mansondirect.com Open in urlscan Pro
162.144.12.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mansondirect.com/
Submission: On December 30 via api (December 30th 2023, 1:42:25 am UTC) from US — Scanned from DE

Summary HTTP 29 Redirects Links 122 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 29 HTTP transactions. The main IP is 162.144.12.171, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mansondirect.com.

This is the only time mansondirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.144.12.171 162.144.12.171	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	2.17.190.170 2.17.190.170	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f041:11:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	107.154.148.204 107.154.148.204	19551 (INCAPSULA) (INCAPSULA)
1	206.221.176.133 206.221.176.133	23470 (RELIABLESITE) (RELIABLESITE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
29	15

1 162.144.12.171 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-12-171.unifiedlayer.com

mansondirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.190.170 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-170.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f041:11:face:b00c:0:3 (Denver, United States)

ASN32934 (FACEBOOK, US)

scontent-den4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.148.204 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.148.204.ip.incapdns.net

www.goodbyehelterskelter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.221.176.133 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)

s05.flagcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1002 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	40 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	goodbyehelterskelter.com www.goodbyehelterskelter.com
2	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11479 2.bp.blogspot.com — Cisco Umbrella Rank: 14427	315 KB
2	fbcdn.net scontent-den4-1.xx.fbcdn.net — Cisco Umbrella Rank: 10327	42 B
2	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 3351	267 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	72 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	flagcounter.com s05.flagcounter.com — Cisco Umbrella Rank: 322888	44 KB
1	mansondirect.com mansondirect.com	155 KB
29	13

	Domain	Requested by
8	www.youtube.com	mansondirect.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.goodbyehelterskelter.com	mansondirect.com
2	scontent-den4-1.xx.fbcdn.net	mansondirect.com
2	s7.addthis.com	1 redirects mansondirect.com
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	s05.flagcounter.com	mansondirect.com
1	2.bp.blogspot.com	mansondirect.com
1	1.bp.blogspot.com	mansondirect.com
1	mansondirect.com
29	16

This site contains links to these domains. Also see Links.

Domain
www.mansondirectphotos.blogspot.com
mansondirectphotos.blogspot.com
www.atwaearth.com
www.youtube.com
cowboystatedaily.com
www.news24.com
www.cnn.com
www.theguardian.com
www.lakeconews.com
www.texasmonthly.com
www.facebook.com
charliesarts11.bigcartel.com
news.yahoo.com
www.honeybeehaven.org
www.bitchute.com
www.pesticideinfo.org
amazonwatch.org
m.youtube.com
downeast.com
wildseedproject.net
youtu.be
www.dailymail.co.uk
www.politico.com
nypost.com
missoulian.com
https
www.homecrux.com
www.nhbs.com
www.brighteon.com
teamtrees.org
theoceancleanup.com
www.rt.com
www.bonfire.com
www.panna.org
www.dailywire.com
wildhorseproject.org
farmersfootprint.us
www.projectcoyote.org
projectcoyote.salsalabs.org
www.cbsnews.com
www.goodbyehelterskelter.com
www.scoopyweb.com
www.charliesarts.com
savetrees.org
www.stationgossip.com
www.breitbart.com
www.unz.com
www.bbc.com
www.businessinsider.com
www.nbcnews.com
www.latimes.com
www.aljazeera.com
www.amazon.com
atrazine.news
www.reuters.com
350.org
www.globalresearch.ca
charliesarts.bigcartel.com
www.addthis.com
s05.flagcounter.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-08` - `2024-01-06`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://mansondirect.com/
Frame ID: E86B00ED5EF65AFBCA3F3FA7431D4EB7
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
Frame ID: 84176D7AAE0C9379CF2E53260AB44824
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Microsoft Word (Editors) Expand

Overall confidence: 100%
Detected patterns

(?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)

AddThis (Widgets) Expand

Page Statistics

29
Requests

76 %
HTTPS

71 %
IPv6

13
Domains

16
Subdomains

15
IPs

2
Countries

1687 kB
Transfer

4350 kB
Size

2
Cookies

122 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mansondirectphotos.blogspot.com/
Title: Photos

Search URL Search Domain Scan URL

URL: http://mansondirectphotos.blogspot.com/p/recordings.html
Title: Recordings

Search URL Search Domain Scan URL

URL: http://www.atwaearth.com/the-savior.html
Title: The Savior

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=TBzULXFtcsI
Title: New "Goodbye Helter Skelter Podcast" number 9.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=eHc6bHZMRQM
Title: New "Goodbye Helter Skelter Podcast" number 10.

Search URL Search Domain Scan URL

URL: https://cowboystatedaily.com/2023/09/22/ev-battery-factory-will-require-so-much-energy-it-needs-a-coal-plant-to-power-it/
Title: EV Battery Factory Will Require A Coal Plant To Power It.

Search URL Search Domain Scan URL

URL: https://www.news24.com/fin24/climate_future/environment/dozens-of-nations-to-sign-un-ocean-treaty-but-implementation-still-awaits-20230920
Title: Nations To Sign Ocean Treaty

Search URL Search Domain Scan URL

URL: https://www.cnn.com/2023/09/20/politics/american-climate-corps-biden/index.html
Title: American Climate Corps Launched.

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/environment/2020/nov/17/underwater-museum-how-paolo-the-fisherman-made-the-meds-strangest-sight
Title: Italian Fisherman Creates Way to Stop Illegal Fishing

Search URL Search Domain Scan URL

URL: https://www.lakeconews.com/news/76595-wildlife-officials-confirm-four-new-yet-to-be-named-wolf-packs-in-california
Title: Four New Wolf Packs Confirmed In California!

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/environment/2023/may/25/supreme-court-decision-idaho-wetlands-clean-water-act
Title: Supreme Court Shrinks Clean Water Protections.

