urlscan.io logo urlscan.io
SecurityTrails logo

www.megadroughtusa.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.healthzimo.com/?t=c&ids=MTg0ODIyMjIx__NDU5OQ==__Mzc2NjM2Mg==__Mzkx&url=aHR0cHMlM0ElMkYlMkZjb21wbGV0aGVhbHRoc29s...
Effective URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Submission: On October 31 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.megadroughtusa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time www.megadroughtusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 170.187.185.18 63949 (LINODE-AP...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
14 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 162.159.138.60 13335 (CLOUDFLAR...)
2 2606:4700:310... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:310... 13335 (CLOUDFLAR...)
2 162.159.128.61 13335 (CLOUDFLAR...)
5 151.101.114.109 54113 (FASTLY)
5 34.120.202.204 ()
5 2a02:26f0:350... ()
47 13
1    170.187.185.18 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: vsrv379.armadaservers.com
click.healthzimo.com
2    2606:4700:3035::6815:5534 (United States)

ASN13335 (CLOUDFLARENET, US)
complethealthsolution.org
14    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.megadroughtusa.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    162.159.138.60 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
2    2606:4700:3108::ac42:2b73 (United States)

ASN13335 (CLOUDFLARENET, US)
display.buygoods.com
www.buygoods.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3108::ac42:28ea (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.buygoods.com
2    162.159.128.61 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
vimeo.com
5    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f.vimeocdn.com
i.vimeocdn.com
5    34.120.202.204 (None, )

ASN- ()
fresnel.vimeocdn.com
player-telemetry.vimeo.com
5    2a02:26f0:3500:6::17d8:4db4 (None, )

ASN- ()
9vod-adaptive.akamaized.net
Apex Domain
Subdomains		 Transfer
14 megadroughtusa.com
www.megadroughtusa.com
794 KB
9 vimeocdn.com
f.vimeocdn.com — Cisco Umbrella Rank: 2952
fresnel.vimeocdn.com
i.vimeocdn.com
256 KB
5 akamaized.net
9vod-adaptive.akamaized.net
835 KB
5 gstatic.com
fonts.gstatic.com
109 KB
5 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1736
vimeo.com — Cisco Umbrella Rank: 1620
player-telemetry.vimeo.com
20 KB
3 buygoods.com
display.buygoods.com — Cisco Umbrella Rank: 458055
www.buygoods.com — Cisco Umbrella Rank: 557050
tracking.buygoods.com — Cisco Umbrella Rank: 416066
9 KB
2 complethealthsolution.org
complethealthsolution.org
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
1 healthzimo.com
click.healthzimo.com
391 B
47 9
Domain Requested by
14 www.megadroughtusa.com complethealthsolution.org
www.megadroughtusa.com
5 9vod-adaptive.akamaized.net f.vimeocdn.com
5 fonts.gstatic.com fonts.googleapis.com
4 fresnel.vimeocdn.com f.vimeocdn.com
4 f.vimeocdn.com player.vimeo.com
click.healthzimo.com
2 vimeo.com player.vimeo.com
f.vimeocdn.com
2 player.vimeo.com www.megadroughtusa.com
player.vimeo.com
2 complethealthsolution.org complethealthsolution.org
1 player-telemetry.vimeo.com f.vimeocdn.com
1 i.vimeocdn.com
1 tracking.buygoods.com www.megadroughtusa.com
1 www.buygoods.com www.megadroughtusa.com
1 display.buygoods.com www.megadroughtusa.com
1 fonts.googleapis.com www.megadroughtusa.com
1 click.healthzimo.com
47 15

This site contains links to these domains. Also see Links.

Domain
buygoods.com
Subject Issuer Validity Valid
click.healthzimo.com
R3		 2022-10-22 -
2023-01-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-23 -
2023-04-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-20		 a year crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-17 -
2023-06-18		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2022-09-30 -
2022-12-29		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Frame ID: CC2197CD8F06464521DC4C10F788C65F
Requests: 29 HTTP requests in this frame

Frame: https://player.vimeo.com/video/725765235?h=7830496ec4&byline=0&portrait=0&muted=1&autoplay=1&autopause=0&app_id=122963
Frame ID: A6CEE0C582F0E89A3E2649B4FAF9067B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Air Fountain System

Page URL History Show full URLs

  1. https://click.healthzimo.com/?t=c&ids=MTg0ODIyMjIx__NDU5OQ==__Mzc2NjM2Mg==__Mzkx&url=aHR0cHMlM0ElMkYlMkZj... Page URL
  2. https://complethealthsolution.org/e39a Page URL
  3. https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

