urlscan.io logo urlscan.io
SecurityTrails logo

marilynmanson.staging.wpengine.com Open in urlscan Pro
104.198.154.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://marilynmanson.com/
Effective URL: https://marilynmanson.staging.wpengine.com/
Submission Tags: tranco_l324
Submission: On November 09 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 18 domains to perform 57 HTTP transactions. The main IP is 104.198.154.45, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is marilynmanson.staging.wpengine.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on August 3rd 2021. Valid for: a year.
This is the only time marilynmanson.staging.wpengine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    104.198.154.45 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 45.154.198.104.bc.googleusercontent.com
marilynmanson.com
marilynmanson.staging.wpengine.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
www.googleadservices.com
4    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
11    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
www.google-analytics.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
12 marilynmanson.staging.wpengine.com marilynmanson.staging.wpengine.com
9 www.youtube.com marilynmanson.staging.wpengine.com
www.youtube.com
4 connect.facebook.net marilynmanson.staging.wpengine.com
connect.facebook.net
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
4 pixel.mathtag.com marilynmanson.staging.wpengine.com
pixel.mathtag.com
3 www.google.com marilynmanson.staging.wpengine.com
www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 fonts.googleapis.com marilynmanson.staging.wpengine.com
2 www.facebook.com marilynmanson.staging.wpengine.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de marilynmanson.staging.wpengine.com
2 marilynmanson.com 2 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googletagmanager.com marilynmanson.staging.wpengine.com
1 www.googleadservices.com marilynmanson.staging.wpengine.com
1 ajax.googleapis.com marilynmanson.staging.wpengine.com
0 invertise.s3.amazonaws.com Failed marilynmanson.staging.wpengine.com
0 code.jquery.com Failed marilynmanson.staging.wpengine.com
57 21
Subject Issuer Validity Valid
*.staging.wpengine.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-03 -
2022-09-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://marilynmanson.staging.wpengine.com/
Frame ID: F9C0F2BD3540318C5386287F0AE243AF
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FniF0kSvWGg
Frame ID: 7891E7A040A7CBB29074C4C5E36EF399
Requests: 18 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=1769618a-0697-4d00-a0bc-ca8d43dfde1a&no_iframe=1&mt_adid=149635&source=mathtag
Frame ID: 03DE247391D279ED6E0BEA720826114F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MARILYN MANSON - WE ARE CHAOS

Page URL History Show full URLs

  1. http://marilynmanson.com/ HTTP 301
    https://marilynmanson.com/ HTTP 301
    https://marilynmanson.staging.wpengine.com/ Page URL

Page Statistics

57
Requests

95 %
HTTPS

82 %
IPv6

18
Domains

21
Subdomains

18
IPs

2
Countries

2686 kB
Transfer

5383 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://marilynmanson.com/ HTTP 301
    https://marilynmanson.com/ HTTP 301
    https://marilynmanson.staging.wpengine.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
marilynmanson.staging.wpengine.com/
Redirect Chain
  • http://marilynmanson.com/
  • https://marilynmanson.com/
  • https://marilynmanson.staging.wpengine.com/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e67a7d2c7924f970db2501c0839940c138e88e1f1450c21c2cabb656ed2aafd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 09 Nov 2021 05:26:46 GMT
content-type
text/html; charset=UTF-8
content-length
3727
vary
Accept-Encoding
content-encoding
gzip
x-powered-by
WP Engine