Search URL Search Domain Scan URL

URL: https://www.texasmonthly.com/news-politics/abandoned-oil-wells-coast-bays/
Title: Hundreds Of Abandoned Oil Wells Now Leak Toxins Into Texas Bays.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ATWAofficial/
Title: ATWAofficial on Facebook

Search URL Search Domain Scan URL

URL: https://charliesarts11.bigcartel.com/
Title: CharliesArts.com -for CM music, Art prints, Hoodies, Tee shirts and more

Search URL Search Domain Scan URL

URL: http://www.atwaearth.com/index.html
Title: AtwaEarth.com -for more info, back-stories and updates

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=GIztwO7U82s&t=308s
Title: NEW- George Stimson Goodbye Helter Skelter Podcast Live # 8. "The Search for Motive"

Search URL Search Domain Scan URL

URL: https://www.lakeconews.com/news/75759-two-new-groups-of-wolves-confirmed-in-northern-california
Title: Two New Groups of Wolves Confirmed in Northern California

Search URL Search Domain Scan URL

URL: https://www.lakeconews.com/news/75818-rare-sighting-of-wolverine-confirmed-in-multiple-california-counties
Title: Rare Sighting of Wolverine in California

Search URL Search Domain Scan URL

URL: http://news.yahoo.com/bows-spears-indigenous-warriors-defend-052755777.html
Title: Indigenous Warriors Defend the Amazon

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=j3o6n2eefRc&pp=ygUnTGl2ZSBnb29kYnllIGhlbHRlciBza2VsdGVyIHBvZGNhc3QgIyA2
Title: NEW- Goodbye Helter Skelter Podcast Live # 6.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=e72RNS4Eoeg&t=28s
Title: NOW! Live Goodbye Helter Skelter Podcast # 7, about Charlie's music.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=42TzcurDD78
Title: New: The Goodbye Helter Skelter Podcast LIVE # 5 with George Stimson

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=7or7JFa1Z4Y&t=22s&pp=2AEWkAIB
Title: The Goodbye Helter Skelter Podcast - Live # 4 with George Stimson

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=58YaGsisUQQ&authuser=0
Title: TGHS Podcast Live - # 2

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=J2CtNN9_NQs&t=43s&authuser=0
Title: Addition for 6 minute audio gap in Live # 2.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=6Cu_WeiJTYI&t=93s&authuser=0
Title: TGHS Podcast Live # 3.

Search URL Search Domain Scan URL

URL: https://www.honeybeehaven.org/
Title: Help Protect Pollinators!!

Search URL Search Domain Scan URL

URL: http://www.bitchute.com/video/yu5BCnDvDS6W/
Title: Poisoning Bees in Australia

Search URL Search Domain Scan URL

URL: http://www.pesticideinfo.org/
Title: Pesticideinfo.org

Search URL Search Domain Scan URL

URL: https://amazonwatch.org/take-action/demand-justice-for-eduardo-mendua
Title: Demand Justice in the Amazon

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCAUVitLcuCXGzgqT7DYqwjQ
Title: Tune in tonight, Sunday March 19th, for the first live-edition of the Goodbye Helter Skelter Podcast,

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=8e0A0aB4Rg8
Title: ALSO NEW! Episode # 15 of the Goodbye Helter Skelter Pod Cast with George Stimson.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=RGacZInLzkk&t=157s
Title: New! George Stimson "Goodbye Helter Skelter Podcast" - Episode #14.

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=qadWRkPkKus
Title: Important new documentary by the BBC on wood burning power plants!!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=UkvNg4sM2fg
Title: NEW! George Stimson "Goodbye Helter Skelter" Podcast -Episode# 13.

Search URL Search Domain Scan URL

URL: https://downeast.com/land-wildlife/this-woman-wants-to-destroy-your-lawn/?utm_source=pocket-newtab
Title: Great Article on the Wild Seed Project.

Search URL Search Domain Scan URL

URL: https://wildseedproject.net/
Title: WildSeedProject.net

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=Aw16LPVnNco
Title: Roundup/Glyphosate Documentary- Amazing New Info! "Chemical Farming and the Loss of Human Health"

Search URL Search Domain Scan URL

URL: https://www.bitchute.com/video/fCW1300goxdt/
Title: DuPont - Poisoning and Killing US Since 1938. Detailed and Stunning Documentary!

Search URL Search Domain Scan URL

URL: https://youtu.be/LfNGSpeedk4
Title: New! George Stimson "Goodbye Helter Skelter" Podcast - Episode # 12.

Search URL Search Domain Scan URL

URL: https://www.dailymail.co.uk/news/article-11523449/Kansas-oil-spill-biggest-breach-Keystone-pipeline-history.html
Title: Huge Keystone Pipeline Oil Spill In Kansas Farmland !

Search URL Search Domain Scan URL

URL: https://www.bitchute.com/video/PQJk3c1zHj7F/
Title: BEES are BENEFICIAL !!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=6mgSJXuYZaw&t=216s
Title: New Interview with Lynette Fromme:

Search URL Search Domain Scan URL

URL: https://youtu.be/87tdHXD9Ax0
Title: NEW George Stimson "Goodbye Helter Skelter Podcast" - episode # 11,

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=wP9c4jMPeQo
Title: IMPORTANT NEW EPISODE- Goodbye Helter Skelter Podcast #10

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ac8c-M1zhhM&t=1s
Title: Drilling Under Lake Mead To Drain The Last Drop - video

Search URL Search Domain Scan URL

URL: https://www.politico.com/news/2022/07/06/colorado-river-drought-california-arizona-00044121
Title: Western Drought -Colorado River Water Not Enough