58 %
IPv6

9
Domains

15
Subdomains

13
IPs

3
Countries

2025 kB
Transfer

3554 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.healthzimo.com/?t=c&ids=MTg0ODIyMjIx__NDU5OQ==__Mzc2NjM2Mg==__Mzkx&url=aHR0cHMlM0ElMkYlMkZjb21wbGV0aGVhbHRoc29sdXRpb24ub3JnJTJGZTM5YQ== Page URL
  2. https://complethealthsolution.org/e39a Page URL
  3. https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
click.healthzimo.com/ 		86 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.healthzimo.com/?t=c&ids=MTg0ODIyMjIx__NDU5OQ==__Mzc2NjM2Mg==__Mzkx&url=aHR0cHMlM0ElMkYlMkZjb21wbGV0aGVhbHRoc29sdXRpb24ub3JnJTJGZTM5YQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.187.185.18 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
vsrv379.armadaservers.com
Software
nginx /
Resource Hash
fc155a54589b146b815384dc367d91b5e81a3c1c1764c6041d5e5e8e62015702
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 00:12:49 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
HIT
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
e39a
complethealthsolution.org/ 		662 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://complethealthsolution.org/e39a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5534 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c07dfd6ba89f1c31169e675d7d7d2c7a4585f0c7699c23951507a8b50bc08
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://click.healthzimo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
76282e6d4d2090a3-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=UTF-8
date
Mon, 31 Oct 2022 00:12:51 GMT
expires
Mon, 07 Jul 1777 07:07:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ro2HvNC3AxtiPpS5z3CXj87cYwi67VGDy5EuiI726xHiVX8IT6wvf03EIxb8lxw7Y8IdLioQlPV8iarm4ZYCwN%2FD8ulMX9wxg0oRHvl7MgakhwW1NZSbtSJ%2BlgTDr5g6GbMGtecXqxNwtDoMahq1rn5%2FBKxCQEHz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-redirect-powered-by
Pretty Link Executive 3.2.5 http://prettylink.com
x-robots-tag
noindex, nofollow
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
javascript-redirect.js
complethealthsolution.org/wp-content/plugins/pretty-link/pro/js/ 		99 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://complethealthsolution.org/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.5
Requested by
Host: complethealthsolution.org
URL: https://complethealthsolution.org/e39a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5534 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://complethealthsolution.org/e39a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
content-encoding
br
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 12 Oct 2022 07:21:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtZwj3E%2BLdjMP0CvIwNfIsCOjWW60%2F12G16n9ImJtUxzc%2F1ozo5EqeloFpsfCHPEOZCQbmuukB9ZQcWN8fgOXHIQ1kIVLI9TBYBrXNq8GROYUrY5Bbm6y57bD%2F8wMg2ELdratA7IlGsIb%2B5lzlKiG7tDJr2gUAYi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
76282e73182490a3-FRA
expires
Wed, 30 Nov 2022 00:12:51 GMT
Primary Request /
www.megadroughtusa.com/ 		99 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Requested by
Host: complethealthsolution.org
URL: https://complethealthsolution.org/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1adb64615d875b4de8d5ba7e24c69ffd128108712caeadfe668711a9995184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://complethealthsolution.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76282e73dcca908e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 00:12:52 GMT
link
<https://www.megadroughtusa.com/wp-json/>; rel="https://api.w.org/" <https://www.megadroughtusa.com/wp-json/wp/v2/pages/144>; rel="alternate"; type="application/json" <https://www.megadroughtusa.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlXdJrcGtyj8lFvhb64EVYveYWozR7PiJK9vgAUN%2FSGtjo2QYkwGDut3lRJdjy9omMB%2FtOIw6q9GbJvXIHz%2BnN%2BoADYge8XFRsP6kscYvg%2BoMkE2wFQebnWmURLAXHt0q3wL5sG6IyJacux%2B1T4lrorgwZS0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700,900|IBM+Plex+Sans:400,700|Poppins:400,700&display=swap
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
433a69a6aed6a4b9916f79bff1a9d50525a5db5943e2836720b977438a279825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 00:12:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Oct 2022 00:12:52 GMT
Air-Fountain-Cover.png
www.megadroughtusa.com/wp-content/uploads/2022/07/ 		620 KB
620 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megadroughtusa.com/wp-content/uploads/2022/07/Air-Fountain-Cover.png
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6440f98f02e287d169f4791d11a0eeb066aa0615980676346ca91591fe9699d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
634667
x-xss-protection
1; mode=block
last-modified
Mon, 11 Jul 2022 13:51:45 GMT
server
cloudflare
etag
"62cc2af1-9af2b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWUgJ1gUZ2caF4ts2WPmpFA0TaLnfcyMq%2BEZBQk%2F0AwBmmhhEcja0MGEEypdIw5IRWuBCLSYtl2EW26Hh5lHhgeNAsJBT1reKU2S23VhVVX17ULKKhOwunYso3%2FDNnLvudYctzsQGmX8WwhVu2LTsOaiNcSx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
76282e7a2e449048-FRA
op3-reboot.css
www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/css/op3-reboot.css?ver=6.0.3
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87e079fab3ff3737a28cd0b7d0d7a40f8b96e9fa32b19a2878ecd6cce92009e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 14 Jul 2022 10:29:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62cff026-ed3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BZcSjG0LqWjHh%2Bw43FUkFFk%2FrtkS1uLbc7KaSsYsQBMU4qbwuFGC8filUYT2KXlFjsqlfuf13BasscQTGthdB0qQppFQpT8ctbFPHJYJUXCE6LayETLEj4Hiu5vzmCwHCN6qD%2FljqfwY%2FUtIZ5WCjWSHr20"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7a2e469048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
page-144.css
www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/ 		142 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/page-144.css?ver=bbf5456d5b81744065610ad31c2c74c6
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0dc18963548b6fe155672626d267eb8e4e97b4e7cb3a756fcffc482918f24d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 17 Oct 2022 23:52:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634dead0-23660"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3vdP%2FadNbxTU2gVGe8BigIG0wrOqOuNX1EJY5xAL%2BAtaGNy9GttjkGTakZHsGHOBxWuPBrOmsZn56sZ4xa42b5bgkz8moduZ3ot1oEm4c4bSlhspvHiXAMfJg7dXb%2FbmRWlNMcKsyBLKAqOJ1QeQZxexiWe"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7a2e489048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.min.js
