midasmanifestation.com Open in urlscan Pro
5.134.14.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://10minuteawakening.net/86ys
Effective URL:
https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Submission: On December 06 via api (December 6th 2021, 10:46:15 pm UTC) from BE — Scanned from DE

Summary HTTP 91 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 26 domains to perform 91 HTTP transactions. The main IP is 5.134.14.14, located in United Kingdom and belongs to UKNOC-AS, GB. The main domain is midasmanifestation.com.
TLS certificate: Issued by R3 on December 1st 2021. Valid for: 3 months.

This is the only time midasmanifestation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2406:da00:ff0... 2406:da00:ff00::36f3:1cdc	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2406:da00:ff0... 2406:da00:ff00::36f3:a8cb	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.161.191.48 35.161.191.48	16509 (AMAZON-02) (AMAZON-02)
2 24	5.134.14.14 5.134.14.14	34282 (UKNOC-AS) (UKNOC-AS)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	52.217.195.33 52.217.195.33	16509 (AMAZON-02) (AMAZON-02)
1	192.99.140.202 192.99.140.202	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	18.66.112.12 18.66.112.12	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
91	28

1 2406:da00:ff00::36f3:1cdc (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

10minuteawakening.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da00:ff00::36f3:a8cb (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

newre-conversions.clickmeter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.161.191.48 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-191-48.us-west-2.compute.amazonaws.com

hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cbtb.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 5.134.14.14 (United Kingdom) 2 redirects

ASN34282 (UKNOC-AS, GB)
PTR: grh35.myukcloud.com

midasmanifestation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

kenwheeler.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.195.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

splitpagesimagesdfg.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.140.202 (Canada)

ASN16276 (OVH, FR)
PTR: ip202.ip-192-99-140.net

www.ultramanifesting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-12.fra56.r.cloudfront.net

prod.cbstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)

quick.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-boise.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	midasmanifestation.com 2 redirects midasmanifestation.com	2 MB
12	facebook.com www.facebook.com	1 KB
10	youtube.com www.youtube.com	726 KB
7	facebook.net connect.facebook.net	547 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
4	google-analytics.com www.google-analytics.com	54 KB
4	vidalytics.com quick.vidalytics.com	939 KB
4	cbstatic.net prod.cbstatic.net	65 KB
4	googletagmanager.com www.googletagmanager.com	151 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	36 KB
3	clickbank.net 2 redirects hop.clickbank.net cbtb.clickbank.net	3 KB
2	google.com www.google.com	14 KB
2	jsdelivr.net cdn.jsdelivr.net	12 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	38 KB
1	ytimg.com i.ytimg.com	15 KB
1	ggpht.com yt3.ggpht.com	5 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	google.de www.google.de	548 B
1	bbb.org seal-boise.bbb.org	5 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	ultramanifesting.com www.ultramanifesting.com	3 KB
1	amazonaws.com splitpagesimagesdfg.s3.amazonaws.com
1	github.io kenwheeler.github.io	1 KB
1	clickmeter.com 1 redirects newre-conversions.clickmeter.com	717 B
1	10minuteawakening.net 1 redirects 10minuteawakening.net	536 B
91	26

	Domain	Requested by
24	midasmanifestation.com	2 redirects midasmanifestation.com
12	www.facebook.com	midasmanifestation.com
10	www.youtube.com	midasmanifestation.com www.youtube.com
7	connect.facebook.net	midasmanifestation.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	quick.vidalytics.com	midasmanifestation.com quick.vidalytics.com
4	prod.cbstatic.net	cbtb.clickbank.net prod.cbstatic.net midasmanifestation.com
4	www.googletagmanager.com	midasmanifestation.com www.googletagmanager.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	fonts.googleapis.com	midasmanifestation.com
2	www.google.com	midasmanifestation.com www.youtube.com
2	cdn.jsdelivr.net	midasmanifestation.com
2	hop.clickbank.net	2 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	www.google.de	midasmanifestation.com
1	seal-boise.bbb.org	midasmanifestation.com
1	www.googleadservices.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	midasmanifestation.com
1	cdnjs.cloudflare.com	midasmanifestation.com
1	ajax.googleapis.com	midasmanifestation.com
1	www.ultramanifesting.com	midasmanifestation.com
1	splitpagesimagesdfg.s3.amazonaws.com	midasmanifestation.com
1	cbtb.clickbank.net	midasmanifestation.com
1	kenwheeler.github.io	midasmanifestation.com
1	stackpath.bootstrapcdn.com	midasmanifestation.com
1	newre-conversions.clickmeter.com	1 redirects
1	10minuteawakening.net	1 redirects
91	30

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
www.clkbank.com

Subject Issuer	Validity	Valid
midasmanifestation.com R3	`2021-12-01` - `2022-03-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.clickbank.net Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
www.ultramanifesting.com R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.cbstatic.net Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
quick.vidalytics.com Cloudflare Inc ECC CA-3	`2021-08-17` - `2022-08-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.bbb.org GeoTrust RSA CA 2018	`2020-05-15` - `2022-07-03`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Frame ID: BF78BD0FDF87A5A7F912179553A8068B
Requests: 77 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
Frame ID: 79DD96C2898A00B869E56D70920817F6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Midas Manifestation (1)

Page URL History Show full URLs

http://10minuteawakening.net/86ys HTTP 302
https://newre-conversions.clickmeter.com/redirect?id=MjDXQKpxasRCKduDVcXx51Q9K2aCopmHGc9khmddQMQnXVpRY6rZxWaKo6AFkMsx... HTTP 302
https://hop.clickbank.net/?affiliate=neuro99&vendor=midasman88 HTTP 301
https://hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2FMidasManifestation.com%2Fvsl%3Fhop%3Dneuro99&h... HTTP 301
https://midasmanifestation.com/vsl?hop=neuro99&vendor=midasman88 HTTP 302
https://midasmanifestation.com/presentation?hop=neuro99&vendor=midasman88 HTTP 301
https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88 Page URL