Search URL Search Domain Scan URL

URL: https://nypost.com/2022/07/04/riaan-naude-trophy-hunter-who-killed-lions-elephants-shot-dead/
Title: Trophy Hunter Killed In Africa

Search URL Search Domain Scan URL

URL: https://www.bitchute.com/video/sCkElgfFvPJM/
Title: Dutch Farmers Are Not Giving Up!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?app=desktop&v=zX8aHKeaPNE
Title: NEW : Episode # 9 - Goodbye Helter Skelter Podcast - George Stimson

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/environment/2022/may/08/us-cropland-may-be-contaminated-forever-chemicals-study
Title: 20 MILLION Acres of U.S. Farmland Polluted by Spreading Sewage Sludge

Search URL Search Domain Scan URL

URL: http://missoulian.com/news/local/emotional-ceremony-marks-transfer-of-bison-range-management/article_5693b2be-d362-5934-8d50-4bf8f7b3cfd3.html
Title: Positive ATWA News: Management of Bison Range Transferred to Tribal Control

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/us/environment
Title: ATWA ATWA ATWA Air Trees Water Animals - (Our Life-Support Systems on Mother Earth)

Search URL Search Domain Scan URL

URL: http://m.youtube.com/watch?v=4ycqxZKvGWI
Title: Great Visit with Charles Manson - 1988 Interview.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=4uTAmsiMHzM
Title: NEW - Episode # 8 of Goodbye Helter Skelter Podcast, with George Stimson.

Search URL Search Domain Scan URL

URL: http://https//m.youtube.com/watch?v=4ycqxZKvGWI
Title: __________________________________________________________

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=YBrnUqsXWMw&t=9s
Title: New Goodbye Helter Skelter Podcast, Episode #7.

Search URL Search Domain Scan URL

URL: https://www.homecrux.com/bee-bricks-beehives-for-solitary-bees/166243/
Title: Great New Idea To Help Bees Survive & Thrive - Bee Bricks.

Search URL Search Domain Scan URL

URL: https://www.nhbs.com/bee-brick
Title: More Bee Brick Info!

Search URL Search Domain Scan URL

URL: https://www.brighteon.com/be886ea1-2fde-413a-990b-0d50c8db1c02
Title: Worldwide Natural Resource Land-Grab by Wall Street, International Bankers and Multi-national Corporations.

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=vbaEP91qTr0&feature=emb_logo
Title: Successful Worldwide Tree Planting Project!! 23 Million And Counting!

Search URL Search Domain Scan URL

URL: https://teamtrees.org/
Title: TEAMTREES.ORG

Search URL Search Domain Scan URL

URL: https://youtu.be/5fPmdaDysVc
Title: NEW! - The Goodbye Helter Skelter Podcast - Episode #6

Search URL Search Domain Scan URL

URL: https://www.brighteon.com/1a23603e-9a57-4d43-8dd9-84dc31431976
Title: Important Video - The WORLDWIDE FOOD MONOPOLY

Search URL Search Domain Scan URL

URL: http://m.youtube.com/watch?v=GDGVNYOnunc&feature=youtu.be
Title: Positive News! Cleaning the Great Pacific Ocean Garbage Patch

Search URL Search Domain Scan URL

URL: https://theoceancleanup.com/
Title: (Related Website- TheOceanCleanup.com)

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=5CADLfXOhkU
Title: Western Mega Drought & The Colorado River

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=a_mrSrvlFlQ
Title: New Zealand's Dirty Water

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=pH0fhLBr-Mg
Title: The Ganges; India's Most Polluted Holy River

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=Oqh6hGLqAG8
Title: The Dying Dead Sea

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=2ng5NDl8UIg&feature=youtu.be
Title: NEW: Episode #5 -The Goodbye Helter Skelter Podcast with George Stimson

Search URL Search Domain Scan URL

URL: https://www.rt.com/news/539075-gates-bezos-climate-hypocrites/
Title: ARTICLE: Climate Summit & "Elitist Hypocrites"

Search URL Search Domain Scan URL

URL: https://youtu.be/Py1pJmxeUfk
Title: Most Recent Helter Skelter Podcast - Episode Four with George Stimson.

Search URL Search Domain Scan URL

URL: https://www.bonfire.com/store/charlies-arts/
Title: NEW HERE: ATWA Teeshirts, Sweatsirts, Hoodies & More. NEW COLORS!

Search URL Search Domain Scan URL

URL: https://youtu.be/zIkrGcez-6U
Title: NEW Goodbye Helter Skelter Podcast, Episode Three with George Stimson.

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?time_continue=995&v=LIWul_nbMu8&feature=emb_logo
Title: FROM THE UK - Funeral Home Owner/Director Speaks About His Experience With Covid-19.

Search URL Search Domain Scan URL

URL: https://www.panna.org/press-release/epa-withdraws-all-food-uses-chlorpyrifos-advocates-celebrate?link_id=1&can_id=d8fb05dd5cb9a6d01fc25b0643878d55&source=email-court-to-epa-time-to-ban-chlorpyrifos&email_referrer=email_1264118&email_subject=breaking-epa-bans-all-food-uses-of-chlorpyrifos
Title: Pesticide Action Network, North America (Panna.org) GOOD NEWS!!

Search URL Search Domain Scan URL

URL: https://youtu.be/vutnbX1EX94
Title: The Goodbye Helter Skelter Podcast, Episode Two

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=1Q5CXN7soQg&list=PLDIdNoTVjZiqDpHC65i5G8M97LBStMXao&index=2
Title: "SEASPIRACY" - Amazing Oceans Documentary!