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 05:26:46 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://marilynmanson.staging.wpengine.com/
vary
X-NR-SAMPLE-PERCENT
x-redirect-by
WordPress
x-powered-by
WP Engine
x-cacheable
non200
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-cache-group
normal
wac.css
marilynmanson.staging.wpengine.com/assets/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marilynmanson.staging.wpengine.com/assets/wac.css
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
611ac4a70826af60fcc7b24929515a2d87698612738bae4910e21cdb7a51704a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 14:18:19 GMT
server
nginx
etag
W/"6093faab-8278"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 18:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 02 Nov 2022 18:12:16 GMT
jquery-3.2.1.min.js
marilynmanson.staging.wpengine.com/assets/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marilynmanson.staging.wpengine.com/assets/jquery-3.2.1.min.js
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 14:18:16 GMT
server
nginx
etag
W/"6093faa8-15287"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 05:05:24 GMT
server
ESF
date
Tue, 09 Nov 2021 05:26:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 05:26:47 GMT
css
fonts.googleapis.com/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Maven+Pro
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d1f5aa364a382e023e63703656bb22c71ad5d93dae420af7c9f4b6051709776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 04:24:49 GMT
server
ESF
date
Tue, 09 Nov 2021 05:26:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 05:26:47 GMT
css2
fonts.googleapis.com/ 		2 KB
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Vollkorn:wght@600&display=swap
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58fad1f4268476a6eed81f462341d4f06827f47209a93fc3a1c954ede008a912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 05:26:47 GMT
server
ESF
date
Tue, 09 Nov 2021 05:26:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 05:26:47 GMT
responsivemobilemenu.css
marilynmanson.staging.wpengine.com/assets/responsivemobilemenu/rmm-css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marilynmanson.staging.wpengine.com/assets/responsivemobilemenu/rmm-css/responsivemobilemenu.css
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
43436e56f8df0398fd409b0c885680937ce367136a7eb439d70e4f9ad4bd133d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 14:18:20 GMT
server
nginx
etag
W/"6093faac-1ba1"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
responsivemobilemenu.js
marilynmanson.staging.wpengine.com/assets/responsivemobilemenu/rmm-js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marilynmanson.staging.wpengine.com/assets/responsivemobilemenu/rmm-js/responsivemobilemenu.js
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2468aef281c371ca8794e1f38470aa42c8633521a3dff01ea6e3a5e9c76cf606

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 14:18:20 GMT
server
nginx
etag
W/"6093faac-ab2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
conversion.js
www.googleadservices.com/pagead/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
784543ac181245cdc8b9afb206d2e67801a8ab0e208ec3627e8f6e56027d5ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17625
x-xss-protection
0
server
cafe
etag
5196116736830486321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 05:26:47 GMT
mm-site-divider.png
marilynmanson.staging.wpengine.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynmanson.staging.wpengine.com/assets/mm-site-divider.png
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
26c64d2197039b1022b8c8c282c9ed2500f75817ba6a8c445fabc5f579fd2a54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
last-modified
Thu, 06 May 2021 14:18:17 GMT
server
nginx
accept-ranges
bytes
etag
"6093faa9-40b"
content-length
1035
content-type
image/png
WACTITLE.svg
marilynmanson.staging.wpengine.com/assets/ 		84 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynmanson.staging.wpengine.com/assets/WACTITLE.svg
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0de4e8ca354f75997d3f7b97f3cf0a1211dedfbce906e7ec974c373fb23bf273

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 14:18:19 GMT
server
nginx
etag
W/"6093faab-151d4"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
wac-header.png
marilynmanson.staging.wpengine.com/assets/ 		315 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynmanson.staging.wpengine.com/assets/wac-header.png
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
75407683192b5d2b9c8f034c01b8c6153ae7735e838945d2a6027fce6ee98199

