 Request headers Referer https://rewards.valley-weightloss.com/styles/main.18e66c05.css Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:27 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amzn-remapped-content-length 27080 x-amz-cf-pop PHL51-P1 x-amzn-requestid ff6bf2e9-b80f-445a-8cd5-9d51139adc16 x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXoHKKoAMEI8w= content-length 27045 last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"69c8-7438674ba0" content-type font/woff cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:27 GMT x-amz-cf-id _up1B2kJGllbwH_XQkiwwKXhGP4eV-s9pbWPHVweQr0OkGwz237Hkg==
GET H/1.1	200 OK	2023_10_27_20_15_10_1.0_ML-VWL.png ambassador-api.s3.amazonaws.com/uploads/portal/31342/	47 KB 47 KB	428ms 156ms	Image image/png	16.182.66.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ambassador-api.s3.amazonaws.com/uploads/portal/31342/2023_10_27_20_15_10_1.0_ML-VWL.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.182.66.97 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash b9c221662036ad25aeddfa8d3694d511f105358f56d1e04e0423e96ccd50fee3 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 22 Nov 2023 15:13:28 GMT Last-Modified Fri, 27 Oct 2023 20:15:11 GMT Server AmazonS3 x-amz-request-id XAJ993ED8DNXKYHS ETag "b3290c4941505b25e4e9c94cea43978b" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 48123 x-amz-id-2 eqfY7F1nRotLZ2oweZh45gMQ4R/YpagOixZXsrgFc0x9ucrp+CTIL7TPTeIM5Wx7bJnMJk4C+8A=
GET H2	200	proximanova-semibold-webfont.woff2 rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/	20 KB 21 KB	91ms 90ms	Font font/woff2	18.238.4.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rewards.valley-weightloss.com/common/lib/assets/fonts/proxima-nova/proximanova-semibold-webfont.woff2 Requested by Host: rewards.valley-weightloss.com URL: https://rewards.valley-weightloss.com/styles/main.18e66c05.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-46.phl51.r.cloudfront.net Software / Express Resource Hash e6661f54d79171173e6535b40008c1a9466d9cf95fcb76d478bce11c8adfdeaa Request headers Referer https://rewards.valley-weightloss.com/styles/main.18e66c05.css Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:27 GMT content-encoding gzip via 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront) x-amzn-remapped-content-length 20700 x-amz-cf-pop PHL51-P1 x-amzn-requestid b315732b-265f-4d7b-b8e1-42d3675c31a4 x-amzn-remapped-connection keep-alive x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id OzkXoEgcIAMEkXg= content-length 20728 last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"50dc-7438674ba0" content-type font/woff2 cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Wed, 22 Nov 2023 15:13:27 GMT x-amz-cf-id BknLcxBTEcG7bIJWK9Im3HiLGnT2H8DtnNJNtidNWij0vYSYJ-vaaQ==
GET H2	200	us-16a4fcb3-90dc-4792-93aa-0750765be318.js Show response cdn.getambassador.com/	695 KB 121 KB	30ms 29ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.getambassador.com/us-16a4fcb3-90dc-4792-93aa-0750765be318.js Requested by Host: cdn.getambassador.com URL: https://cdn.getambassador.com/us.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Express Resource Hash 7e9b6888bfe9ec8b3337a218a0ebf44b6dc99339789da17ca0f7ea5cfbb26cea Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:26 GMT content-encoding gzip via 1.1 vegur, 1.1 varnish nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} age 62647 x-powered-by Express x-cache HIT content-length 123385 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1700603359&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=9LuBnymTGmyXaIxca%2FPmWZiC33lLIzWg6OAL3SliEsk%3D x-served-by cache-mia-kmia1760045-MIA server Cowboy x-timer S1700666007.966613,VS0,VE3 etag W/"adb08-+LQuKB1AM/4e16DAO7KyJFLqFHM" vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700603359&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=9LuBnymTGmyXaIxca%2FPmWZiC33lLIzWg6OAL3SliEsk%3D"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, OPTIONS cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url x-cache-hits 1