Search URL Search Domain Scan URL

URL: https://www.dailywire.com/news/dr-fauci-faces-call-to-resign-answer-for-shocking-report-indicates-u-s-government-funded-wuhan-research
Title: Dr. Fauci Faces Call To Resign For Funding Wuhan Research

Search URL Search Domain Scan URL

URL: https://www.dailymail.co.uk/news/article-9959811/Israel-planning-administer-FOURTH-Covid-vaccine-adjusted-fight-new-variants.html
Title: Israel Planning To Administer Fourth Covid Shot.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=CAzZBhsIDrA&authuser=0
Title: Informative New Video!

Search URL Search Domain Scan URL

URL: https://youtu.be/cLn4VJM8ms4
Title: VIDEO - New interview with GEORGE STIMSON - longtime friend of Charles Manson and author of "Goodbye Helter Skelter"

Search URL Search Domain Scan URL

URL: https://www.brighteon.com/a569c7c9-9572-47ed-ba3c-130b0c13aa55
Title: New info about Big Pharma patents filed on Covid 19, before infections found in world population.

Search URL Search Domain Scan URL

URL: https://www.rt.com/op-ed/529747-drone-whistleblower-hale-jailed/
Title: Insight into DRONE WAR being fought by USA against Middle Eastern and African countries.

Search URL Search Domain Scan URL

URL: https://wildhorseproject.org/about-us/
Title: WildHorseProject.org

Search URL Search Domain Scan URL

URL: https://www.dailymail.co.uk/news/article-9485079/The-new-plague-plastic-rain-microplastics-literally-pouring-sky.html
Title: Micro Plastics- Plastic Rain?!

Search URL Search Domain Scan URL

URL: https://farmersfootprint.us/
Title: Regenerative Agriculture

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=BEEhGfHGZGU
Title: >Listen on Youtube<

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ncWw2ip4kDo
Title: Re-Posted by request: Video of a conversation with Gray Wolf , (2017)

Search URL Search Domain Scan URL

URL: http://www.projectcoyote.org/
Title: ProjectCoyote.org

Search URL Search Domain Scan URL

URL: https://projectcoyote.salsalabs.org/predatorfilmpetition/index.html
Title: PETITION

Search URL Search Domain Scan URL

URL: https://www.cbsnews.com/news/endangered-california-condors-sequoia-national-park-after-50-years/?ftag=CNM-00-10aab6i&linkId=93478174&fbclid=IwAR1Yusz69ewNAtl4HNoXrdQdo2vSqJUeQVfPeO5cpn4bIpC_reVfTd5J5p4
Title: California Condor making a comeback from the edge of extinction! (Video with article.)

Search URL Search Domain Scan URL

URL: http://www.goodbyehelterskelter.com/order.html
Title: CM quote from "Reflexion" by Lynette Fromme, p.436. Peasenhall Press, 2018.

Search URL Search Domain Scan URL

URL: http://www.scoopyweb.com/2020/05/half-of-uk-drivers-say-they-will-walk.html?m=1
Title: People in UK say they will do more to maintain cleaner AIR.

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?feature=youtu.be&v=vsu7xWA7xy8
Title: Memorial Day Reflection. "Your Soldier", CHARLES MANSON

Search URL Search Domain Scan URL

URL: http://www.charliesarts.com/
Title: ATWA and CM booklets, CM music, ATWA Tee-shirts and much more all now available at www. CharliesArts.com

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?feature=youtu.be&v=2qcsWajivnI
Title: Living in the Redwoods for more than 30 years. A voice for Earth. -Video-

Search URL Search Domain Scan URL

URL: http://savetrees.org/planting_redwoods.aspx
Title: Planting Redwoods: A Tutorial.

Search URL Search Domain Scan URL

URL: http://savetrees.org/home.aspx
Title: The Redwood Forest Institute. Restoration of Redwoods. SaveTrees.org (may be slight delay in loading)

Search URL Search Domain Scan URL

URL: http://www.stationgossip.com/2020/05/pakistan-hires-thousands-of-newly.html?m=1
Title: Pakistan Hires Thousands for 10 Billion Tree-Planting Initiative.

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/entertainment/2020/04/21/michael-moore-doc-slams-environmentalists-for-pushing-solar-energy-electric-cars-to-fix-global-warming/
Title: "Planet of the Humans" documentary. Highly recommended!!

Search URL Search Domain Scan URL

URL: https://m.youtube.com/watch?v=nJrAHt8sri0
Title: "The Dimming". GeoEngineering reveal!

Search URL Search Domain Scan URL

URL: https://www.unz.com/proberts/the-cdc-is-actually-a-vaccine-company-robert-f-kennedy-jr/
Title: Expose' of the CDC, the WHO, and their deep ties to the vaccine and pharmaceutical industries.

Search URL Search Domain Scan URL

URL: https://www.bbc.com/news/world-asia-51691967
Title: NASA images show pollution clear in China.

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/british-hedge-fund-billionaire-hohn-launches-campaign-to-starve-coal-plants-of-finance-2020-3
Title: British Billionaire Fights Coal Plants.

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/science/environment/coronavirus-shutdowns-have-unintended-climate-benefits-n1161921
Title: Venice and Italy: Air and Water Benefit From Economic Shutdowns.

Search URL Search Domain Scan URL

URL: https://www.latimes.com/environment/story/2020-03-19/coronavirus-shutdowns-are-lowering-greenhouse-emissions-history-shows-theyll-come-roaring-back
Title: World-wide Pollution Reductions.

Search URL Search Domain Scan URL

URL: https://youtu.be/JyrbqiCokdw
Title: Great Wildlife Video of Animals Crossing Log Over Stream.

Search URL Search Domain Scan URL

URL: https://www.aljazeera.com/indepth/features/nations-receive-death-threats-canada-pipeline-battle-200301054458822.html
Title: People Battle Canadian Oil Pipeline.

Search URL Search Domain Scan URL

URL: https://www.dailymail.co.uk/sciencetech/article-8131793/Mexican-gray-wolf-population-grew-24-percent-2019-total-42-packs.html
Title: Mexican Grey Wolf Population Coming Back Strong.