Page Statistics

91
Requests

99 %
HTTPS

79 %
IPv6

26
Domains

30
Subdomains

28
IPs

5
Countries

4465 kB
Transfer

11003 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bbb.org/snakeriver/business-reviews/internet-shopping/clickbank-in-boise-id-5004291/#bbbonlineclick

Search URL Search Domain Scan URL

URL: https://www.clkbank.com/#!/
Title: Order Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://10minuteawakening.net/86ys HTTP 302
https://newre-conversions.clickmeter.com/redirect?id=MjDXQKpxasRCKduDVcXx51Q9K2aCopmHGc9khmddQMQnXVpRY6rZxWaKo6AFkMsxfxN2YyqEFnaRq9Ap4Qg9RTAM7DdPZxyLcnBguuHcSU3622WwMXWSaShUnKf9mPaxKWZpY2vo6EsxCs9MB1GuuLk4LJ2ymYhuZFLqWwfkskzAwjQ HTTP 302
https://hop.clickbank.net/?affiliate=neuro99&vendor=midasman88 HTTP 301
https://hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2FMidasManifestation.com%2Fvsl%3Fhop%3Dneuro99&hstr=1638830769096%7Cneuro99%7C%7Ca259946a-0444-489d-946a-15016fc4feee%7C%7Cmidasman88&code=%7B0%2C+7%7D&key=D93C9032&parms=vendor%3Dmidasman88&s=default&ds=2&ts=01.1D8649F84A3CF660546124436300E9FA70DAFF17 HTTP 301
https://midasmanifestation.com/vsl?hop=neuro99&vendor=midasman88 HTTP 302
https://midasmanifestation.com/presentation?hop=neuro99&vendor=midasman88 HTTP 301
https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
midasmanifestation.com/presentation/
Redirect Chain

http://10minuteawakening.net/86ys
https://newre-conversions.clickmeter.com/redirect?id=MjDXQKpxasRCKduDVcXx51Q9K2aCopmHGc9khmddQMQnXVpRY6rZxWaKo6AFkMsxfxN2YyqEFnaRq9Ap4Qg9RTAM7DdPZxyLcnBguuHcSU3622WwMXWSaShUnKf9mPaxKWZpY2vo6EsxCs9M...
https://hop.clickbank.net/?affiliate=neuro99&vendor=midasman88
https://hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2FMidasManifestation.com%2Fvsl%3Fhop%3Dneuro99&hstr=1638830769096%7Cneuro99%7C%7Ca259946a-0444-489d-946a-15016fc4feee%7C%7Cmidasman88&code=%7B0...
https://midasmanifestation.com/vsl?hop=neuro99&vendor=midasman88
https://midasmanifestation.com/presentation?hop=neuro99&vendor=midasman88
https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

63 KB
17 KB

38ms
37ms

Document
text/html

5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: daf15a48d77ace1360802cc62c32adb717faf14381ddcc1d93a530ec85c30bb9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Dec 2021 22:46:09 GMT
server: LiteSpeed

Redirect headers

content-type: text/html
content-length: 707
date: Mon, 06 Dec 2021 22:46:09 GMT
server: LiteSpeed
location: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 47ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://midasmanifestation.com/
Origin: https://midasmanifestation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 19673311
cdn-cachedat: 2021-04-23 07:54:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9af9ad17a338ceec3264c4a486535b6e
cf-ray: 6b990c765d757031-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 slick.css
cdn.jsdelivr.net/jquery.slick/1.5.9/ 2 KB
1 KB 31ms
14ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.5.9/slick.css

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3635951
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"6e7-Q5BV+bnR9eifa1KzDU5LojJxc1E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b990c764e6e4e92-FRA

GET
H2 200 slick-theme.css
kenwheeler.github.io/slick/slick/ 3 KB
1 KB 41ms
18ms Stylesheet
text/css 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://kenwheeler.github.io/slick/slick/slick-theme.css
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 2e6f36f0bd11aa8f8a862f463a7497b2e877968e
date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: gzip
age: 331
x-cache: HIT
content-length: 882
x-served-by: cache-fra19173-FRA
access-control-allow-origin: *
last-modified: Mon, 02 Jul 2018 12:58:42 GMT
server: GitHub.com
x-github-request-id: B7D6:7F24:1FC664:210457:619599CE
x-timer: S1638830770.660863,VS0,VE1
etag: W/"5b3a2182-c49"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 18 Nov 2021 00:06:48 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:49:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 22:46:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato|Oswald

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88f4430fa8bd79c100b51f557c31074461cafa4389939768d1a3579cde53b73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 22:45:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 22:46:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
778 B 48ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,800

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b23f57d6b1ee64a394213f2e37e59e180e1d89bb1116423c3281daf51f08b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:08:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 22:46:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 fonts.css
midasmanifestation.com/presentation/fonts/ 818 B
310 B 24ms
23ms Stylesheet
text/css 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://midasmanifestation.com/presentation/fonts/fonts.css
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 81cd933410158861ecb0a6243d8bfc12e8d07c08cf85bb087e8f9a5c3bc6f8f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
last-modified: Tue, 01 Dec 2020 17:01:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 165
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 59ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-536413792

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9259a434497f0b078afe0896fa8d5983f76bca687bdd0b749ef658f3ae7569f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39596
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 / Show response
cbtb.clickbank.net/ 936 B
1 KB 193ms
183ms Script
text/javascript 35.161.191.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cbtb.clickbank.net/?vendor=midasman88
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.191.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-191-48.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
cache-control: max-age=900
server: Apache
content-length: 936
content-type: text/javascript;charset=UTF-8

