med-theatre-arts.xyz Open in urlscan Pro
2a05:d014:58f:6202::64  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response med-theatre-arts.xyz/	51 KB 7 KB	482ms 335ms	Document text/html	2a05:d014:58f:6202::64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 8d21f00bcc6c98063284f03df461325b9c1a681a24bbc0dd8480348fb10b53c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 0 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; fwd=miss content-encoding br content-type text/html; charset=UTF-8 date Thu, 06 Jun 2024 20:06:37 GMT etag "470be239d4c8777cccdf30f45c4c8d51-ssl-df" server Netlify strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01HZQJJ4ENAW8V2BH5AVPMST97
GET H2	200	chunk-3LRUVXBA.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	565 KB 166 KB	184ms 20ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/chunk-3LRUVXBA.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 97e86a956ddb1841ec1f296f3a8d2b8cd5dd72588b09f1318ab6435d4fd54c93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:40 GMT x-amz-version-id 4ayM3lYHz3RPgs8qXVYpqjnAidUDukXM x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 x-amz-server-side-encryption AES256 age 602097 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="tg5SL5PdvuGPm94WFJMcbSU9urSXWWoOOtE2IRZ2ITywazihjLtveg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:32:51 GMT server CloudFront etag W/"d2f593dcc42696ef443a7d4259f3fd7d" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin timing-allow-origin * x-amz-cf-id tg5SL5PdvuGPm94WFJMcbSU9urSXWWoOOtE2IRZ2ITywazihjLtveg==
GET H2	200	chunk-ELYU6EKT.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	447 B 1 KB	181ms 17ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/chunk-ELYU6EKT.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:40 GMT x-amz-version-id 8kWOqft5W4VaxwgfLMk.vjlrUOdVYZ7P x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 602097 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="1oZ48UZeSq5YrnTKFYqVsHBadwD1FFDNHMdK6-y_qi5O5e2yumu03A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3 alt-svc h3=":443"; ma=86400 content-length 447 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:38:01 GMT server CloudFront etag "bac0d5b5f6a61029b51079932ccda746" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes timing-allow-origin * x-amz-cf-id 1oZ48UZeSq5YrnTKFYqVsHBadwD1FFDNHMdK6-y_qi5O5e2yumu03A==
GET H2	200	wBgMaa1q12Pr2G2jGUZP21s-UEiZ4earohv8JutvPEU.FGGDIRLB.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	24 KB 8 KB	65ms 64ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/wBgMaa1q12Pr2G2jGUZP21s-UEiZ4earohv8JutvPEU.FGGDIRLB.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 5eee73ab3757ce0307002fa7499d4fcfc66ee04cbdf47d7cd43314f7fcf239d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:40 GMT x-amz-version-id gIhItOXrcGqpk1gRsmg2Jc9sDpQqvrT0 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 x-amz-server-side-encryption AES256 age 602097 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="WK66oMG5tuz_vG--CxpkBjrmAe_JpzJO0EY26OlcM-e8uiqTjSlzyw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:20:52 GMT server CloudFront etag W/"fc687b8a857c88f6587c43490ceb426b" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin timing-allow-origin * x-amz-cf-id WK66oMG5tuz_vG--CxpkBjrmAe_JpzJO0EY26OlcM-e8uiqTjSlzyw==
GET H2	200	chunk-THX2QIIZ.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	582 B 1 KB	68ms 68ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/chunk-THX2QIIZ.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 873139ac62488ee30432f7deeebc1f96b68a5795e7132b7c8553e27376777b8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:40 GMT x-amz-version-id qnjZ4VV2UhyqwgKu5qfN2hlAPImRq3SL x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 602097 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="wus419C1nximJ7Ja2TerXav_vvrCWivC4gu0Ih0ED4m4UJgWf4vh1w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5 alt-svc h3=":443"; ma=86400 content-length 582 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:38:01 GMT server CloudFront etag "bf9f23c6887cafe63e827599f3f48e9a" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes timing-allow-origin * x-amz-cf-id wus419C1nximJ7Ja2TerXav_vvrCWivC4gu0Ih0ED4m4UJgWf4vh1w==