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
last-modified
Thu, 06 May 2021 14:18:19 GMT
server
nginx
accept-ranges
bytes
etag
"6093faab-4ec24"
content-length
322596
content-type
image/png
footcross.png
marilynmanson.staging.wpengine.com/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynmanson.staging.wpengine.com/assets/footcross.png
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a11f3f3ae7bc175095d18acd22b90ea553e6aa7d005d220a88d78f8078b82da9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
last-modified
Thu, 06 May 2021 14:18:15 GMT
server
nginx
accept-ranges
bytes
etag
"6093faa7-5c3"
content-length
1475
content-type
image/png
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1294471&mt_adid=149635&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0 /
Resource Hash
54758a303cad6627111e9baecf831f70329fa940572334f7ea2dd569a7908d5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 05:26:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1411
Expires
Tue, 09 Nov 2021 05:26:46 GMT
jquery.min.js
code.jquery.com/ 		0
0
gtm.js
www.googletagmanager.com/ 		138 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MPVQM68
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93be7c7843d854fa0c801dcbe5c562bd68d33285567d1df9a64a98354fde2a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53096
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Nov 2021 05:26:47 GMT
2556a289-a73d-41fa-8aad-5134f788a35d.js
invertise.s3.amazonaws.com/pixeljs/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/945731840/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945731840/?random=1636435607376&cv=9&fst=1636435607376&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&tiba=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7836411125eeae9b09f62005414186501c35221e32752b91a0f092efc38bf868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1026
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/965532278/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965532278/?random=1636435607379&cv=9&fst=1636435607376&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&tiba=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2885cd82fbe996cbf6ab353d4c5169cc84933e86e1faa13590429df7da7a7d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20ca290859d6589af6bf424e44f9130fa9a5d4e2cac540167a05b4532ff01b20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
32iQ+q8lsR13r6IpmxEM9A==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
4jmBUdhQ3vHSP6eHYf8ipoz2U2inJ3u/MRFl235kcEU1pss5B1Vo5H/de6oKk01rL0Tu1u6qATSI8FEw4LVuOQ==
x-fb-trip-id
686109401
x-fb-content-md5
277b1e2ea967f947687d2d9830f71872
x-frame-options
DENY
date
Tue, 09 Nov 2021 05:26:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"12a1b559544adff5030e4b9a98f8ddd2"
timing-allow-origin
*
expires
Tue, 09 Nov 2021 05:44:46 GMT
FniF0kSvWGg
www.youtube.com/embed/ Frame 7891 		58 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/FniF0kSvWGg
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e49a3e7a488f85035d93d09c39d7f51082cd9f86f3610077a560624aee66db3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Nov 2021 05:26:47 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
painting-bg.jpg
marilynmanson.staging.wpengine.com/assets/ 		411 KB
412 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynmanson.staging.wpengine.com/assets/painting-bg.jpg
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/assets/wac.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c425bb49335c746dbfe29a9e9f188602c7dd0d794d1fba9c21c33a1defc0dc4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/assets/wac.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
last-modified
Thu, 06 May 2021 14:18:18 GMT
server
nginx
accept-ranges
bytes
etag
"6093faaa-66c9e"
content-length
421022
content-type
image/jpeg
grey-bg.jpg
marilynmanson.staging.wpengine.com/assets/ 		674 KB
675 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynmanson.staging.wpengine.com/assets/grey-bg.jpg
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/assets/wac.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fc107f3b143ea5e1f943786a1c0e0920e9940d12cd638627d4c1e3bf8ff81131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/assets/wac.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
last-modified
Thu, 06 May 2021 14:18:16 GMT
server
nginx
accept-ranges
bytes
etag
"6093faa8-a86d1"
content-length
689873
content-type
image/jpeg
jancient.woff2
marilynmanson.staging.wpengine.com/assets/ 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marilynmanson.staging.wpengine.com/assets/jancient.woff2
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/assets/wac.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.154.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.154.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dfa334e970bd270c26d380d013b2e1b172dd4ec239df98b0cbf8a837ddfc0e0b