GET
H3-Q050 200 Resize_1.jpg
midasmanifestation.com/presentation/images/ 71 KB
71 KB 23ms
23ms Image
image/jpeg 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/Resize_1.jpg
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: fa420488db4fe0f008fc1d0ca11268521799ea42b652d4669b90efa27e5da8de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 08 Dec 2020 09:04:24 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 73069
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 Resize_2.jpg
midasmanifestation.com/presentation/images/ 50 KB
50 KB 24ms
22ms Image
image/jpeg 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/Resize_2.jpg
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 0697eca6a0ff8a813bafe2c4d9b60f31517deebe1c1924ee5c5192848dcec629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Thu, 03 Dec 2020 03:55:32 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 50872
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 book4.png
midasmanifestation.com/presentation/images/ 124 KB
124 KB 26ms
22ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/book4.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: aa4adcaebb0f7039583c996e5de3811c62133f23206c71a6508c752e93f1e4b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Wed, 02 Dec 2020 19:47:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 127381
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 payment.png
midasmanifestation.com/presentation/images/ 15 KB
15 KB 27ms
23ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/payment.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 4c9a375b958438d0e0445f1289d41be94052a9da3d9951f9a1c376056e8345ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Wed, 02 Dec 2020 19:47:17 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15020
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 mbg-gold.jpg
midasmanifestation.com/presentation/images/ 39 KB
39 KB 27ms
23ms Image
image/jpeg 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/mbg-gold.jpg
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 29b8e07a11c9b764d66e1a149bf5277217f0723723564a25149620b3f2f025e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Thu, 03 Dec 2020 03:55:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 39872
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H/1.1 403
Forbidden updt-ic.png
splitpagesimagesdfg.s3.amazonaws.com/30ds/vsl/ 0
0 429ms
112ms Image
application/xml 52.217.195.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://splitpagesimagesdfg.s3.amazonaws.com/30ds/vsl/updt-ic.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK calendar-513.png
www.ultramanifesting.com/vsl/images/ 3 KB
3 KB 409ms
100ms Image
image/png 192.99.140.202
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ultramanifesting.com/vsl/images/calendar-513.png

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.99.140.202 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip202.ip-192-99-140.net

Software

nginx /

Resource Hash

7e16edb0db3c7a29e4f014112b10cb33365797fc4cb4d11e82f5e4bc5fcb715c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; #includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:46:10 GMT
Last-Modified: Thu, 13 Aug 2020 06:36:17 GMT
Server: nginx
ETag: "5f34df61-a6a"
Strict-Transport-Security: max-age=31536000; #includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2666

GET
H3-Q050 200 user1.png
midasmanifestation.com/presentation/images/ 27 KB
27 KB 27ms
23ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/user1.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: b3de0a11e0e436b0f754922ccb6b94b673d176f7770baf08304888400c1a7eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Thu, 03 Dec 2020 03:55:23 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27357
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 user2.png
midasmanifestation.com/presentation/images/ 25 KB
25 KB 27ms
23ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/user2.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: c74f68db9adf782fd9b6dae4b49bab8827082529a31071323e6f84f0412f1eea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Thu, 03 Dec 2020 03:55:18 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25993
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 user3.png
midasmanifestation.com/presentation/images/ 26 KB
26 KB 27ms
23ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/user3.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: b6f030f813ecc366c757095e990f1aba22027aa924d514162600677b18a85f6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Thu, 03 Dec 2020 03:55:19 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26301
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 arrow-left.png
midasmanifestation.com/presentation/images/ 248 B
295 B 27ms
23ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/arrow-left.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: df8c5b92f88c52824acf598dd41dae9d8278f4dc0982c01bb53a11df12026cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Wed, 02 Dec 2020 19:47:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 248
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 arrow-right.png
midasmanifestation.com/presentation/images/ 246 B
292 B 28ms
24ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/arrow-right.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 763ce7ead98608200db922e0f1db4b4b132de4b4095460bb73da01e10fabd40e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Wed, 02 Dec 2020 19:47:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 246
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 manifest.png
midasmanifestation.com/presentation/images/ 242 KB
242 KB 27ms
24ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/manifest.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 3656d141eba973a831f80d7e83049f4c857ab4dfbcc8916a06131afa9c8d73a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 08 Dec 2020 09:04:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 247765
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 moneymanifestation.png
midasmanifestation.com/presentation/images/ 118 KB
118 KB 28ms
25ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/moneymanifestation.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 3ce7d4996cd5503914264ab4e2f3438b161db6518a3fc7c0137db15f91c5c0ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 08 Dec 2020 09:04:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 120355
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 goldlogo.png
midasmanifestation.com/presentation/images/ 52 KB
52 KB 29ms
25ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/goldlogo.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: f75b663874882837c9214c99cf6e05012241040943c66539e7634c683c6bf3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 08 Dec 2020 09:04:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 52964
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 wait-discover.jpg
midasmanifestation.com/presentation/img/ 60 KB
60 KB 29ms
25ms Image
image/jpeg 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/img/wait-discover.jpg
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 4d0c5135d20ddac9af8029fe1046062e4bb4e367ba755ff49dd6ff3dd2ef9089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Mon, 30 Nov 2020 13:47:15 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 61111
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 gold.jpg
midasmanifestation.com/presentation/img/ 55 KB
55 KB 29ms
26ms Image
image/jpeg 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/img/gold.jpg
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 4b5d6fad53dbb651b0b8436141d2efe5a180a79e5a860174b23ceb0215adca70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Mon, 30 Nov 2020 13:47:01 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56584
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 tick-sml.gif
midasmanifestation.com/presentation/img/ 2 KB
2 KB 29ms
26ms Image
image/gif 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/img/tick-sml.gif
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: c49de3fd7a2569d686c8ec20dc0c41553bb42ae21a2465cda38c3d186f3754ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Mon, 30 Nov 2020 13:47:12 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1859
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 21:16:33 GMT