GET H2	200	chunk-AT3WY2KU.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	131 B 1 KB	66ms 66ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/chunk-AT3WY2KU.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e0bc0ac6518f385438e17af5f0cfdc75177d39fdf79ae2b4053f8490a5c6020b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:40 GMT x-amz-version-id ygmOPnnC_C6r32ilGnY8WXL9z9gnsTph x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 602097 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="-ttal5Eot_lgjDxw2J1OwVq2Er3_M8M_EBDEOWUM1ZNMAwoclkD7DQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3 alt-svc h3=":443"; ma=86400 content-length 131 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:38:01 GMT server CloudFront etag "2c32fd58210c7b42aec1b01c88319fac" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes timing-allow-origin * x-amz-cf-id -ttal5Eot_lgjDxw2J1OwVq2Er3_M8M_EBDEOWUM1ZNMAwoclkD7DQ==
GET H2	200	chunk-42U43NKG.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	44 B 957 B	67ms 67ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/chunk-42U43NKG.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:40 GMT x-amz-version-id Po2aqTe5Yy8eZeBbfk3vNNOVzMnUUhFe x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 602097 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="lKCSLBP_MJ2QP4zcYOTheDB2ArLBvbbKqUqhOtGEs7AqhIqJ0Prnug==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3 alt-svc h3=":443"; ma=86400 content-length 44 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:38:01 GMT server CloudFront etag "f5fe0cab78140e0e5aa29f68ce8c2888" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes timing-allow-origin * x-amz-cf-id lKCSLBP_MJ2QP4zcYOTheDB2ArLBvbbKqUqhOtGEs7AqhIqJ0Prnug==
GET H2	200	script Show response events.framer.com/	16 KB 6 KB	387ms 310ms	Script text/javascript	18.173.187.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.framer.com/script Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-48.muc50.r.cloudfront.net Software / Resource Hash 03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 20:06:38 GMT content-encoding gzip via 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubDomains; preload x-amzn-remapped-content-length 15882 x-amz-cf-pop MUC50-P4 x-amzn-requestid 8f717fe9-fdb3-45aa-910d-8d1354e27167 x-amzn-trace-id Root=1-666216ce-40bd3a2a1a6503ee255a28cc x-cache Miss from cloudfront content-type text/javascript timestamp Thu, 06 Jun 2024 20:05:22 GMT x-amz-apigw-id Y9iAQF1VoAMErfw= content-length 5325 x-amz-cf-id vLd3DAvK13PTr3fbnpPt1qaMNThNcIXOCp0oixLQ5tNTfXSmGDpvbw==
GET H2	200	default_script0.EE4GEASQ.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	2 KB 2 KB	68ms 67ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/default_script0.EE4GEASQ.mjs Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 704eb7b438b4338beda7c67f6304b69767a7a01e4f51260f76103b15606f858f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:41 GMT x-amz-version-id SovdiI60jEAqef4OzX9FmRhjXn7sAWG8 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 x-amz-server-side-encryption AES256 age 602097 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="mJv7sjfIuMD83V7_Y6AZcyl2Oe3R1RiICDQ5LeL9GHyLuA_5ABsYqQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:20:52 GMT server CloudFront etag W/"27bca86bcfee5a1783497a65b636aaac" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin timing-allow-origin * x-amz-cf-id mJv7sjfIuMD83V7_Y6AZcyl2Oe3R1RiICDQ5LeL9GHyLuA_5ABsYqQ==
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	156 KB 51 KB	73ms 51ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3919009115728192 Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7c61d2648e19c2cdee2d0e23b277b42d6bec8ac6df522307173d9a703fd8d020 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 20:06:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52227 x-xss-protection 0 server cafe etag 9756436994899656191 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Thu, 06 Jun 2024 20:06:37 GMT
GET H2	404	svg_%26apos%3b.2.delaye med-theatre-arts.xyz/%26apos%3bdata_image/svg%2bxml%3butf8%2c_svg%20xmlns%3d_http_/www.w3.org/2000/svg_%20xmlns_xlink%3d_http_/www.w3.org/1999/xlink_%20viewBox%3d_0%200%2034/	3 KB 3 KB	121ms 121ms	Image text/html	2a05:d014:58f:6202::64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://med-theatre-arts.xyz/%26apos%3bdata_image/svg%2bxml%3butf8%2c_svg%20xmlns%3d_http_/www.w3.org/2000/svg_%20xmlns_xlink%3d_http_/www.w3.org/1999/xlink_%20viewBox%3d_0%200%2034/svg_%26apos%3b.2.delaye Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HZQJJ4Z2Z6PT36EF3MYZZD10 date Thu, 06 Jun 2024 20:06:37 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag 1714258744-ssl-df vary Accept-Encoding content-type text/html; charset=utf-8 cache-control public,max-age=0,must-revalidate