www.megadroughtusa.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDCLJZvaZJWTGuL5J0%2B7YWL7WXgraJ6HuGspfI6y3LVmh5J4nvSTuBIzztlE%2BIhIrC8XnCg5k01AFCW4HHRFAPTc0TdTqFBJcT3BRhguv%2BPiWw0oTHa58mAMwOXDEAzamqVra5FNKEglG66X9XY1ksxl5Ofz"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7a2e499048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery-migrate.min.js
www.megadroughtusa.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb%2BJaEbsy0Nrk6MxCHX6s%2BMTocTQ3wnd1cLY5jpXhGXvNOJWDfSU36iofjNC4mJat0tuSTrND8%2FxW%2Bch9ptvzn25cY2Lw4HhmeEGN7D2cUg8VuY2PFdrk%2Fb2xRG7kC2Z03yYjw5VEZIk7NxylXkRwq6QYouW"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7a2e4a9048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
tracking.js
www.megadroughtusa.com/wp-content/plugins/op-dashboard/public/assets/js/ 		780 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/op-dashboard/public/assets/js/tracking.js?ver=1.0.75
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab0ccf195bc865483d724c47309052710eec55a1ebcea8d2e61ee4d6875f85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 14 Jul 2022 10:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62cff020-30c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGYNVETKgrAA3oW%2BZx4f2HNENnzigyeIH5ZqXRC%2FyH%2BQd97L6wv%2B1ELiZsgFTymtuOVY2q6BkD44u57dRkZ6k%2BSm9UC8LUaGQHVYbO6KqcC%2FmT59zXCF8uXhVGmFS5k3V209th79shDuhpzeb1YZdc7em%2FOc"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7a2e4b9048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
player.js
player.vimeo.com/api/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7919e42c1593715dd408c9f1e4b5c51b5b80ead7dc71b94535180b452724519f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-varnish-cache
1
Date
Mon, 31 Oct 2022 00:12:52 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
CF-Cache-Status
DYNAMIC
via
1.1 varnish, 1.1 varnish
Age
994
X-Cache
HIT
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires
Mon, 31 Oct 2022 00:26:18 GMT
x-host
player-8755c65b6-xcrh8
Connection
keep-alive
x-vserver
playproxy-rollout-prod-varnish-0
Content-Length
6272
x-xss-protection
1; mode=block
X-Served-By
cache-fra-eddf8230126-FRA
X-Player-Backend
p
Server
cloudflare
X-Timer
S1667175172.235429,VS0,VE0
x-backend-proxy
playproxy1
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
player-8755c65b6-xcrh8
Accept-Ranges
bytes
CF-RAY
76282e7a68d668e5-FRA
X-Cache-Hits
134
OrderNow.png
www.megadroughtusa.com/wp-content/uploads/2022/06/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megadroughtusa.com/wp-content/uploads/2022/06/OrderNow.png
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3fb29e18c62d65dd38ea1b95939223506292e04e861834d9c5ed54303d7ffdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49992
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 13:45:51 GMT
server
cloudflare
etag
"62bb060f-c348"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2paEqJ7MdlJhw0lIxQcXbVkyhcg8SKw1DE5%2FNDyg%2FNqgVf5rbWCBDPcS1%2BxNj9F2lpoMbgKsrIegoSC3b9a9iAply1MHhn25XXcgkASBl13E2Q3V19mBC2WBMjRem%2BsDLw8Z5jLhdoKEF8tU6el1oh6%2FFfdb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
76282e7d18f69048-FRA
wait-3.jpg
www.megadroughtusa.com/wp-content/uploads/2022/07/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megadroughtusa.com/wp-content/uploads/2022/07/wait-3.jpg
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49d8a38cc169e30360a5d3cb6e9c3b2fa8fa60b2be912756a1f601f95586834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20574
x-xss-protection
1; mode=block
last-modified
Fri, 01 Jul 2022 14:41:14 GMT
server
cloudflare
etag
"62bf078a-505e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ82FP4hh%2F9%2BwpBbyAWyK0xP%2BAQgRYkgmZC%2Furj74JNK%2F75E0fz7j3DSCxfeexdFUPBYzxdGyvxBNa68SfBG9xvsPIJ91c6Dx72uBPcIpc4WF10Kw5lU41ElwEOAhSQdnNUXxbnuHgv2ASacFnOHrEz0aTbi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
76282e7d18f89048-FRA
jetpack.css
www.megadroughtusa.com/wp-content/plugins/jetpack/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.1.1
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 14 Jul 2022 10:30:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62cff02c-14e9d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BItVF9a5FHUygyGBXqItrCoMlWSAnVFIH7WNqgZzuhLQ1kuA9l0bKwajvubRi1M4t9IqDdiYCcSUzhNfWmbQNWJg2%2B6rPvEpRgloLWKB4eyPol5fyT5PA5CKB2rGrPKjwO3Y86CzDVrYqLCri6uRcGhcYoGf"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7cf8da9048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
page-144.nodelay.js
www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/page-144.nodelay.js?ver=bbf5456d5b81744065610ad31c2c74c6
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f395183593181636f8846c67ce649d9a1316d7c78ae7abc7c21a61a4f29a4bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 17 Oct 2022 23:52:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634dead0-5a98"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnUcjPW5PpLVK%2Fzim33Tv4%2Fdy%2BZx%2FiCqxANkklf7WnzBPpP%2B5eKzd7AOhfTRoMpYwtT%2FF9TklwoCaAH1X7JZ1RIpcKDI9m48sPdkI%2FlR%2BARXGOZNKR1jcPUDyOp%2B5GX7Fns22k2fJx3MC%2B7y2UP0OaKp5Y6I"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7d18f09048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
page-144.js
www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/page-144.js?ver=bbf5456d5b81744065610ad31c2c74c6
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d43bc7c497fc1f220326041fde35caced661216efb3f6b73631ccf3c992815a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 17 Oct 2022 23:52:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634dead0-1ea8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNrtjsHzvg0lS3cdo6pt35jqyDjAOz6hXjeeyGT9hKudAIdSkmOG35LRNNkD%2BPwM9hyaXGqXIJZpl1z%2BV90xe%2B41MnXEyxBmHOobglmRdPhk4DpBzATKTSsm2yu%2FDXF7HOFBRFp8OmF9MU8O0GKomYZEwuEX"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7d18f39048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
disclaimer
display.buygoods.com/v1/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=7248
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6d9e66cf11f6cb8163237a4bd2f4def4fd630e9b2b7862567746eb43afe10fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
cf-ray
76282e7d7fae5c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
www.megadroughtusa.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62551487-48b9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5GLrNY2LHDaYEH8dBqW7j%2FkUmtvjtIzS%2Fc9mydo82dNrcnevXrrveTyFYZmgMxINvu43W%2BZ7HxclChw1wtdejcJnyDJCJxU3nck2nbpuiTxrXMiT1i6xsEGmXnM7daNeft%2BR4E0nuET2CKYSk2jKRDd0VSS"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7d18fb9048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/webp
page-144.svg