Search URL Search Domain Scan URL

URL: https://www.aljazeera.com/indepth/features/dark-fishing-sails-radar-plunder-oceans-200228123026304.html
Title: "Dark" Fishing Plunders Oceans.

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Reflexion-Lynette-Fromme-ebook/dp/B07SY8XMR2/ref=sr_1_1?crid=3LMQGD2Q5T75F&keywords=lynette+fromme&qid=1582158642&s=books&sprefix=Lynette%2Caps%2C687&sr=1-1
Title: New Kindle editions now avalable for REFLEXION by Lynette Fromme

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Goodbye-Helter-Skelter-Tate-LaBianca-Murders-ebook/dp/B07WSH43WG/ref=sr_1_1?keywords=George+Stimson&qid=1582158788&s=books&sr=1-1
Title: GOODBYE HELTER SKELTER by George Stimson.

Search URL Search Domain Scan URL

URL: https://atrazine.news/
Title: Atrazine.news

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-tesla-gigafactory-germany/tesla-ordered-by-german-court-to-stop-cutting-down-trees-for-gigafactory-idUSKBN20A0KK
Title: Tesla ordered to stop cutting trees

Search URL Search Domain Scan URL

URL: https://350.org/
Title: 350.org

Search URL Search Domain Scan URL

URL: https://www.globalresearch.ca/lawsuit-launched-trump-massive-rollback-pollution-protections-rivers-wetlands/5704082
Title: Lawsuit launched over rollback of protections for Rivers, Wetlands and Endangered Species.

Search URL Search Domain Scan URL

URL: https://charliesarts.bigcartel.com/
Title: New soft ATWA Tees and CM art now available at CharliesArts.com

Search URL Search Domain Scan URL

URL: http://www.goodbyehelterskelter.com/
Title: Get the book, "Goodbye Helter Skelter", by George Stimson

Search URL Search Domain Scan URL

URL: http://www.addthis.com/bookmark.php?v=250&pubid=ra-4d80018142a7f224
Title: Share

Search URL Search Domain Scan URL

URL: http://s05.flagcounter.com/more/E75h

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://s7.addthis.com/js/250/addthis_widget.js HTTP 308
https://s7.addthis.com/js/250/addthis_widget.js

Request Chain 4

http://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1 HTTP 307
https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Request Chain 18

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

29 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mansondirect.com/ 256 KB
155 KB 607ms
223ms Document
text/html 162.144.12.171
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://mansondirect.com/
Protocol: HTTP/1.1
Server: 162.144.12.171 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-12-171.unifiedlayer.com
Software: Apache /
Resource Hash: 64ef48d0e0d054178f8003f13cf33153c48607b2a45825e36a5955a565c47dcb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 30 Dec 2023 01:42:20 GMT
Keep-Alive: timeout=5, max=75
Last-Modified: Wed, 27 Sep 2023 07:28:22 GMT
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/250/
Redirect Chain

http://s7.addthis.com/js/250/addthis_widget.js
https://s7.addthis.com/js/250/addthis_widget.js

0
0

99ms
28ms

Script
text/plain

2.17.190.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/250/addthis_widget.js
Requested by: Host: mansondirect.com
URL: http://mansondirect.com/
Protocol: H2
Server: 2.17.190.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-190-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

Date: Sat, 30 Dec 2023 01:42:20 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/250/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c576069b7461537a217b611343ff0f9d1c6fd18ea59204fc762e4a6f54887418

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 55 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78d463685d50c3f46036d756111b2ef2dddef7558c5468eeff561477ea094649

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 60 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e915afff1d3e9f876bc1462d48af78b0c029d4aa23b028dc18bb83e450ac35f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2

200

EZT2FQddYU0 Show response
www.youtube.com/embed/ Frame 8417
Redirect Chain

http://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

92 KB
41 KB

150ms
97ms

Document
text/html

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Requested by

Host: mansondirect.com
URL: http://mansondirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9884d3c45564c6eb1775331ae02a0e94308d9d9ac7ea2c3ccdb280e3baf2b5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mansondirect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-SbK5wP7ytJkMXIHn5QVmCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Dec 2023 01:42:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
Non-Authoritative-Reason: HSTS