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	74ms 10ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: med-theatre-arts.xyz URL: https://med-theatre-arts.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:13:54 GMT x-content-type-options nosniff age 193963 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Jun 2025 14:13:54 GMT
GET H2	200	__framer-badge.GWBQZA2S.mjs Show response framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/	26 KB 7 KB	20ms 19ms	Script text/javascript	2600:9000:20ae:1200:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/__framer-badge.GWBQZA2S.mjs Requested by Host: framerusercontent.com URL: https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/default_script0.EE4GEASQ.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 817e0cffc32fdcc4e07bc23f620e54661b7d942c6fa4ca00e292d3b187c780a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://framerusercontent.com/sites/48rXRxovIGAEprqiYasgqh/default_script0.EE4GEASQ.mjs Origin https://med-theatre-arts.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 20:51:42 GMT x-amz-version-id 5z7KtuisWWMGBgJ10n9XBNx30IBXkAie x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 x-amz-server-side-encryption AES256 age 602096 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin server-timing cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="9n1VyuUc-T7nixkp3kxuU4HdpXkMZDAA5HgPANiaa4K8GLBq9XE2iw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sun, 05 May 2024 19:32:51 GMT server CloudFront etag W/"a1fa97a1c1f196a40dab59097eb794f1" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin timing-allow-origin * x-amz-cf-id 9n1VyuUc-T7nixkp3kxuU4HdpXkMZDAA5HgPANiaa4K8GLBq9XE2iw==
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/	425 KB 144 KB	78ms 61ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3919009115728192&plah=med-theatre-arts.xyz&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3919009115728192 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 49849ecbed506ebd8f6fb567d47a6aa5f877acd6a470c0b07f0bc67355515d8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 20:06:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147235 x-xss-protection 0 server cafe etag 6628922095925698444 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 06 Jun 2024 20:06:37 GMT
GET H3	200	zrt_lookup_fy2021.html pagead2.googlesyndication.com/pagead/html/r20240604/r20110914/ Frame 6A79	0 0	64ms 21ms	Document text/html	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3919009115728192&plah=med-theatre-arts.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://med-theatre-arts.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 54448 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4165 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Jun 2024 04:59:10 GMT etag 3711839061170457607 expires Thu, 20 Jun 2024 04:59:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads pagead2.googlesyndication.com/pagead/ Frame 85B9	0 0	103ms 70ms	Document text/html	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3919009115728192&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717704398&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fmed-theatre-arts.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~30_19~27_8~29_18&aiixl=32_9~30_6~27_3~29_5&aipaq=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717704397915&bpp=3&bdt=308&idt=168&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6224953540907&frm=20&pv=2&ga_vid=97229845.1717704398&ga_sid=1717704398&ga_hid=828590042&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95332937%2C31084200%2C44798934%2C95332584%2C95334509%2C95334527%2C95334573%2C95334829%2C95335246%2C95334054%2C95334159%2C31078668&oid=2&pvsid=2987484314951572&tmod=1565362441&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=189 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3919009115728192&plah=med-theatre-arts.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://med-theatre-arts.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Jun 2024 20:06:38 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	200	anonymous events.framer.com/	0 0	361ms 361ms	Fetch application/json	18.173.187.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.framer.com/anonymous Requested by Host: events.framer.com URL: https://events.framer.com/script Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-48.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 06 Jun 2024 20:06:38 GMT via 1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 x-amzn-trace-id Root=1-666216ce-121e98985c4ba2f66a05dd05;Sampled=1;lineage=c457ad49:0 x-amzn-requestid bd4d6501-5f97-49d7-a097-6f95401a7c51 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amz-apigw-id Y9iAWHrEoAMETrg= content-length 0 x-amz-cf-id 0itvUnk0wGSJ-535bRA8WPjh2Sfa14K3lLCMXKrC9BFI6t7VuX12yw==