www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/ 		742 B
833 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.megadroughtusa.com/wp-content/plugins/op-builder/public/assets/cache/page-144.svg?ver=1658686519
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46d589cd20e6457fd974ef4a735ffdf2c3df91829157c2997b0a4287294300f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 17 Oct 2022 23:52:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634dead0-2e6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1QPkWWjl%2FkDcsAGMtIkH9Ccmsyz0IaPELK%2F6Og67nP0iWhGd4hFc5NRFt6gZnfwyvs1dI4kQS40IODr3uO54w4bNvP6jxAQfMkkT75AqOs4ePznC61dgcKnnep1A1Q1PN06eL6GUxS5fkssZsiz2jLbq2uh"}],"group":"cf-nel","max_age":604800}
cf-ray
76282e7d19099048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700,900|IBM+Plex+Sans:400,700|Poppins:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megadroughtusa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:45:00 GMT
x-content-type-options
nosniff
age
401272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 08:45:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700,900|IBM+Plex+Sans:400,700|Poppins:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megadroughtusa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
212279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 13:14:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700,900|IBM+Plex+Sans:400,700|Poppins:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megadroughtusa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options
nosniff
age
241403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 05:09:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700,900|IBM+Plex+Sans:400,700|Poppins:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megadroughtusa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options
nosniff
age
537738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 18:50:34 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700,900|IBM+Plex+Sans:400,700|Poppins:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megadroughtusa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 23:13:52 GMT
x-content-type-options
nosniff
age
262740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18000
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 23:13:52 GMT
buygoods_black.png
www.buygoods.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buygoods.com/images/buygoods_black.png
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:53 GMT
cf-cache-status
HIT
age
294411
cf-polished
origFmt=png, origSize=9596
content-disposition
inline; filename="buygoods_black.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4492
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 Sep 2017 06:30:00 GMT
server
cloudflare
etag
"59b77ee8-257c"
vary
Accept
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
76282e7f9b0a5c20-FRA
expires
Thu, 28 Oct 2032 00:12:53 GMT
/
tracking.buygoods.com/track/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=7472&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Fcomplethealthsolution.org%2F&sessid2=&product=AirFountainVSL&caller_url=https%3A%2F%2Fwww.megadroughtusa.com%2F%3Faff_id%3D142%26subid%3D2ngif1028airfountain
Requested by
Host: www.megadroughtusa.com
URL: https://www.megadroughtusa.com/?aff_id=142&subid=2ngif1028airfountain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105b6f074652c66a1a81aad9f95b575b5b600acd59178f8bbc069504b6745cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 00:12:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control
no-cache, must-revalidate
cf-ray
76282e803e61bb5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, Jan 12 1999 01:01:01 GMT
oembed.json
vimeo.com/api/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F725765235&videoId=725765235&mobileVideoId=725765646&width=853&height=480&autoplay=true&autopause=false&byline=false&controls=true&muted=true&playsinline=true&portrait=false&timeupdateFrequency=1000&id=725765235
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/api/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93ccedc45f75aa43fe99b84aabf0b9ebf7faffdc2528738a25b90596dd04dd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megadroughtusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-varnish-cache
0
Date
Mon, 31 Oct 2022 00:12:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
via
1.1 varnish, 1.1 varnish, 1.1 varnish
Content-Encoding
gzip
Age
0
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-vserver
webproxy-rollout-prod-varnish-9
Content-Length
590
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
X-Served-By
cache-iad-kiad7000158-IAD, cache-hhn4065-HHN
last-modified
Sun, 30 Oct 2022 23:46:35 GMT
Server
cloudflare
X-Timer
S1667175173.134506,VS0,VE145
etag
"58c61433361121a56d961caf8b7bde0f44d6fd16"
x-backend-proxy
webproxy10
x-frame-options
sameorigin
Vary
Accept-Encoding
Content-Type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-6d74588785-n8mxb
Accept-Ranges
bytes
CF-RAY
76282e7ffe63bc03-FRA
access-control-allow-headers
X-Requested-With
X-Cache-Hits
0, 0
725765235
player.vimeo.com/video/ Frame A6CE 		18 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/725765235?h=7830496ec4&byline=0&portrait=0&muted=1&autoplay=1&autopause=0&app_id=122963
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/api/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c533f1ddaddf9a325e3be320f556a4e4bdbc2e897b69e28dfb8ad60fbfed86
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.megadroughtusa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
76282e812f1468e5-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 00:12:53 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS
X-Cache-Hits
0
X-Player-Backend
p
X-Served-By
cache-fra-eddf8230126-FRA
X-Timer
S1667175173.325787,VS0,VE230
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
expires
Mon, 31 Oct 2022 00:22:53 GMT
link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-backend-proxy
playproxy7
x-bapp-server
player-8755c65b6-6s4tc
x-content-type-options
nosniff
x-host
player-8755c65b6-6s4tc
x-varnish-cache
0
x-vserver
playproxy-rollout-prod-varnish-6
x-xss-protection
1; mode=block
player.de-DE.module.js
f.vimeocdn.com/p/4.11.11/js/ Frame A6CE 		457 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/js/player.de-DE.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/725765235?h=7830496ec4&byline=0&portrait=0&muted=1&autoplay=1&autopause=0&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f0bd9fb2c05f860608c1547413c267f4092a3090ab4c7d1485c60ca3235c35d