GET
H3 200 slick.min.js Show response
cdn.jsdelivr.net/jquery.slick/1.5.9/ 40 KB
11 KB 26ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.5.9/slick.min.js

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3545987
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"9e0d-qcgXEKm1ksuZ6Na/DZQVcvL/ZxM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b990c76cc8a6964-FRA

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 41ms
22ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 351001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6696
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XybEXmBTrG8G0MJ8LNXrVH9qpnjQudgRY5ASiJUmunzjyNuAE3P9qm%2FVlR8Te4lUgEiqAVd0BgN%2Bq9jftdfLjcGmXzy5bLAqlcz%2Fa27BTGGE%2BU%2Fz12colWCdmcGdrNEAsh98iI%2BgXxmHvHQIe0NBFHOf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b990c771cb1690a-FRA
expires: Sat, 26 Nov 2022 22:46:09 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
16 KB 45ms
19ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 11810046
cdn-cachedat: 2021-07-21 17:53:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8c3ded9e6abcba53400775a4a89b5cbd
cf-ray: 6b990c775d6a2c42-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 40ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-185027860-1

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daa6b82b6002116719b0d8389f88be589d131384f324b7d0d6e1bfce52760885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36171
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
38 KB 45ms
26ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMZTDLW

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ddb9609c9631d0170a19f97d0eed3198d98200026d6c445f71dd3f91c236da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38540
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: NGEv+kH2aknnYcrV6dMrp/7JtEU3owA9grkRdYIVsu0tpjcj89CYHl4X1oTHVCtVPnY6iCEXlVsEYBppvFwSfA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Dec 2021 22:46:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 injectable.js Show response
prod.cbstatic.net/dist/ 187 KB
56 KB 185ms
145ms Script
application/javascript 18.66.112.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.cbstatic.net/dist/injectable.js
Requested by: Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
x-amz-cf-id: RRq6HfYQQNvvuhrSRgq0GimzG9MkiA5LXryNGN3DwH7ZpiK2SdctRQ==

GET
H2 200 loader.min.js Show response
quick.vidalytics.com/embeds/NVAZb1Ms/rhm7BQIQNDsUPDPM/ 4 KB
1 KB 83ms
21ms Script
application/javascript 2606:4700::6810:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/NVAZb1Ms/rhm7BQIQNDsUPDPM/loader.min.js
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acf4fc977bff8255335721d932c10bef55073aba3e94f4dd090664ef7215de6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 333237
x-guploader-uploadid: ADPycdsjjisiVjVwuNynU-nk2jChtAdYN4RNhI3tRKtT-7QIvLCCJuM6jjSKKHWoACIKxK9Uyv_V9eYDLx9Y9erlKLcwV8-Aeg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 1307
last-modified: Sun, 30 May 2021 09:24:26 GMT
server: cloudflare
etag: "0ae1a3f3b1760410c5871cbe71b96712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4ku0Sw==, md5=CuGj87F2BBDFhxy+cblnEg==
x-goog-generation: 1622366666553043
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 1307
accept-ranges: bytes
cf-ray: 6b990c77cc2c2b7d-FRA
expires: Sat, 01 Jan 2022 22:00:59 GMT

GET
H2 200 loader.min.js Show response
quick.vidalytics.com/embeds/NVAZb1Ms/RuhOlG5bIWEsPeC1/ 4 KB
2 KB 80ms
18ms Script
application/javascript 2606:4700::6810:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/NVAZb1Ms/RuhOlG5bIWEsPeC1/loader.min.js
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acf4fc977bff8255335721d932c10bef55073aba3e94f4dd090664ef7215de6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 332287
x-guploader-uploadid: ADPycduVkRewR4LX81QwotOhTKXXjIKzIQ82KemmnsH-ctWL44jFn_zI-32u4HAa-ezIUgvf0CLokTMGGOfNzUgELqPL0iwuaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 1307
last-modified: Sun, 30 May 2021 09:26:52 GMT
server: cloudflare
etag: "0ae1a3f3b1760410c5871cbe71b96712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4ku0Sw==, md5=CuGj87F2BBDFhxy+cblnEg==
x-goog-generation: 1622366812770250
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 1307
accept-ranges: bytes
cf-ray: 6b990c77cc2d2b7d-FRA
expires: Sat, 01 Jan 2022 22:00:59 GMT

GET
H3-Q050 200 bg2.png
midasmanifestation.com/presentation/images/ 729 KB
729 KB 25ms
25ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/bg2.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 53539f4d61bffffa9da0cc6bc112118714e656303d22bd2004fc850860e8027a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 08 Dec 2020 09:04:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 746930
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 Thum1110x635_pushplay_2.png
midasmanifestation.com/presentation/images/ 136 KB
136 KB 25ms
25ms Image
image/png 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midasmanifestation.com/presentation/images/Thum1110x635_pushplay_2.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 1fccdd19b9c9966529a3c041068c6426172575a9047047cb67cff343ff288022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Thu, 03 Dec 2020 03:55:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 139686
expires: Mon, 13 Dec 2021 22:46:09 GMT

GET
H3-Q050 200 Metropolis-Regular.woff2
midasmanifestation.com/presentation/fonts/ 11 KB
11 KB 25ms
25ms Font
font/woff2 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://midasmanifestation.com/presentation/fonts/Metropolis-Regular.woff2
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/fonts/fonts.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 2f44d2cfe5d3f3f6a504e539b6559444e1d6c4b6f005661b5f232b9378c7c563

Request headers

Referer: https://midasmanifestation.com/presentation/fonts/fonts.css
Origin: https://midasmanifestation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 01 Dec 2020 17:01:35 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 11236
content-type: font/woff2