GET H2	200	schemaFilter.bundle.f63551a29dc1697f71b6.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	58ms 57ms	Script application/javascript	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 06 Nov 2023 04:39:09 GMT x-amz-version-id EvxMPiJM_fFHLYrJnG26FpE9URKkRhTD content-encoding gzip via 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront) x-amz-cf-pop PHL50-C1 age 1420459 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 06 Nov 2023 04:03:19 GMT server AmazonS3 etag W/"2a359f6227308e4ee31623f9381ae1d7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id xQRRtSfcLOy16Uv1Br9vnwfARd2_pjQGe7ukbTuCKzEo3meavZYqzg==
GET H2	200	fullstory.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/	5 KB 3 KB	59ms 58ms	Script application/javascript	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 02 Nov 2023 23:23:03 GMT content-encoding gzip via 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront) x-amz-version-id sZ4uaVuryvCnkNR7kX2ChFxfvv_9ZYSp x-amz-cf-pop PHL50-C1 age 1698625 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2166 last-modified Wed, 18 Oct 2023 10:36:35 GMT server AmazonS3 etag "e99e99fffc341f6a85e129a73956e837" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id Di4AofcCrDkpSpWVncA-ehIGW8-k9wAwgFlenlLZlizWeld80rz-UA==
GET H2	200	sentry.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/sentry/4.0.0/	4 KB 2 KB	60ms 59ms	Script application/javascript	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/sentry/4.0.0/sentry.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash a45596c2087026ebad9fe6991aa7c6d4b55bb4ceeab5ec99f5e5f1b73c5cbc32 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 05 Nov 2023 02:15:37 GMT content-encoding gzip via 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront) x-amz-version-id Ftv6cuW7T1mLzh2JRPgPw.0GuuwdOwcU x-amz-cf-pop PHL50-C1 age 1515471 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1674 last-modified Wed, 18 Oct 2023 10:36:35 GMT server AmazonS3 etag "2404d84a05081bd5da596a06fce0a77e" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id HOe-tUJ8v1D6EhZEqWov9GCFQ-8Dq61O7Gzk-k_sv9fCizgbmPhryA==
GET H2	200	/ Show response requests.getambassador.com/universal/portal_widgets/	733 B 972 B	161ms 159ms	XHR application/json	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://requests.getambassador.com/universal/portal_widgets/?u=16a4fcb3-90dc-4792-93aa-0750765be318 Requested by Host: cdn.getambassador.com URL: https://cdn.getambassador.com/us-16a4fcb3-90dc-4792-93aa-0750765be318.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 4b7a9b776c7e4d340df51e5c8d789bb9da91d71c054c67cf74ade2302af8cd60 Security Headers Name Value Content-Security-Policy default-src 'self' *.getambassador.com ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; script-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com *.newrelic.com *.nr-data.net 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' *.nr-data.net; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers x-mbsy-url https://rewards.valley-weightloss.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-type application/json Accept application/json Referer https://rewards.valley-weightloss.com/ x-mbsy-client-id null mbsy-universal-location https://rewards.valley-weightloss.com mbsy-universal-id 16a4fcb3-90dc-4792-93aa-0750765be318 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 22 Nov 2023 15:13:27 GMT via 1.1 varnish x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.getambassador.com ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; script-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com *.newrelic.com *.nr-data.net 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' *.nr-data.net; x-cache MISS content-length 455 x-served-by cache-mia-kmia1760093-MIA referrer-policy same-origin server nginx x-timer S1700666007.263658,VS0,VE134 allow GET, HEAD, OPTIONS x-frame-options sameorigin content-type application/json access-control-allow-origin * vary Accept, Origin, Cookie, Accept-Encoding accept-ranges bytes x-cache-hits 0