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000164-IAD, cache-hhn4024-HHN
date
Mon, 31 Oct 2022 00:12:53 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
551100
x-timer
S1667175174.644348,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
109728
x-cache-hits
2, 86298
vendor.de-DE.module.js
f.vimeocdn.com/p/4.11.11/js/ Frame A6CE 		0
0
player.css
f.vimeocdn.com/p/4.11.11/css/ Frame A6CE 		205 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/725765235?h=7830496ec4&byline=0&portrait=0&muted=1&autoplay=1&autopause=0&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96a380786ad6cbf73028a0bfc7ac24d210cb66c03a4d1dc5766868fbbd402e60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100084-IAD, cache-hhn4039-HHN
date
Mon, 31 Oct 2022 00:12:53 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
551133
x-timer
S1667175174.643615,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20368
x-cache-hits
3, 359127
vendor.module.js
f.vimeocdn.com/p/4.11.11/js/ Frame A6CE 		471 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Requested by
Host: click.healthzimo.com
URL: https://click.healthzimo.com/?t=c&ids=MTg0ODIyMjIx__NDU5OQ==__Mzc2NjM2Mg==__Mzkx&url=aHR0cHMlM0ElMkYlMkZjb21wbGV0aGVhbHRoc29sdXRpb24ub3JnJTJGZTM5YQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd0d282d40334b40d702f4ae6c2f98c3edc40c0be9eec78688aad6d06aea5082