GET
H3-Q050 200 Metropolis-Bold.woff2
midasmanifestation.com/presentation/fonts/ 11 KB
11 KB 36ms
36ms Font
font/woff2 5.134.14.14
UKNOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://midasmanifestation.com/presentation/fonts/Metropolis-Bold.woff2
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/fonts/fonts.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.134.14.14 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS: grh35.myukcloud.com
Software: LiteSpeed /
Resource Hash: 4c6237c8fd1db49f3485a9c89ba91bd387617ffead4bb3848aca6c76ce1a221f

Request headers

Referer: https://midasmanifestation.com/presentation/fonts/fonts.css
Origin: https://midasmanifestation.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
last-modified: Tue, 01 Dec 2020 17:01:32 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 11408
content-type: font/woff2

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 56ms
27ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H3 200 427058671829802 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 159ms
150ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/427058671829802?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76460ff9ad72a5b37b6f4b845dd2d581386d59a03f5fe51562a084a1d04e2358

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: oqFwgCL+IgXqor7m+m8QQrT6oQJCCfq8HpCxu8EmaaAq4+/01chREg8aB0G7Z/5HlfxOT0oFy5Cj/1qG5wnYqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:46:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 35ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-536413792&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185027860-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfef2c17648998f922c64956396697a50efe2d51d76703a401a1f46def507a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39602
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMZTDLW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6302
date: Mon, 06 Dec 2021 21:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 23:01:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 42ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-536413792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 22:46:09 GMT

GET
H2 200 player.min.js Show response
quick.vidalytics.com/embeds/NVAZb1Ms/RuhOlG5bIWEsPeC1/ 2 MB
468 KB 26ms
25ms Script
application/javascript 2606:4700::6810:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/NVAZb1Ms/RuhOlG5bIWEsPeC1/player.min.js
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/NVAZb1Ms/RuhOlG5bIWEsPeC1/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 349e789660dd17bf9ef92f626dc30ad7dde59178b42e29cddd14605873c5aed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 333238
x-guploader-uploadid: ADPycdvI4eQ3UkC0e475WBWe9iGhlVzkS1mz5ic89BPf2vOl6LWXMu54USrkevtv-FaWws0AzX0apF3ZAnjeUZhTxCpBxLKw4w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 478210
last-modified: Sun, 30 May 2021 09:26:53 GMT
server: cloudflare
etag: "a5a03558021d58005d549b16e8604b1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=oUOj6g==, md5=paA1WAIdWABdVJsW6GBLGg==
x-goog-generation: 1622366813290784
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 478210
accept-ranges: bytes
cf-ray: 6b990c783cd72b7d-FRA
expires: Sat, 01 Jan 2022 22:01:00 GMT

GET
H2 200 player.min.js Show response
quick.vidalytics.com/embeds/NVAZb1Ms/rhm7BQIQNDsUPDPM/ 2 MB
468 KB 19ms
18ms Script
application/javascript 2606:4700::6810:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/NVAZb1Ms/rhm7BQIQNDsUPDPM/player.min.js
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/NVAZb1Ms/rhm7BQIQNDsUPDPM/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bc9e6b5bd96aef1d26048d193bc6900a4d0d9a96d67809f9aa34b5691272492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 332287
x-guploader-uploadid: ADPycdtLCl2qveDixKpvT8SappF24qe80-OprRPlI35RC6YhiWbswddl_QDG61ej-7vMTHirxN8eUrr-KX9RKSPPgN8I_hbvCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 478212
last-modified: Sun, 30 May 2021 09:24:27 GMT
server: cloudflare
etag: "74357e8d5ee8b4710729f82f38fc0e7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=fAnATg==, md5=dDV+jV7otHEHKfgvOPwOfA==
x-goog-generation: 1622366667107476
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 478212
accept-ranges: bytes
cf-ray: 6b990c783cd92b7d-FRA
expires: Sat, 01 Jan 2022 22:01:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ 148 KB
48 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 20:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49081
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 20:42:45 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 37ms
20ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-M682DG8&t=gtm9&cid=1921844440.1638830769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eaa5611947876407ce64be3b424b83d5ee3d9bfbd9c2742090ecc3851c44cb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34982
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:46:10 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/536413792/ 2 KB
2 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/536413792/?random=1638830769450&cv=9&fst=1638830769450&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=12&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88&tiba=Midas%20Manifestation%20(1)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41bbbdd8846af9fce33706c38cefc6d5b4cef7516a7d5ead9f3338175769825e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kEjjP6PU-L4 Show response
www.youtube.com/embed/ Frame 79DD 61 KB
25 KB 54ms
53ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a54460d31b368ba963dd1b5f02f439d8f16b56da2f77c2c2dc62096c394e7e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Dec 2021 22:46:10 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 app-strings-en.json Show response
prod.cbstatic.net/dist/i18n/ 9 B
436 B 160ms
143ms XHR
application/json 18.66.112.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by: Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept: application/json
Referer: https://midasmanifestation.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:11 GMT
via: 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "cdfca8b09e61ae7324e48f01984c9b34"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
content-type: application/json
content-length: 9
x-amz-cf-id: zv8u-gYT9D1gqhrjVwxumZeC7VTa2V5f3_YQrY_NdwgzfT8ufivRRw==

GET
H2 200 logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ 3 KB
4 KB 221ms
221ms Image
image/png 18.66.112.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:11 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "47cdefc96f75be3d978d4b444737b00e"
x-cache: Miss from cloudfront
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
content-type: image/png
content-length: 3472
x-amz-cf-id: iyzO7Yb5SIn8LhPexRYmCwbFOkhzn5yLId8qORp9vzXrpd4rVy6PSw==