GET H2	200	fp.js Show response cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.3.2/dist/	113 KB 31 KB	159ms 29ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.3.2/dist/fp.js Requested by Host: cdn.getambassador.com URL: https://cdn.getambassador.com/us-16a4fcb3-90dc-4792-93aa-0750765be318.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e1a50da2ca657309c2cfc0d93f1b582a49b29c58d4a69e46d127671dd7e4d2dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 22 Nov 2023 15:13:27 GMT x-content-type-options nosniff content-encoding br age 2995246 x-jsd-version 3.3.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 30754 x-served-by cache-fra-etou8220050-FRA, cache-mia-kmia1760030-MIA x-jsd-version-type version etag W/"1c254-Gn05meL2ndmIE6H0nLXCm62Q/jk" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
OPTIONS H2	200	/ requests.getambassador.com/universal/portal_widgets/	0 0	159ms 28ms	Preflight text/html	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://requests.getambassador.com/universal/portal_widgets/?u=16a4fcb3-90dc-4792-93aa-0750765be318 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' *.getambassador.com ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; script-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com *.newrelic.com *.nr-data.net 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' *.nr-data.net; Request headers Accept */* Access-Control-Request-Headers content-type,mbsy-universal-id,mbsy-universal-location,x-mbsy-client-id,x-mbsy-url Access-Control-Request-Method GET Origin https://rewards.valley-weightloss.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-request-id, x-mbsy-client-session-id, x-mbsy-verification, x-mbsy-client-id, x-mbsy-url access-control-allow-methods GET, OPTIONS, POST, PUT, PATCH, DELETE access-control-allow-origin * content-length 0 content-security-policy default-src 'self' *.getambassador.com ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; script-src-elem 'self' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com *.newrelic.com *.nr-data.net 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' ambassador-api-dev.s3.amazonaws.com ambassador-api.s3.amazonaws.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' *.nr-data.net; content-type text/html date Wed, 22 Nov 2023 15:13:27 GMT referrer-policy same-origin retry-after 0 server Varnish via 1.1 varnish x-cache MISS x-cache-hits 0 x-permitted-cross-domain-policies none x-served-by cache-mia-kmia1760093-MIA x-timer S1700666007.235797,VS0,VE0
GET H2	200	commons.c42222c4cb2f8913500f.js.gz Show response cdn.segment.com/next-integrations/integrations/vendor/	73 KB 22 KB	69ms 67ms	Script application/javascript	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/KMIe4Dz2ke/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13 Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 06 Nov 2023 23:16:41 GMT content-encoding gzip via 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront) x-amz-version-id uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL x-amz-cf-pop PHL50-C1 age 1353407 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 22177 last-modified Wed, 18 Oct 2023 10:36:32 GMT server AmazonS3 etag "befb217271e2e926c7d898f1c85f6cb7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id TQeMAhzPD2sUFd9sMzzjK9DqV7qdzAFXMD3ibDCnWkIcVrZ6veQG4A==