Request headers

Referer
https://f.vimeocdn.com/p/4.11.11/js/player.de-DE.module.js
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200171-IAD, cache-hhn4024-HHN
date
Mon, 31 Oct 2022 00:12:53 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
551128
x-timer
S1667175174.718982,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
116484
x-cache-hits
19, 222734
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame A6CE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/725765235?h=7830496ec4&byline=0&portrait=0&muted=1&autoplay=1&autopause=0&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000106-IAD, cache-hhn4039-HHN
date
Mon, 31 Oct 2022 00:12:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
975335
x-timer
S1667175174.792183,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
997
x-cache-hits
120, 410455
player-test-impression
fresnel.vimeocdn.com/add/ Frame A6CE 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 31 Oct 2022 00:12:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1461012959-efbab44f2811a2bbe6efbb38a20eb01bffa64af89776e97b861c121977a924cc-d
i.vimeocdn.com/video/ Frame A6CE 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1461012959-efbab44f2811a2bbe6efbb38a20eb01bffa64af89776e97b861c121977a924cc-d?mw=900&mh=506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afbb18adf20e9177fa6ed0f79b2316a24cc431746986663b15e06ebffa49a550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:12:53 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1937635
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
12631
viewmaster-server
viewmaster-us-central1-l34d
x-served-by
cache-dfw-kdfw8210082-DFW, cache-hhn4039-HHN
x-timer
S1667175174.828291,VS0,VE1
etag
61dadb91ce0049d719afd17b15f815a8
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
43, 1
player-stats
fresnel.vimeocdn.com/add/ Frame A6CE 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=db6dc2651cbbd23dcc6cec2dec7c440922b7e6501667175173
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 31 Oct 2022 00:12:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
player-stats
fresnel.vimeocdn.com/add/ Frame A6CE 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=db6dc2651cbbd23dcc6cec2dec7c440922b7e6501667175173
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 31 Oct 2022 00:12:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
play
player-telemetry.vimeo.com/player-events/log/ Frame A6CE 		0
162 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://player-telemetry.vimeo.com/player-events/log/play
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 31 Oct 2022 00:12:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
master.json
9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f38... Frame A6CE 		299 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f3868/sep/video/0978aecf,6f1c3ce9,f09b7e46,a21b63a7/audio/c21bd7a3,eb971d72,32a1e2ef/master.json?query_string_ranges=1&base64_init=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:6::17d8:4db4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac4e7f1689be1b917fcd82d8a980a214ab57f7609206a3341c19df4c59eff8d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 00:12:53 GMT
Content-Encoding
gzip
X-VIM-CACHEBC
EP:H11,E:h
origin-retrieved-hour
1664697600
Connection
keep-alive
Akamai-Mon-Iucid-Del
877678
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
67594
AK-REFERENCE-ID
0.b46f1002.1667175173.4c39e96
Access-Control-Max-Age
86400
Vary
Accept-Encoding
Aka-c-hit
cache-hit
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control
max-age=29061673
Akamai-Edge-IP
2a02:26f0:3500:6::17d8:4db4
timing-allow-origin
*
Access-Control-Allow-Headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
vuid
vimeo.com/ablincoln/ Frame A6CE 		0
894 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=db6dc2651cbbd23dcc6cec2dec7c440922b7e6501667175173
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sun, 30 Oct 2022 12:12:54 GMT
Date
Mon, 31 Oct 2022 00:12:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Via
1.1 varnish, 1.1 varnish
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kjyo7100140-IAD, cache-hhn4032-HHN
x-ua-compatible
IE=edge
x-vimeo-device
d
Server
cloudflare
X-Timer
S1667175174.971550,VS0,VE124
x-backend-proxy
webproxy6
x-frame-options
sameorigin
Vary
User-Agent
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-6d74588785-pwzfc
Accept-Ranges
bytes
CF-RAY
76282e852e58bb53-FRA
X-Cache-Hits
0, 0
player-stats
fresnel.vimeocdn.com/add/ Frame A6CE 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=db6dc2651cbbd23dcc6cec2dec7c440922b7e6501667175173
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 31 Oct 2022 00:12:54 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