GET
H2 200 logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ 4 KB
5 KB 135ms
135ms Image
image/png 18.66.112.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:11 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
x-cache: Miss from cloudfront
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
content-type: image/png
content-length: 4341
x-amz-cf-id: XhEGsLfkY_KRMFjZaw1UoqrAr2hdZDCfzhTCE_gOop7fhopOfB8Gpw==

GET
H2 200 blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ 4 KB
5 KB 58ms
6ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: 4eab1977a28d837a8ac9a9f70f0018c2b9df58b0a08ea22b2fb8e86a89d3038e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
last-modified: Mon, 06 Dec 2021 18:02:44 GMT
server: keycdn-engine
x-aspnet-version: 4.0.30319
x-edge-location: defr
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-shield: active
content-length: 4352
expires: Tue, 07 Dec 2021 02:46:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1244707956&t=pageview&_s=1&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88&ul=en-us&de=UTF-8&dt=Midas%20Manifestation%20(1)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=928944334&gjid=953141960&cid=1921844440.1638830769&tid=UA-185027860-1&_gid=47177437.1638830769&_r=1&gtm=2wgc10PMZTDLW&z=1283946787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midasmanifestation.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:46:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midasmanifestation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1244707956&t=pageview&_s=1&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88&ul=en-us&de=UTF-8&dt=Midas%20Manifestation%20(1)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAAC~&jid=601990477&gjid=417197193&cid=1921844440.1638830769&tid=UA-185027860-1&_gid=47177437.1638830769&_r=1&gtm=2ouc10&z=1567199186

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midasmanifestation.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:46:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midasmanifestation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/536413792/ 42 B
548 B 47ms
20ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/536413792/?random=1638830769450&cv=9&fst=1638828000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=12&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88&tiba=Midas%20Manifestation%20(1)&async=1&fmt=3&is_vtc=1&random=358087070&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/536413792/ 42 B
548 B 48ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/536413792/?random=1638830769450&cv=9&fst=1638828000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=12&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88&tiba=Midas%20Manifestation%20(1)&async=1&fmt=3&is_vtc=1&random=358087070&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2899796373573751 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 56ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2899796373573751?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9661c1a126a23c34804a7421a9daf757568297dfa331299ce7699ed878e623d6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: liN3phUilWwYcKCCxJ8UhsYY6uWY9fmlqJ0to0+sziWn4uC0DDWBnRl+30bcpjqqV8fbDPFd+2DmlKSWEp1VRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:46:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 30ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=427058671829802&ev=PageView&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830769871&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&exp=p1&rqm=GET

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 06 Dec 2021 22:46:10 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8040e515/ Frame 79DD 336 KB
46 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47245
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:30:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8040e515/www-embed-player.vflset/ Frame 79DD 217 KB
71 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 20:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72751
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 20:15:56 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 79DD 2 MB
524 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535989
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:30:05 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/ Frame 79DD 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 18:41:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 79DD 15 KB
16 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 559685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 11:18:05 GMT

GET
H3 200 2225008767778156 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2225008767778156?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

555492bb80d589bee9963facbd9ab94bdd95d68637d1c142361af50b07d04252

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 8kw5p35VtIdDKsgAfxGuMPDdYFVdlnKdGFPH/VUIXZOWeVtAClwcixbbRI5Tf989jnHeGt77sRrrLQOClhxVfA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:46:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2899796373573751&ev=PageView&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830769944&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&exp=p1&rqm=GET

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:10 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 79DD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

18ms
17ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a57d0cb82ba96dee8b449228c26361463a001c5840451c36048d6e535950c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Dec 2021 22:46:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 79DD 29 B
587 B 36ms
8ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:42:28 GMT
x-content-type-options: nosniff
age: 222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 22:57:28 GMT

GET
H3 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame 79DD 35 KB
13 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 06:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 06:08:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 79DD 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:17 GMT

GET
DATA 200
OK truncated
/ Frame 79DD 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQJCd_fHExebe0ED3R_THmnQBi-rEKJhKeCYMuc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 79DD 5 KB
5 KB 49ms
10ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQJCd_fHExebe0ED3R_THmnQBi-rEKJhKeCYMuc=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a156f3926fc8883e6297adb7aee5aaf4b1ccfa5d4b916e46d77d9f266b38afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 20:52:07 GMT
x-content-type-options: nosniff
age: 6843
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4764
x-xss-protection: 0
server: fife
etag: "v7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:11:33 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/kEjjP6PU-L4/ Frame 79DD 15 KB
15 KB 49ms
8ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/kEjjP6PU-L4/sddefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea8f8b5b6145bdc580ec787370da340984ce547cef2d912384c76d13ec2b292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:09:32 GMT
x-content-type-options: nosniff
age: 5798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14850
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Dec 2021 23:09:32 GMT

GET
H3 200 442151173862341 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/442151173862341?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b36e79652b2cdf2fad52186ca5c585b3004746ac33a097984af54aa996905b0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: H4QdJfxmdZ2oVcs1DImjrEjP0MEbvs+qCgyKKxwV+++JIgyfUnZBpA/qCG/DIMRwwLnhqTd9kyM811ZGJbaISw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:46:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2225008767778156&ev=PageView&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830770227&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&exp=p1&rqm=GET

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:10 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 79DD 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?mcA8Jg
Requested by: Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 3280946592004124 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 92ms
92ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3280946592004124?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3686302894dbac6b0a0bce93ff9248cb515e34eb5a1cd7a9cdcdbefe05b138d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: q6z06+T4c0DmYiF1jmw56ay8zSLxwheiewqoRvHgOET9tKQq1bL2k1uVfVUfLJ1ppaFLcgvUIbMoRfjV/tFQ/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:46:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=442151173862341&ev=PageView&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830770368&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&exp=p1&rqm=GET

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:10 GMT

GET
H3 200 1305233476505062 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1305233476505062?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cac0a9881bd54d06c947b0547f785e11ad1e9dbae7a9e3a601d53f0a8c134798