GET H2	200	fs.js Show response edge.fullstory.com/s/	247 KB 68 KB	227ms 32ms	Script application/javascript	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 878fa0dda1bf5303d4c094f42ba9f7b3aaff615c75b0f89ef4011ea9f5adcaf7 Request headers Referer https://rewards.valley-weightloss.com/ Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:02:49 GMT content-encoding br age 638 x-guploader-uploadid ABPtcPqV-f-2cdfBd4bo6ePs95XPZe17LZbeoZwbObuyITx2_zIbw6OpzKG_H3PYZiO52RiGrPx6mCEhcbxrwAj7xQnsww x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69204 last-modified Fri, 10 Nov 2023 14:06:35 GMT server UploadServer etag "76afec209977b7bdc80ad7f037ea3611" vary Accept-Encoding x-goog-generation 1699625194984472 x-goog-hash crc32c=LMNjrA==, md5=dq/sIJl3t73ICtfwN+o2EQ== access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600,no-transform x-goog-stored-content-length 69204 accept-ranges bytes content-type application/javascript expires Wed, 22 Nov 2023 16:02:49 GMT
GET H2	200	bundle.min.js Show response browser.sentry-cdn.com/7.45.0/	57 KB 20 KB	217ms 26ms	Script application/javascript	2a04:4e42:400::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/7.45.0/bundle.min.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 05bcbc540206cd609115e7b8e685959e641b5e058f209a504e838676477574ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://rewards.valley-weightloss.com/ Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:27 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 24 Mar 2023 09:06:27 GMT server Fastly age 2582498 etag "f6c15f63eee05d140bbee54d82c0199f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 19827 expires Thu, 04 Apr 2024 09:19:03 GMT
GET H2	200	rewriteframes.min.js Show response browser.sentry-cdn.com/7.45.0/	2 KB 1 KB	26ms 26ms	Script application/javascript	2a04:4e42:400::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/7.45.0/rewriteframes.min.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash d57e040bae754a4dc9a076f4a185b05f7c3a78aa2510b0a2622da91925581cce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://rewards.valley-weightloss.com/ Origin https://rewards.valley-weightloss.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:27 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 24 Mar 2023 09:06:27 GMT server Fastly age 3113343 etag "d6d99482c2dca6d5889a60f82bc3a795" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 1138 expires Wed, 01 May 2024 02:42:20 GMT
GET H2	200	web Show response edge.fullstory.com/s/settings/tpg/v1/	4 KB 2 KB	64ms 64ms	XHR application/json	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/settings/tpg/v1/web Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/7.45.0/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash bccffa7f3bc2bcd15d3d6dfd697fc892396f60138b09eb1e7469cfce5a91d56c Request headers accept-language en-US,en;q=0.9 Referer https://rewards.valley-weightloss.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 15:13:27 GMT content-encoding gzip age 0 x-guploader-uploadid ABPtcPolB9yGdAf8bUkE0sT6bVJ1iFWuJv-KhNh1Bulg1BrQEaLTAVRzTzo-5TQGS_f-faUD4xhclxUDeC0sp63EFEbt x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1254 last-modified Wed, 22 Nov 2023 15:11:10 GMT server UploadServer etag "8c0c0f255f376e44a279591e19de4d8d" x-goog-generation 1700356270000040 x-goog-hash crc32c=GB3J0Q==, md5=jAwPJV83bkSieVkeGd5NjQ== access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public,max-age=900,no-transform x-goog-stored-content-length 1254 accept-ranges bytes content-type application/json expires Wed, 22 Nov 2023 15:28:27 GMT
POST H2	200	i Show response api.segment.io/v1/	21 B 184 B	490ms 106ms	Fetch application/json	35.160.35.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/i Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-35-184.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://rewards.valley-weightloss.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://rewards.valley-weightloss.com date Wed, 22 Nov 2023 15:13:28 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