Request headers

Referer
https://marilynmanson.staging.wpengine.com/assets/wac.css
Origin
https://marilynmanson.staging.wpengine.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
last-modified
Thu, 06 May 2021 14:18:16 GMT
server
nginx
accept-ranges
bytes
etag
"6093faa8-e58c"
content-length
58764
content-type
font/woff2
0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df27naeHmmc.woff2
fonts.gstatic.com/s/vollkorn/v13/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v13/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df27naeHmmc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Vollkorn:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc545629f30b1ac80cb7ab02a06053857313aa18403ab79c51af0acb1146224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marilynmanson.staging.wpengine.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:15:42 GMT
x-content-type-options
nosniff
age
29465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24380
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:07:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:15:42 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marilynmanson.staging.wpengine.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 04:48:55 GMT
x-content-type-options
nosniff
age
434272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 04:48:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
Sg9eOWeRF5AxFsX4pKxtac/MkUhzbk7uMqkBiGzZSo7VJU9Zi65PRWBEnH+K+sQswoN+uQqJF9WKH0frP+408A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 09 Nov 2021 05:26:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_GB/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=9380e7aadb288042d433f04a671f6973
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b8ae068fa316eecebc24f5a7034a112f53616891e9d5192ad24ae9be4ef44ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://marilynmanson.staging.wpengine.com/
Origin
https://marilynmanson.staging.wpengine.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Il0x7ZUquTP8HJpMVa6gtg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78079
x-fb-rlafr
0
x-fb-debug
pCyXFEl/OCXCqNQh/R9SXS/evICYchFYJBvX0F8SHxI9D90Ecnypxlgm+qOXHztWhVMBxF11cXUAWWhBqXyQWg==
x-fb-content-md5
5db2eb2046c5ee6a61e1dd9d895f6d00
x-frame-options
DENY
date
Tue, 09 Nov 2021 05:26:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"70910d99d4fad2d0f7d4a351b1586847"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 09 Nov 2022 04:02:18 GMT
1454758574736309
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1454758574736309?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebb7397a100cf0a15972d0cf7992745b9e18d5ed339ba6aa8ddbff7ad4bddd1d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
0kjPDKl93MEAIUED0wTgTlC+2BhBDnzDWn6aCtT5cIihkFdodlsNUL0NIgnkQG8oZenXdqOjvGzCZBLZITbXnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Nov 2021 05:26:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/965532278/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/965532278/?random=1636435607379&cv=9&fst=1636434000000&num=2&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&tiba=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&fmt=3&is_vtc=1&random=2442638969&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/965532278/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/965532278/?random=1636435607379&cv=9&fst=1636434000000&num=2&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&tiba=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&fmt=3&is_vtc=1&random=2442638969&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/945731840/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/945731840/?random=1636435607376&cv=9&fst=1636434000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&tiba=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&fmt=3&is_vtc=1&random=2456152750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/945731840/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/945731840/?random=1636435607376&cv=9&fst=1636434000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&tiba=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&fmt=3&is_vtc=1&random=2456152750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
pixel.mathtag.com/sync/ Frame 03DE 		631 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=1769618a-0697-4d00-a0bc-ca8d43dfde1a&no_iframe=1&mt_adid=149635&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1294471&mt_adid=149635&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0 /
Resource Hash
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/