eb971d72.mp4
9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f38... Frame A6CE 		48 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f3868/parcel/audio/eb971d72.mp4?r=dXM%3D&range=5115-54542
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:6::17d8:4db4 -, , ASN (),
Reverse DNS
Software
parcel /
Resource Hash
b14c34f667007afd3ee38493842078b07ba76492b241c593dcc25d0def03ca02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 00:12:54 GMT
X-VIM-CACHEBC
EP:H11,E:h
origin-retrieved-hour
1656691200
Connection
keep-alive
Akamai-Mon-Iucid-Del
877678
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
49428
AK-REFERENCE-ID
0.b46f1002.1667175174.4c39e98
Last-Modified
Fri, 01 Jul 2022 16:15:42 GMT
Server
parcel
Access-Control-Max-Age
86400
Aka-c-hit
cache-hit
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control
private, max-age=21054429
Akamai-Edge-IP
2a02:26f0:3500:6::17d8:4db4
Accept-Ranges
bytes
timing-allow-origin
*
Access-Control-Allow-Headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 01 Jul 2023 16:40:03 GMT
6f1c3ce9.mp4
9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f38... Frame A6CE 		117 KB
118 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f3868/parcel/video/6f1c3ce9.mp4?r=dXM%3D&range=5114-124557
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:6::17d8:4db4 -, , ASN (),
Reverse DNS
Software
parcel /
Resource Hash
6071aac8c1876ca8cb7aa89823cae4db6e747342da1f18df931c6c0df7d0c9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 00:12:54 GMT
X-VIM-CACHEBC
EP:H11,E:h
origin-retrieved-hour
1656691200
Connection
keep-alive
Akamai-Mon-Iucid-Del
877678
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
119444
AK-REFERENCE-ID
0.b46f1002.1667175174.4c39e9b
Last-Modified
Fri, 01 Jul 2022 16:16:03 GMT
Server
parcel
Access-Control-Max-Age
86400
Aka-c-hit
cache-hit
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control
private, max-age=21054329
Akamai-Edge-IP
2a02:26f0:3500:6::17d8:4db4
Accept-Ranges
bytes
timing-allow-origin
*
Access-Control-Allow-Headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 01 Jul 2023 16:38:23 GMT
32a1e2ef.mp4
9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f38... Frame A6CE 		71 KB
73 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f3868/parcel/audio/32a1e2ef.mp4?r=dXM%3D&range=5115-78300
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:6::17d8:4db4 -, , ASN (),
Reverse DNS
Software
parcel /
Resource Hash
5757aaf3810327213471b40ee442c31c86583674bb7ce30bb0a5b66c1874ff8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 00:12:54 GMT
X-VIM-CACHEBC
EP:H11,E:h
origin-retrieved-hour
1660579200
Connection
keep-alive
Akamai-Mon-Iucid-Del
877678
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
73186
AK-REFERENCE-ID
0.b46f1002.1667175174.4c39e9d
Last-Modified
Fri, 01 Jul 2022 16:15:18 GMT
Server
parcel
Access-Control-Max-Age
86400
Aka-c-hit
cache-hit
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control
private, max-age=29236791
Akamai-Edge-IP
2a02:26f0:3500:6::17d8:4db4
Accept-Ranges
bytes
timing-allow-origin
*
Access-Control-Allow-Headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Wed, 04 Oct 2023 09:32:45 GMT
a21b63a7.mp4
9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f38... Frame A6CE 		528 KB
529 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://9vod-adaptive.akamaized.net/exp=1667183961~acl=%2Fbeca7d4d-7b01-4520-bec4-6ef3e88f3868%2F%2A~hmac=71999f83723a163545d5da7d1a94d8a8b81d86aa64f4477410f759a77eef0506/beca7d4d-7b01-4520-bec4-6ef3e88f3868/parcel/video/a21b63a7.mp4?r=dXM%3D&range=5111-545666
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:6::17d8:4db4 -, , ASN (),
Reverse DNS
Software
parcel /
Resource Hash
d64c56556c2bb551c723d867c35a64a1d53185eeed383464c2c9b2f01cac7eb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 00:12:54 GMT
X-VIM-CACHEBC
EP:H11,E:h
origin-retrieved-hour
1656691200
Connection
keep-alive
Akamai-Mon-Iucid-Del
877678
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
540556
AK-REFERENCE-ID
0.b46f1002.1667175174.4c39e9e
Last-Modified
Fri, 01 Jul 2022 16:19:13 GMT
Server
parcel
Access-Control-Max-Age
86400
Aka-c-hit
cache-hit
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control
private, max-age=21054374
Akamai-Edge-IP
2a02:26f0:3500:6::17d8:4db4
Accept-Ranges
bytes
timing-allow-origin
*
Access-Control-Allow-Headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 01 Jul 2023 16:39:08 GMT
player-stats
fresnel.vimeocdn.com/add/ Frame A6CE 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
f.vimeocdn.com
URL
https://f.vimeocdn.com/p/4.11.11/js/vendor.de-DE.module.js
Domain
fresnel.vimeocdn.com
URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=db6dc2651cbbd23dcc6cec2dec7c440922b7e6501667175173