POST H2	202	page Show response rs.fullstory.com/rec/	94 B 302 B	377ms 74ms	XHR text/plain	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/7.45.0/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash 3f449784df9c88b97b9d731bdfdb1c15ffaf12c1a7057fdd7ac9e551ed432c87 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://rewards.valley-weightloss.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Nov 2023 15:13:28 GMT via 1.1 google x-content-type-options nosniff content-type text/plain; charset=utf-8 access-control-allow-origin https://rewards.valley-weightloss.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| mod function| duScrollDefaultEasing object| angles object| ngFileUpload function| $ function| jQuery object| angular object| JSON3 function| _ function| Spinner function| Chart object| localforage object| FileAPI function| ZeroClipboard function| moment object| reTree function| Pusher function| scrollPosition object| Base64 object| mbsyIframe function| QRCode function| are_cookies_enabled function| ColumnProvider object| analytics string| versionSearchString object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| mbsy string| radio_template object| uidScript object| __mbsyData boolean| mbsyScriptExecuted object| _mbsy function| mbsyCb object| mbsyEditor object| fullstoryDeps function| fullstoryLoader object| sentryDeps function| sentryLoader object| FingerprintJS object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| fullstoryIntegration boolean| _fs_is_outer_script boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS function| sentryIntegration object| Sentry object| __SENTRY__ string| _fs_loaded function| _fs_shutdown

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.valley-weightloss.com/	1970-01-21 01:10:02	Name: ajs_anonymous_id Value: f1a5a772-2ddc-41bb-9051-2bc06b5a2a75

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ambassador-api.s3.amazonaws.com
api.getambassador.com
api.segment.io
browser.sentry-cdn.com
cdn.getambassador.com
cdn.jsdelivr.net
cdn.segment.com
edge.fullstory.com
fonts.googleapis.com
requests.getambassador.com
rewards.valley-weightloss.com
rs.fullstory.com
13.224.207.4
151.101.194.133
151.101.2.133
16.182.66.97
18.238.4.46
2607:f8b0:4004:c08::5f
2a04:4e42:400::729
2a04:4e42:600::485
35.160.35.184
35.186.194.58
35.201.112.186
44.196.223.14
05bcbc540206cd609115e7b8e685959e641b5e058f209a504e838676477574ec
0d2f3e8e35dffaf958db01afec64770832b0e2cc6a8070cfaf3fb60883b38d1a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
24b387f67ec384413834766c481448600d867cb42caf01b897bb656d72a5adbe
3f20de9c0be9629c38464270da8b45fe7692493cf55b1e555726878fc85d16a2
3f449784df9c88b97b9d731bdfdb1c15ffaf12c1a7057fdd7ac9e551ed432c87
4b7a9b776c7e4d340df51e5c8d789bb9da91d71c054c67cf74ade2302af8cd60
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7e9b6888bfe9ec8b3337a218a0ebf44b6dc99339789da17ca0f7ea5cfbb26cea
85a23481190636ff9b53eafc7c73108d4c4fd741739f9cbcac61bffe174a3af5
878fa0dda1bf5303d4c094f42ba9f7b3aaff615c75b0f89ef4011ea9f5adcaf7
8bb64dbc62c6dfdacfbccc5bfb0ffb57bebbc5f4d69ba0046076fee899870a80
8de46f2e70768702b7c6541feca2d150b9553173ef51c12791272ea26c0535ba
9748236188c889b36b6156db9eafeea52d3758f5ea706eed501d75a68ac3257b
9b9e45e22943abf7df0830376d98e994340424589170340399fb999ac6c16c0c
9d57fef7f10f9f9723ab97bfbf791afe4e6734e0e6b00ac6c91245d24f736d21
a28692c243c36ac0a958d5be91065cacf58b7e2df32514a2a30c205240b4a37d
a32eeff3e5961d45c1a523283d942248063ffbe04697c3062218ab88bc1feb90
a45596c2087026ebad9fe6991aa7c6d4b55bb4ceeab5ec99f5e5f1b73c5cbc32
a7271eb753d0ecfac54f8dd9eef969f68d3540f6f1a75f00d7bb27c011a09e29
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9c221662036ad25aeddfa8d3694d511f105358f56d1e04e0423e96ccd50fee3
bccffa7f3bc2bcd15d3d6dfd697fc892396f60138b09eb1e7469cfce5a91d56c
c3ed46367d552531a69761e75b48bf06b7c6f1a63d380974dc2e9308e5fbb41e
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
cff941fcda099e4a28e6ccf30def6e4118b957a9f297db472fe6e1d5c9b6dd19
d57e040bae754a4dc9a076f4a185b05f7c3a78aa2510b0a2622da91925581cce
de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821
e1a50da2ca657309c2cfc0d93f1b582a49b29c58d4a69e46d127671dd7e4d2dd
e6661f54d79171173e6535b40008c1a9466d9cf95fcb76d478bce11c8adfdeaa
f6c056845c7451e4587c8fa027914426016e9586b02bcb164f4114fe4ed973c3