Response headers

Content-Type
text/html
Content-Length
631
Server
MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Tue, 09 Nov 2021 05:26:46 GMT
Date
Tue, 09 Nov 2021 05:26:47 GMT
Connection
keep-alive
img
pixel.mathtag.com/misc/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4067 88cc6bf master cdg-pixel-x4 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 05:26:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 05:26:46 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPVQM68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5141
date
Tue, 09 Nov 2021 04:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 06:01:06 GMT
www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame 7891 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
49714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47115
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:38:13 GMT
www-embed-player.js
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame 7891 		209 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
49791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70045
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
base.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 7891 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
49791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527841
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
fetch-polyfill.js
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame 7891 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
49791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7891 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 06:41:55 GMT
x-content-type-options
nosniff
age
427492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 06:41:55 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1051693402&t=pageview&_s=1&dl=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&ul=en-us&de=UTF-8&dt=MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=1846284796&gjid=2077655894&cid=1062253350.1636435608&tid=UA-175581042-1&_gid=750646199.1636435608&_r=1&gtm=2wgb80MPVQM68&z=310586520
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://marilynmanson.staging.wpengine.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 05:26:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marilynmanson.staging.wpengine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame 03DE 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1769618a-0697-4d00-a0bc-ca8d43dfde1a&no_iframe=1&mt_adid=149635&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4067 88cc6bf master cdg-pixel-x16 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=1769618a-0697-4d00-a0bc-ca8d43dfde1a&no_iframe=1&mt_adid=149635&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 05:26:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x16 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 05:26:46 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 7891
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee224b532cf86d780adf67ebf90d7fc2d3ff574cfccb025eedd3ff6b0d10de7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Nov 2021 05:26:47 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 7891 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:13:00 GMT
x-content-type-options
nosniff
age
827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 05:28:00 GMT
remote.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 7891 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
49720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29782
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:38:07 GMT
M6hl5l7zY5gbN1aKYIYb6A4OXig-7ap6CzHtuTYlErk.js
www.google.com/js/th/ Frame 7891 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/M6hl5l7zY5gbN1aKYIYb6A4OXig-7ap6CzHtuTYlErk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33a865e65ef363981b37568a60861be80e0e5e283eedaa7a0b31edb9362512b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 12:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
232569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13452
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 19:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 12:50:38 GMT
embed.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 7891 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
49790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7365
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:57 GMT
truncated
/ Frame 7891 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSxMEoozXqr9vKg1sR0Sitqfrr9XTGEmfgcuOY8Kw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7891 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSxMEoozXqr9vKg1sR0Sitqfrr9XTGEmfgcuOY8Kw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
95f9583377257429caa9faaa7729ee862c4cc5d1bf64d5f9e192e11dd401f4d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 02:18:01 GMT
x-content-type-options
nosniff
age
11326
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2392
x-xss-protection
0
server
fife
etag
"v110"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 07 Oct 2021 06:40:03 GMT
sddefault.webp
i.ytimg.com/vi_webp/FniF0kSvWGg/ Frame 7891 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/FniF0kSvWGg/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
803a3c64b2e1633c841afa5f4772f772132183bddc886ee7cccf7d6bbdf02751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:49:20 GMT
x-content-type-options
nosniff
age
2247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11416
x-xss-protection
0
server
sffe
etag
"1602460758"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Nov 2021 06:49:20 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7891 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 05:26:47 GMT
generate_204
www.youtube.com/ Frame 7891 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?LIb3-w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FniF0kSvWGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FniF0kSvWGg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame 7891 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 09 Nov 2021 21:47:35 GMT
/
www.facebook.com/tr/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1454758574736309&ev=PageView&dl=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&rl=&if=false&ts=1636435607936&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636435607934.1995863580&it=1636435607429&coo=false&exp=p1&rqm=GET
Requested by
Host: marilynmanson.staging.wpengine.com
URL: https://marilynmanson.staging.wpengine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 09 Nov 2021 05:26:48 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1454758574736309&ev=Microdata&dl=https%3A%2F%2Fmarilynmanson.staging.wpengine.com%2F&rl=&if=false&ts=1636435608439&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.marilynmanson.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22MARILYN%20MANSON%20-%20WE%20ARE%20CHAOS%22%2C%22og%3Adescription%22%3A%22The%20Official%20Marilyn%20Manson%20Website%22%2C%22og%3Aimage%22%3A%22assets%2Fwac-prev.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636435607934.1995863580&it=1636435607429&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://marilynmanson.staging.wpengine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:26:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 09 Nov 2021 05:26:48 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 7891 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/FniF0kSvWGg
X-YouTube-Client-Version
1.20211107.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtwSTR5eGppNkxETSiXjaiMBg%3D%3D
X-YouTube-Ad-Signals
dt=1636435607556&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1120%2C630&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 09 Nov 2021 05:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 09 Nov 2021 05:26:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
http://code.jquery.com/jquery.min.js
Domain
invertise.s3.amazonaws.com
URL
http://invertise.s3.amazonaws.com/pixeljs/2556a289-a73d-41fa-8aad-5134f788a35d.js

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| responsiveMobileMenu function| getMobileMenu function| adaptMenu object| dataLayer object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| cycleImages function| fbq function| _fbq object| FB function| metric function| postscribe object| google_tag_manager_external object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mathtag.com/ Name: uuid
Value: 1769618a-0697-4d00-a0bc-ca8d43dfde1a
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.youtube.com/ Name: YSC
Value: g2cDfCUr4oQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: pI4yxji6LDM
.marilynmanson.staging.wpengine.com/ Name: _ga
Value: GA1.4.1062253350.1636435608
.marilynmanson.staging.wpengine.com/ Name: _gid
Value: GA1.4.750646199.1636435608
.marilynmanson.staging.wpengine.com/ Name: _gat_UA-175581042-1
Value: 1
.wpengine.com/ Name: _fbp
Value: fb.1.1636435607934.1995863580
.facebook.com/ Name: fr
Value: 09VsqyvmDBG34RpHw..BhigaY...1.0.BhigaY.