GET
H2 403 120349105_1405681989625302_709246829973432321_o.jpg
scontent-den4-1.xx.fbcdn.net/v/t1.0-9/ 21 B
21 B 467ms
153ms Image
text/plain 2a03:2880:f041:11:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-den4-1.xx.fbcdn.net/v/t1.0-9/120349105_1405681989625302_709246829973432321_o.jpg?_nc_cat=107&_nc_sid=730e14&_nc_ohc=DOAs39RciuoAX_6gqim&_nc_ht=scontent-den4-1.xx&oh=fa7859d680e6f5594048479a6762473c&oe=5F9A6C79
Requested by: Host: mansondirect.com
URL: http://mansondirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Dec 2023 01:42:21 GMT
content-type: text/plain
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
content-length: 21
proxy-status: http_request_error; e_clientaddr="AcJ4OzX9_3HmRlNoGzkrYO-d_JkpVAJtJjqhPAaA6aj5yegXqtPAubZ4N-v6gf1aF-yOkodj-fCmkQ-T6-Y2_N7z9ag5-9p8sZCQzYqFuaVWm3feWZ8"; e_fb_vipport="AcJjIg_frOAaGqZtTZK6C_HI72EIUu7cbxd823BkLGDS4fESL28M5lpDAgHk"; e_fb_hostheader="AcKprtr1Go48_KhKatS_z9OU1cHFdjBau94L6e9myGH-6JaabLMzPizOoLclddc3-7cW6CWIHwpdVopeeANCqgqo39jGpw"; e_fb_vipaddr="AcJ6jDPzhbXp1xxHW6sOik0BxX5nGUzyObew1B6uFieHBjYyuPRxxz9Y-_ihSafsm49ty-YaWMqvDT61z8FUbaX9kw4VqRI3-g"; e_fb_requesthandler="AcIllhgMX7q6NyEmdGYe8RWLYTd-ao2rwQfrActV8LMjp2eo0IcyH_XMHsucp9YuVLWwC67w5lkdHdDu"; e_fb_builduser="AcKk7cNVGyuAGOz9uiVKwKPLh0IfB3Kuo08SDVJnBivgRKeIfBM6M0-9bDy5fI5E5wQ"; e_fb_binaryversion="AcIWnThP4QBLEA_t37_64j_k1o39k_o0-svfFK33xW9LKKphO56XxDuJU0vq4mfGjRnTIFTbVLcIwOBW4sks7bAsWGUImP869B8"; e_proxy="AcJXjXfmNy7qW6lY_B3Gk5M5j3KvGMfs0t8qaiY-egRdSWqEE_pI33AQuNMwxQWuLwBzc70TqZd-7P4", http_request_error; e_clientaddr="AcLQrxBxCTGXSZ-LWfE81nH1GT2GOBFFaTgZRNlLigmazvdVDN_FAT9bBSMh-OXfvkiuOlCyqGeFi-27Ukp2U1ccbZfDPgzIC_rkjiYyEyxPhO2Eny4"; e_fb_vipport="AcLFqAIvVzxHrK_7l6IYAj52TJIPMFX_EclPjCuJvH5_40xbCCauPdrZj0za"; e_fb_hostheader="AcKH6vbp5h0hjre4r9XMw2ulVEDXSYeiOsKN2fFkSIoMCbPrlLCfrOLmbFdBgvEZChFfL5bo77Tr6r-tn5WV6Iy4BDB2oQ"; e_fb_vipaddr="AcKC63iWaSDv_OJmSczEO07zRsS6Ij4NJDcH2a9homYlfetTzSC9XlsHayK07CeiwDwrVZv6m0l99BmnpqiqfkRx_lKom4Dn4w"; e_fb_requesthandler="AcJQRyuCg5yrXiR-XAvm3i3dYwSS5w1GD3VQImb1nVFPVRBEElYFVEEIXkMybCnNisxOVIxdwFJ-jiSh"; e_fb_builduser="AcLfqASTt0y54edyLdiDWqXZkIJpZOgDQZyj0LZe4wwc231M1I2lQHtlKMwuf_A355g"; e_fb_binaryversion="AcL2eM_qSGrmiJPA9i4yMS8uiM-8MDGxT5i0DtcrRM4zq_-SYaCi9qmjbrleN3CtNqYP_jXu4eu0xP9N01vwd7gZMDIPgj07Sl0"; e_proxy="AcJIwHF48ysCxN3wNzR8Tgva5u_WIDjIB7tfE5mjAlm28mb2lKLSq5AIlWq2ZcJO83-Ueaky5W78974"

GET
H2 403 120577571_1405694279624073_5027142609644742893_o.jpg
scontent-den4-1.xx.fbcdn.net/v/t1.0-9/ 21 B
21 B 467ms
153ms Image
text/plain 2a03:2880:f041:11:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-den4-1.xx.fbcdn.net/v/t1.0-9/120577571_1405694279624073_5027142609644742893_o.jpg?_nc_cat=110&_nc_sid=730e14&_nc_ohc=O9EngIJ07gYAX_m3A80&_nc_ht=scontent-den4-1.xx&oh=e2b4fb7308e5294daa529cca8b94282c&oe=5F9AADA6
Requested by: Host: mansondirect.com
URL: http://mansondirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Dec 2023 01:42:21 GMT
content-type: text/plain
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
content-length: 21
proxy-status: http_request_error; e_clientaddr="AcK5QvdfuqwZDz9G4mg9aX7FGVGPT3fpo9C3mYPCa6zidvRQN13JtqDj47BQKtkdnYBY_b1CxxLE39T6jyuBalG-7hGNE68fGfSfvyLE_uUmo5u6Lrg"; e_fb_vipport="AcIDWMfyXSBusxXX2FiWjIT1fO_22gdk_M0Cjex5xarib8YnGzqFjwzjgtkl"; e_fb_hostheader="AcKr4SnesjSUc_BYoND-r8Nvu6aBULa1M-9NfODDmmKmDwLwyWX6Yv-KoNMt8jSJZwH9CsjpLpHxl7gMms3DR5MldkcSOw"; e_fb_vipaddr="AcLDkSyPkd13Hj5ayDibEM3SnNnQ73vWS7aS-mnAqPy_XvEltlklbCRYhMOnWUwagLWD_NvbWsvlSWXEN5CCApUXCqSoGlRvEw"; e_fb_requesthandler="AcI6O9yqMEcBEvqNug_Vr4eQenqP7aI7p5nig0e4TMP5iknOTVBXpnvnPGP4ezRgxlHCnboxwWSXluDj"; e_fb_builduser="AcL6vI10GO_-De_muT5iljGdP3eS-1qdSUm6uosDv18N48cYoXiBJZBA6L9Sy2KGr0o"; e_fb_binaryversion="AcLFyfdZqxKjzmnak3miq02-Uj0I3GRGTIlumduh5AEmrzELNXl7qb_mddCsNc9yCsNoSXpg7HJ2ZrrrF_yo8DnSPLkim5wfl0k"; e_proxy="AcKW4P9xl3v9yCi8e93E4lLbY_KCdpwU7p7-USbU88z2WZ9TEKZbShg8kH0J8oQTozFIxhFXLLz6cQY", http_request_error; e_clientaddr="AcLR52yJJq9ihI7HR1rGEX9smb76gZ5-x-fm0Q3Z_ILSbyq7LqZ4SqxGojKew_hwPDVD4e6cqUFug1Xmnd-N5iNwPAAqJszNxzTkDdoP2J1OREf-3Wg"; e_fb_vipport="AcL8iKOsac6FLl5pGPTOcMg21gbWmUezVWht0SC5nQCe-y0oyN_ysWj8SySX"; e_fb_hostheader="AcLH4KPc9oDSsQZs_rJWH5aBPtSgGARZqRxEoFKUt9Xli_cIHgxnjvFPC7kCwndpzWYpThcVWSbscUVUsT6rPpa1JNc2nw"; e_fb_vipaddr="AcLdfwUPoO3rlCUb-yd4yDBxezk1YPBI67YwkE7mNnF9rY7atDgswjwBQCnuBOL6Y4LbLNBF6K9osFkTKvwUFancRziz3UrZ2w"; e_fb_requesthandler="AcImlnnh5ynPo6r4kn3Kb4UO0t9aIBdTKhvVbfW8f6AqtJR2b7M27SV9v3rIT6vBlP-cx0aM_UX4f1jw"; e_fb_builduser="AcIPmy4CuwDeQQH_3j9mF-VeJF-wDEeWPJIJrRPUDkaromQ57er_zHqJGu2rSgSiuLY"; e_fb_binaryversion="AcJRNpY9qTnqwrHPprkQg-Uw8VZrA39jeRfmlWNB22_GAF_c41BpTp8CgVmCaDPbOYB-FCDNQuOuqmEbWAltaCFXERKX2a96TgM"; e_proxy="AcLWHu6QdKz9NtvVydkKGokCF_eephs2LBhtqlbEUQOu7KAUl_zn_xMB8IwNOpeJvmbN_CPMo3YU8SU"