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 3D2x/j/s9XIxbLTvGIkT8LZlLIWsmg06Bm1XZoB2+EtLdBxDTGFaiTeSTIG82y16K4VM7uNQkHvna2gzSuX6BA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:46:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3280946592004124&ev=PageView&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830770475&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&exp=p1&rqm=GET

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1305233476505062&ev=PageView&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830770550&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&exp=p1&rqm=GET

Requested by

Host: midasmanifestation.com
URL: https://midasmanifestation.com/presentation/?hop=neuro99&vendor=midasman88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=427058671829802&ev=Microdata&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830771378&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midas%20Manifestation%20(1)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2899796373573751&ev=Microdata&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830771447&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midas%20Manifestation%20(1)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2225008767778156&ev=Microdata&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830771731&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midas%20Manifestation%20(1)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=442151173862341&ev=Microdata&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830771872&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midas%20Manifestation%20(1)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3280946592004124&ev=Microdata&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830771977&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midas%20Manifestation%20(1)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1305233476505062&ev=Microdata&dl=https%3A%2F%2Fmidasmanifestation.com%2Fpresentation%2F%3Fhop%3Dneuro99%26vendor%3Dmidasman88%23&rl=&if=false&ts=1638830772054&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midas%20Manifestation%20(1)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638830769869.552631547&it=1638830769348&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midasmanifestation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:46:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:46:12 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 79DD 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/kEjjP6PU-L4?autoplay=0&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fmidasmanifestation.com&widgetid=1
X-YouTube-Client-Version: 1.20211201.01.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDakhEb2J6N1l4RSiypbqNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638830770010&flash=0&frm=2&u_tz&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1090%2C635&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 06 Dec 2021 22:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 06 Dec 2021 22:46:12 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clickmeter.com/	1970-01-19 23:57:02	Name: conv#383401611 Value: link=86ys\|10minuteawakening.net&conv1=4C01AFF120734AACA6FF417BF4D31582&dtId=20211206224608169974813&day=6&month=12&year=2021&hour=22&min=46&sec=8&ip=
.clickbank.net/	1970-01-20 03:33:02	Name: p Value: khOF05SqF-f4WF-LqnnDAvRQ6sHTk_ri5jnmKtmR0hRW0E8z66infmPX5ZcLng3klbJjdmaj1rUR_2hqbtBDOij0FaYRLARq9K9N1amLXvuWWtLH
.clickbank.net/	1970-01-21 19:01:50	Name: q Value: 01.0FEC4699F14E90581BDB0128320661C96AB428CBF8F068AACFE84C1F272862B3D742E8E1136A4AA9915E09F81D120694581D472C
hop.clickbank.net/	1970-01-19 23:23:55	Name: AWSALB Value: Pc90hjCM91DxDnJUpf9AlZPaELjkNfuktBgtyd0cKilkAZ+z5mD48DGWNpXSDZE/yVJdVAEw7C9Fp9PNHLRWi7RMOx696xc4MlyEiJHxY/zXPSFHRjcTMnpkcRi7
hop.clickbank.net/	1970-01-19 23:23:55	Name: AWSALBCORS Value: Pc90hjCM91DxDnJUpf9AlZPaELjkNfuktBgtyd0cKilkAZ+z5mD48DGWNpXSDZE/yVJdVAEw7C9Fp9PNHLRWi7RMOx696xc4MlyEiJHxY/zXPSFHRjcTMnpkcRi7
cbtb.clickbank.net/	1970-01-19 23:23:55	Name: AWSALBCORS Value: w2cQKsSqtuiHzca9Bpdv4xN8E0XOSryaxWNyQyrBBk4ww972OaZ4AIE1rUv56FWl8YdVtk477STvhvBSCpg0LoTuvkhw3q8VcLz0+/N1JHv8Nnx3XPiXLfpYJB9b
midasmanifestation.com/	1970-01-19 23:15:17	Name: vdelayc Value: 1638830769323
midasmanifestation.com/	1970-01-19 23:34:00	Name: visitasc Value: Mon Dec 06 2021 22:46:09 GMT+0000 (GMT)
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: oC3Ns_Qq7RQ
.youtube.com/	1970-01-20 03:33:02	Name: VISITOR_INFO1_LIVE Value: CjHDobz7YxE
.midasmanifestation.com/	1970-01-20 01:23:26	Name: _gcl_au Value: 1.1.1090154878.1638830769
.midasmanifestation.com/	1970-01-20 16:45:02	Name: _ga Value: GA1.2.1921844440.1638830769
.midasmanifestation.com/	1970-01-19 23:15:17	Name: _gid Value: GA1.2.47177437.1638830769
.doubleclick.net/	1970-01-19 23:13:51	Name: test_cookie Value: CheckForPermission
.midasmanifestation.com/	1970-01-19 23:13:50	Name: _gat_UA-185027860-1 Value: 1
.midasmanifestation.com/	1970-01-19 23:13:50	Name: _gat_gtag_UA_185027860_1 Value: 1
.midasmanifestation.com/	1970-01-20 01:23:26	Name: _fbp Value: fb.1.1638830769869.552631547