2 Console Messages

Source Level URL
Text
security error URL: https://marilynmanson.staging.wpengine.com/
Message:
Mixed Content: The page at 'https://marilynmanson.staging.wpengine.com/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://marilynmanson.staging.wpengine.com/
Message:
Mixed Content: The page at 'https://marilynmanson.staging.wpengine.com/' was loaded over HTTPS, but requested an insecure script 'http://invertise.s3.amazonaws.com/pixeljs/2556a289-a73d-41fa-8aad-5134f788a35d.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
invertise.s3.amazonaws.com
marilynmanson.com
marilynmanson.staging.wpengine.com
pixel.mathtag.com
static.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
code.jquery.com
invertise.s3.amazonaws.com
104.198.154.45
184.30.20.207
216.58.212.130
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2006
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::2016
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
0de4e8ca354f75997d3f7b97f3cf0a1211dedfbce906e7ec974c373fb23bf273
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
20ca290859d6589af6bf424e44f9130fa9a5d4e2cac540167a05b4532ff01b20
2468aef281c371ca8794e1f38470aa42c8633521a3dff01ea6e3a5e9c76cf606
26c64d2197039b1022b8c8c282c9ed2500f75817ba6a8c445fabc5f579fd2a54
2885cd82fbe996cbf6ab353d4c5169cc84933e86e1faa13590429df7da7a7d81
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
33a865e65ef363981b37568a60861be80e0e5e283eedaa7a0b31edb9362512b9
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43436e56f8df0398fd409b0c885680937ce367136a7eb439d70e4f9ad4bd133d
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
54758a303cad6627111e9baecf831f70329fa940572334f7ea2dd569a7908d5e
58fad1f4268476a6eed81f462341d4f06827f47209a93fc3a1c954ede008a912
611ac4a70826af60fcc7b24929515a2d87698612738bae4910e21cdb7a51704a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1f5aa364a382e023e63703656bb22c71ad5d93dae420af7c9f4b6051709776
75407683192b5d2b9c8f034c01b8c6153ae7735e838945d2a6027fce6ee98199
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
7836411125eeae9b09f62005414186501c35221e32752b91a0f092efc38bf868
784543ac181245cdc8b9afb206d2e67801a8ab0e208ec3627e8f6e56027d5ccf
803a3c64b2e1633c841afa5f4772f772132183bddc886ee7cccf7d6bbdf02751
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
93be7c7843d854fa0c801dcbe5c562bd68d33285567d1df9a64a98354fde2a45
95f9583377257429caa9faaa7729ee862c4cc5d1bf64d5f9e192e11dd401f4d7
a11f3f3ae7bc175095d18acd22b90ea553e6aa7d005d220a88d78f8078b82da9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
adc545629f30b1ac80cb7ab02a06053857313aa18403ab79c51af0acb1146224
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b8ae068fa316eecebc24f5a7034a112f53616891e9d5192ad24ae9be4ef44ebb
c425bb49335c746dbfe29a9e9f188602c7dd0d794d1fba9c21c33a1defc0dc4e
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfa334e970bd270c26d380d013b2e1b172dd4ec239df98b0cbf8a837ddfc0e0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49a3e7a488f85035d93d09c39d7f51082cd9f86f3610077a560624aee66db3e
e67a7d2c7924f970db2501c0839940c138e88e1f1450c21c2cabb656ed2aafd9
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
ebb7397a100cf0a15972d0cf7992745b9e18d5ed339ba6aa8ddbff7ad4bddd1d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee224b532cf86d780adf67ebf90d7fc2d3ff574cfccb025eedd3ff6b0d10de7e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc107f3b143ea5e1f943786a1c0e0920e9940d12cd638627d4c1e3bf8ff81131