GET
H2 200 xmas%2Bdoll%2B2012.JPG
1.bp.blogspot.com/-wBkitV8R-Ew/XgPL9vmwdOI/AAAAAAAAAH0/POd9OhAot5EuQp2j5rxeECwtsTY7vTF2QCLcBGAsYHQ/s1600/ 188 KB
189 KB 468ms
405ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wBkitV8R-Ew/XgPL9vmwdOI/AAAAAAAAAH0/POd9OhAot5EuQp2j5rxeECwtsTY7vTF2QCLcBGAsYHQ/s1600/xmas%2Bdoll%2B2012.JPG

Requested by

Host: mansondirect.com
URL: http://mansondirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b761488ce9dfd0c19d1ce3af7342cdaf0ba5c10e8bc39fc8d168bd777a58e6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v7e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="xmas doll 2012.JPG"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192725
x-xss-protection: 0
expires: Sun, 31 Dec 2023 01:42:21 GMT

GET
H/1.1 200
OK 3-10-2013++001e.jpg
2.bp.blogspot.com/-eLZ0fwWW_rY/UWOBZI63KmI/AAAAAAAAAJQ/r4oE525JaMY/s1600/ 126 KB
127 KB 389ms
356ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-eLZ0fwWW_rY/UWOBZI63KmI/AAAAAAAAAJQ/r4oE525JaMY/s1600/3-10-2013++001e.jpg

Requested by

Host: mansondirect.com
URL: http://mansondirect.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c267bb755846e786595066f4e1703063462c2d74baae095701e9e2edf021fc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 01:42:21 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v95"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="3-10-2013 001e.jpg"
Timing-Allow-Origin: *
Content-Length: 129118
X-XSS-Protection: 0
Expires: Sun, 31 Dec 2023 01:42:21 GMT

GET
H/1.1 500
Internal Server Error coverforweb.JPG
www.goodbyehelterskelter.com/ 0
0 508ms
250ms Image
text/html 107.154.148.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.goodbyehelterskelter.com/coverforweb.JPG
Requested by: Host: mansondirect.com
URL: http://mansondirect.com/
Protocol: HTTP/1.1
Server: 107.154.148.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.148.204.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 500
Internal Server Error Final%20Front%20Cover%20copy.jpg
www.goodbyehelterskelter.com/ 0
0 521ms
263ms Image
text/html 107.154.148.204
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.goodbyehelterskelter.com/Final%20Front%20Cover%20copy.jpg
Requested by: Host: mansondirect.com
URL: http://mansondirect.com/
Protocol: HTTP/1.1
Server: 107.154.148.204 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.148.204.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK /
s05.flagcounter.com/count/E75h/bg=FFFFFF/txt=000000/border=C7C7C7/columns=2/maxflags=100/viewers=0/labels=0/ 44 KB
44 KB 296ms
185ms Image
image/png 206.221.176.133
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s05.flagcounter.com/count/E75h/bg=FFFFFF/txt=000000/border=C7C7C7/columns=2/maxflags=100/viewers=0/labels=0/
Requested by: Host: mansondirect.com
URL: http://mansondirect.com/
Protocol: HTTP/1.1
Server: 206.221.176.133 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 76789e1222abad3f6f27ce92a68a203d674f7b0b89c15598630498cc7af788a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mansondirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Dec 2023 01:42:21 GMT
Cache-control: no-cache
Server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 www-player.css
www.youtube.com/s/player/da154528/ Frame 8417 358 KB
47 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 00:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Dec 2024 00:54:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8417 15 KB
15 KB 157ms
32ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 05:31:50 GMT
x-content-type-options: nosniff
age: 418231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8417 15 KB
16 KB 150ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:09:14 GMT
x-content-type-options: nosniff
age: 318787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 8417 52 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Dec 2024 08:24:45 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 8417 322 KB
97 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Dec 2024 01:14:17 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 8417 2 MB
768 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Dec 2024 08:24:48 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8417
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