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://splitpagesimagesdfg.s3.amazonaws.com/30ds/vsl/updt-ic.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10minuteawakening.net
ajax.googleapis.com
cbtb.clickbank.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hop.clickbank.net
i.ytimg.com
kenwheeler.github.io
maxcdn.bootstrapcdn.com
midasmanifestation.com
newre-conversions.clickmeter.com
prod.cbstatic.net
quick.vidalytics.com
seal-boise.bbb.org
splitpagesimagesdfg.s3.amazonaws.com
stackpath.bootstrapcdn.com
static.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ultramanifesting.com
www.youtube.com
yt3.ggpht.com
142.250.185.66
18.66.112.12
192.99.140.202
2406:da00:ff00::36f3:1cdc
2406:da00:ff00::36f3:a8cb
2606:4700::6810:135e
2606:4700::6810:5714
2606:4700::6810:ea1b
2606:4700::6812:acf
2606:4700::6812:bcf
2606:50c0:8001::153
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2016
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2006
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:101::1
35.161.191.48
5.134.14.14
52.217.195.33
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
0697eca6a0ff8a813bafe2c4d9b60f31517deebe1c1924ee5c5192848dcec629
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1fccdd19b9c9966529a3c041068c6426172575a9047047cb67cff343ff288022
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
29b8e07a11c9b764d66e1a149bf5277217f0723723564a25149620b3f2f025e3
2a156f3926fc8883e6297adb7aee5aaf4b1ccfa5d4b916e46d77d9f266b38afc
2bc9e6b5bd96aef1d26048d193bc6900a4d0d9a96d67809f9aa34b5691272492
2ddb9609c9631d0170a19f97d0eed3198d98200026d6c445f71dd3f91c236da2
2f44d2cfe5d3f3f6a504e539b6559444e1d6c4b6f005661b5f232b9378c7c563
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
349e789660dd17bf9ef92f626dc30ad7dde59178b42e29cddd14605873c5aed0
3656d141eba973a831f80d7e83049f4c857ab4dfbcc8916a06131afa9c8d73a1
3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e
3b23f57d6b1ee64a394213f2e37e59e180e1d89bb1116423c3281daf51f08b26
3ce7d4996cd5503914264ab4e2f3438b161db6518a3fc7c0137db15f91c5c0ac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40a57d0cb82ba96dee8b449228c26361463a001c5840451c36048d6e535950c5
41bbbdd8846af9fce33706c38cefc6d5b4cef7516a7d5ead9f3338175769825e
4acf4fc977bff8255335721d932c10bef55073aba3e94f4dd090664ef7215de6
4b5d6fad53dbb651b0b8436141d2efe5a180a79e5a860174b23ceb0215adca70
4c6237c8fd1db49f3485a9c89ba91bd387617ffead4bb3848aca6c76ce1a221f
4c9a375b958438d0e0445f1289d41be94052a9da3d9951f9a1c376056e8345ac
4d0c5135d20ddac9af8029fe1046062e4bb4e367ba755ff49dd6ff3dd2ef9089
4eab1977a28d837a8ac9a9f70f0018c2b9df58b0a08ea22b2fb8e86a89d3038e
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
53539f4d61bffffa9da0cc6bc112118714e656303d22bd2004fc850860e8027a
555492bb80d589bee9963facbd9ab94bdd95d68637d1c142361af50b07d04252
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8
763ce7ead98608200db922e0f1db4b4b132de4b4095460bb73da01e10fabd40e
76460ff9ad72a5b37b6f4b845dd2d581386d59a03f5fe51562a084a1d04e2358
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7e16edb0db3c7a29e4f014112b10cb33365797fc4cb4d11e82f5e4bc5fcb715c
81cd933410158861ecb0a6243d8bfc12e8d07c08cf85bb087e8f9a5c3bc6f8f2
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
88f4430fa8bd79c100b51f557c31074461cafa4389939768d1a3579cde53b73e
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9
8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9
9259a434497f0b078afe0896fa8d5983f76bca687bdd0b749ef658f3ae7569f8
9661c1a126a23c34804a7421a9daf757568297dfa331299ce7699ed878e623d6
9b36e79652b2cdf2fad52186ca5c585b3004746ac33a097984af54aa996905b0
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
a54460d31b368ba963dd1b5f02f439d8f16b56da2f77c2c2dc62096c394e7e06
aa4adcaebb0f7039583c996e5de3811c62133f23206c71a6508c752e93f1e4b7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3de0a11e0e436b0f754922ccb6b94b673d176f7770baf08304888400c1a7eac
b6f030f813ecc366c757095e990f1aba22027aa924d514162600677b18a85f6f
c49de3fd7a2569d686c8ec20dc0c41553bb42ae21a2465cda38c3d186f3754ba
c74f68db9adf782fd9b6dae4b49bab8827082529a31071323e6f84f0412f1eea
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cac0a9881bd54d06c947b0547f785e11ad1e9dbae7a9e3a601d53f0a8c134798
cea8f8b5b6145bdc580ec787370da340984ce547cef2d912384c76d13ec2b292
d3686302894dbac6b0a0bce93ff9248cb515e34eb5a1cd7a9cdcdbefe05b138d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3
daa6b82b6002116719b0d8389f88be589d131384f324b7d0d6e1bfce52760885
daf15a48d77ace1360802cc62c32adb717faf14381ddcc1d93a530ec85c30bb9
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df8c5b92f88c52824acf598dd41dae9d8278f4dc0982c01bb53a11df12026cab
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
dfef2c17648998f922c64956396697a50efe2d51d76703a401a1f46def507a86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa5611947876407ce64be3b424b83d5ee3d9bfbd9c2742090ecc3851c44cb34
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
f75b663874882837c9214c99cf6e05012241040943c66539e7634c683c6bf3b5
fa420488db4fe0f008fc1d0ca11268521799ea42b652d4669b90efa27e5da8de

midasmanifestation.com Open in urlscan Pro 5.134.14.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

91 Requests

99 %HTTPS

79 %IPv6

26 Domains

30 Subdomains

28 IPs

5 Countries

4465 kBTransfer

11003 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

midasmanifestation.com Open in urlscan Pro
5.134.14.14 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

99 %
HTTPS

79 %
IPv6

26
Domains

30
Subdomains

28
IPs

5
Countries

4465 kB
Transfer

11003 kB
Size

17
Cookies

91 HTTP transactions
1 data transactions