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wca object| _wpemojiSettings undefined| $ function| jQuery object| OPDashboardStats object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| twemoji object| wp object| OP3 number| EXITINTENT_OFFSET object| spitoday object| spiexpire function| SPIGetDomainName string| hostname object| spi_myNodelist number| spi_i string| spi_pattern_enc_bg string| spi_pattern_base_bg string| spi_replace_str_bg string| spi_pattern_enc_bg_html string| spi_pattern_base_bg_html string| spi_replace_str_bg_html string| spi_pattern_enc_bg_html2 string| spi_pattern_base_bg_html2 string| spi_replace_str_bg_html2 string| spi_pattern_enc_spi string| spi_pattern_base_spi string| spi_replace_str_spi string| spi_pattern_enc_cbd string| spi_pattern_base_cbd string| spi_replace_str_cbd string| spi_pattern_enc_cbd_html string| spi_pattern_base_cbd_html string| spi_replace_str_cbd_html string| spi_replace_enc_cbd string| spi_replace_enc_cbd_html string| spi_replace_enc_bg string| spi_replace_enc_bg_html string| spi_replace_enc_bg_html2 string| spi_replace_enc_spi string| spi_track_link

10 Cookies

Domain/Path Name / Value
complethealthsolution.org/ Name: prli_click_30
Value: e39a
complethealthsolution.org/ Name: prli_visitor
Value: 635f1303040ef
.vimeo.com/ Name: __cf_bm
Value: V7lNZ2UVjO_kMzQ__098_CMtrD.3GjfxaAKfFpRNS5s-1667175172-0-Ac5oOqqVmioPJpia6nk/EeHHbqS/uERL3KCf0VOLEZc/Vpgp8lXNpu/7rYJvTiHEwb2Noqsu9EDpQrr+Yyba5Dk=
www.megadroughtusa.com/ Name: firstVisit
Value: 1
.megadroughtusa.com/ Name: sessid2
Value: sessid20221031001238046
.megadroughtusa.com/ Name: spi_funnel_codename
Value:
.megadroughtusa.com/ Name: aff_id
Value: 142
.megadroughtusa.com/ Name: sid
Value: 2ngif1028airfountain
.megadroughtusa.com/ Name: campaign_id
Value:
.megadroughtusa.com/ Name: referrer
Value: 2001:1b60:2:240:3247::3:complethealthsolution.org:www.megadroughtusa.com

1 Console Messages

Source Level URL
Text
other warning URL: https://player.vimeo.com/api/player.js(Line 1)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9vod-adaptive.akamaized.net
click.healthzimo.com
complethealthsolution.org
display.buygoods.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
player-telemetry.vimeo.com
player.vimeo.com
tracking.buygoods.com
vimeo.com
www.buygoods.com
www.megadroughtusa.com
f.vimeocdn.com
fresnel.vimeocdn.com
151.101.114.109
162.159.128.61
162.159.138.60
170.187.185.18
2606:4700:3035::6815:5534
2606:4700:3108::ac42:28ea
2606:4700:3108::ac42:2b73
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a02:26f0:3500:6::17d8:4db4
2a06:98c1:3121::3
34.120.202.204
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
105b6f074652c66a1a81aad9f95b575b5b600acd59178f8bbc069504b6745cfd
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
300c07dfd6ba89f1c31169e675d7d7d2c7a4585f0c7699c23951507a8b50bc08
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
433a69a6aed6a4b9916f79bff1a9d50525a5db5943e2836720b977438a279825
46c533f1ddaddf9a325e3be320f556a4e4bdbc2e897b69e28dfb8ad60fbfed86
4d43bc7c497fc1f220326041fde35caced661216efb3f6b73631ccf3c992815a
4f0bd9fb2c05f860608c1547413c267f4092a3090ab4c7d1485c60ca3235c35d
5757aaf3810327213471b40ee442c31c86583674bb7ce30bb0a5b66c1874ff8d
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6071aac8c1876ca8cb7aa89823cae4db6e747342da1f18df931c6c0df7d0c9fd
6440f98f02e287d169f4791d11a0eeb066aa0615980676346ca91591fe9699d9
6d9e66cf11f6cb8163237a4bd2f4def4fd630e9b2b7862567746eb43afe10fc4
7919e42c1593715dd408c9f1e4b5c51b5b80ead7dc71b94535180b452724519f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
96a380786ad6cbf73028a0bfc7ac24d210cb66c03a4d1dc5766868fbbd402e60
9f395183593181636f8846c67ce649d9a1316d7c78ae7abc7c21a61a4f29a4bd
ab0ccf195bc865483d724c47309052710eec55a1ebcea8d2e61ee4d6875f85fe
ac4e7f1689be1b917fcd82d8a980a214ab57f7609206a3341c19df4c59eff8d1
afbb18adf20e9177fa6ed0f79b2316a24cc431746986663b15e06ebffa49a550
b14c34f667007afd3ee38493842078b07ba76492b241c593dcc25d0def03ca02
b3fb29e18c62d65dd38ea1b95939223506292e04e861834d9c5ed54303d7ffdb
b93ccedc45f75aa43fe99b84aabf0b9ebf7faffdc2528738a25b90596dd04dd8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
d0dc18963548b6fe155672626d267eb8e4e97b4e7cb3a756fcffc482918f24d3
d64c56556c2bb551c723d867c35a64a1d53185eeed383464c2c9b2f01cac7eb0
d87e079fab3ff3737a28cd0b7d0d7a40f8b96e9fa32b19a2878ecd6cce92009e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46d589cd20e6457fd974ef4a735ffdf2c3df91829157c2997b0a4287294300f
e49d8a38cc169e30360a5d3cb6e9c3b2fa8fa60b2be912756a1f601f95586834
eb1adb64615d875b4de8d5ba7e24c69ffd128108712caeadfe668711a9995184
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc155a54589b146b815384dc367d91b5e81a3c1c1764c6041d5e5e8e62015702
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd0d282d40334b40d702f4ae6c2f98c3edc40c0be9eec78688aad6d06aea5082