31ms
31ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c07760bdc8082a23c2b98886ee137a2c2a53154bae6cdbfea56bdd638fd9ea00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 30 Dec 2023 01:42:21 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8417 29 B
495 B 86ms
26ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:36:11 GMT
x-content-type-options: nosniff
age: 370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Dec 2023 01:51:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 89ms
31ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 30 Dec 2023 01:42:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8417 86 KB
40 KB 39ms
39ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddebbf9d5a2380f31cf00cc19b9e9bf231813be207c1936e94ca1354c2894f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40736
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 8417 116 KB
33 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Dec 2024 08:24:46 GMT

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame 8417 50 KB
20 KB 84ms
24ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 20:40:10 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/EZT2FQddYU0/ Frame 8417 71 KB
72 KB 133ms
76ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/EZT2FQddYU0/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2921ee6b2106de64e4d91444b9ba8b8bba607a244e8a18f2f3a41ae2c3fd7216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72806
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Dec 2023 03:42:21 GMT

GET
DATA 200
OK truncated
/ Frame 8417 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZTYrP_p2EWqvRBr79ckmDjNvKGgiulms5jxImJ5=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8417 5 KB
5 KB 464ms
393ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTYrP_p2EWqvRBr79ckmDjNvKGgiulms5jxImJ5=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

611197efbabf3908b10b1c2e84bd0cfb31eec21e940e5898d55c78b251b1009e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:42:22 GMT
x-content-type-options: nosniff
server: fife
etag: "vd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4933
x-xss-protection: 0
expires: Sun, 31 Dec 2023 01:42:22 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8417 4 KB
2 KB 89ms
32ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Dec 2023 01:42:21 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 8417 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?aHAGkA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
30ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 30 Dec 2023 01:42:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8417 90 B
134 B 38ms
38ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b87fad039f73a5084247afa052ffa2e3e0cf8256fc2e770f086d007d68052a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 30 Dec 2023 01:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8417 28 B
54 B 41ms
41ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1703900543660
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EZT2FQddYU0?wmode=transparent&jqoemcache=6cdP1
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtnanE4TGt6ZnJWUSj96r2sBjIKCgJERRIEEgAgIw%3D%3D
X-YouTube-Ad-Signals: dt=1703900541487&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C425%2C349&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 30 Dec 2023 01:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 30 Dec 2023 01:42:23 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _fyXHA5zoKA
			.youtube.com/	1970-01-20 21:37:32	Name: VISITOR_INFO1_LIVE Value: gjq8LkzfrVQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scontent-den4-1.xx.fbcdn.net/v/t1.0-9/120349105_1405681989625302_709246829973432321_o.jpg?_nc_cat=107&_nc_sid=730e14&_nc_ohc=DOAs39RciuoAX_6gqim&_nc_ht=scontent-den4-1.xx&oh=fa7859d680e6f5594048479a6762473c&oe=5F9A6C79 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://scontent-den4-1.xx.fbcdn.net/v/t1.0-9/120577571_1405694279624073_5027142609644742893_o.jpg?_nc_cat=110&_nc_sid=730e14&_nc_ohc=O9EngIJ07gYAX_m3A80&_nc_ht=scontent-den4-1.xx&oh=e2b4fb7308e5294daa529cca8b94282c&oe=5F9AADA6 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: http://www.goodbyehelterskelter.com/coverforweb.JPG Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: http://www.goodbyehelterskelter.com/Final%20Front%20Cover%20copy.jpg Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
mansondirect.com
s05.flagcounter.com
s7.addthis.com
scontent-den4-1.xx.fbcdn.net
static.doubleclick.net
www.goodbyehelterskelter.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
107.154.148.204
162.144.12.171
2.17.190.170
206.221.176.133
2a00:1450:4001:802::200a
2a00:1450:4001:806::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::2016
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a03:2880:f041:11:face:b00c:0:3
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
2921ee6b2106de64e4d91444b9ba8b8bba607a244e8a18f2f3a41ae2c3fd7216
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
611197efbabf3908b10b1c2e84bd0cfb31eec21e940e5898d55c78b251b1009e
64ef48d0e0d054178f8003f13cf33153c48607b2a45825e36a5955a565c47dcb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
76789e1222abad3f6f27ce92a68a203d674f7b0b89c15598630498cc7af788a4
78d463685d50c3f46036d756111b2ef2dddef7558c5468eeff561477ea094649
9884d3c45564c6eb1775331ae02a0e94308d9d9ac7ea2c3ccdb280e3baf2b5bd
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
b761488ce9dfd0c19d1ce3af7342cdaf0ba5c10e8bc39fc8d168bd777a58e6f7
b87fad039f73a5084247afa052ffa2e3e0cf8256fc2e770f086d007d68052a49
c07760bdc8082a23c2b98886ee137a2c2a53154bae6cdbfea56bdd638fd9ea00
c267bb755846e786595066f4e1703063462c2d74baae095701e9e2edf021fc2d
c576069b7461537a217b611343ff0f9d1c6fd18ea59204fc762e4a6f54887418
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
ddebbf9d5a2380f31cf00cc19b9e9bf231813be207c1936e94ca1354c2894f70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
e915afff1d3e9f876bc1462d48af78b0c029d4aa23b028dc18bb83e450ac35f0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

mansondirect.com Open in urlscan Pro 162.144.12.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

76 %HTTPS

71 %IPv6

13 Domains

16 Subdomains

15 IPs

2 Countries

1687 kBTransfer

4350 kBSize

2 Cookies

122 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mansondirect.com Open in urlscan Pro
162.144.12.171 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

76 %
HTTPS

71 %
IPv6

13
Domains

16
Subdomains

15
IPs

2
Countries

1687 kB
Transfer

4350 kB
Size

2
Cookies

29 HTTP transactions
4 data transactions