OPTIONS H2	200	anonymous events.framer.com/ Frame	0 0	341ms 310ms	Preflight application/json	18.173.187.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.framer.com/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-48.muc50.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://med-theatre-arts.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token access-control-allow-methods OPTIONS,POST access-control-allow-origin * content-length 0 content-type application/json date Thu, 06 Jun 2024 20:06:38 GMT via 1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront) x-amz-apigw-id Y9iATEQ_IAMEPuA= x-amz-cf-id 5puazwvVoT5-Ia6CYpPh20-EayDCIqB-AxTK873XYb7SOBlL0lJr7Q== x-amz-cf-pop MUC50-P4 x-amzn-requestid f0c33fd1-4def-4694-b543-db70e9f62c08 x-cache Miss from cloudfront
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	53ms 53ms	XHR application/json	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240604&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3919009115728192&plah=med-theatre-arts.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 551a1530b1b8da86c83dfb5beaf12b739fad447970ed3e32dbf89dc91eddd09c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 20:06:38 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12678 x-xss-protection 0
GET H2	404	favicon.ico med-theatre-arts.xyz/	3 KB 1 KB	116ms 116ms	Other text/html	2a05:d014:58f:6202::64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://med-theatre-arts.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HZQJJ5DQ4NSEKGJ8K9TD5Y4G date Thu, 06 Jun 2024 20:06:38 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag 1714258744-ssl-df vary Accept-Encoding content-type text/html; charset=utf-8 cache-control public,max-age=0,must-revalidate
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	50ms 20ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3919009115728192&plah=med-theatre-arts.xyz&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://med-theatre-arts.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 20:06:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 06 Jun 2024 20:06:38 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECB7	0 0	33ms 14ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://med-theatre-arts.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 871 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Jun 2024 19:52:07 GMT expires Fri, 06 Jun 2025 19:52:07 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240604&jk=2987484314951572&bg=!kZKlkt3NAAb64txl2uI7ADQBe5WfOHh-unymaLtYJYvUbI-26Z_WnL7RbI_9R0Xm4LU3_DAXDC7xu1JoeuhyqYRD9_wvAgAAAFtSAAAAAmgBB34ANazXh0g9Rp7UXc3Vdd6b5O0A0FaXfjhy5MLtLZpJjeisbxzFSb0clVSjG4Qp06KHChs7IaMMmQKXfo0i2hY1TB3PU1Xw3dVFu4SSFCsALL7nNVhnJHtU39x9O_d3Hrr9UfxasKGjn6j2YeZqhXiqbjz2dq6QSAZvY0VfZxVRIdOwvhza70vPZ9H6b33cvtAKoyQ48-93KrFPzUU--vVD0eR-iKo-mAuvXpvwHjKq8Br4aItavDYw9VID0UUscQj7ivN2oqDkLjkxR7FftA5wo07tUzqPYqe9AvZxB8-0j53cQhCaS0Z1Pl2iTV3J-gJ-g4BruNOEoKUmy7PIxVmUVyTr6fM0at5cKkHkw3BeqqdolhCWOG9YtzTdKbWC-08wc-mUej3Rby_2rlBvpIJXSsP91-9sx_I5z6fGMfD223BSit_yjRuqqRTeyJa2RTxhycQ0pDuglrWpzc1NOyOrI7pvNC5Nv8AHz3BqJmt4x7g6B87kafIfbW0R7mpcjuPHuCGm4QWDXR5leig_yaHOaU8uILbm-_HbCkm21P2JMRJL_82OLSTJCM3USwqIU0Z5HOwCFVsY9okljBA-RTDEk6HdkP72Y7u11demlVYSaz6I3fm4DhFFhH9c5F3ryvOYznc3gGWH5eQpmLXS5TfpFISAeoxhwJVI8oy81enJ08Awt6pTk4ZRu0cgowvQCbAw5uIYB_oAw1crUWznWHiuzZLVJeeShEPCDVb5IcY8xaBjXbmHuQSWlaQN7bKqhpLt3bcU5Mi4oQo4aUHj8xA5_ls5MEvyC-dZQg7xQb6s4xktC9xcsGIHCm3ljol1o00EEBJ5HikvCm7SK2gNO4C6Cbc54k8rP26MAZ57R_cRyWZxNn0qNlcKjJMdqUd51zQCy1j7X8IHxtCz-ZIbJ0cU4WLZo7C8Tdm4LbPUBWxX05DmyZLs2dPnyz2TIv8lPG2T

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| __FRAMER_TURN_OFF_REACT_EVENT_HANDLING__ function| __framer_importFromPackage object| process object| __framer_events object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| __send_framer_event object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://med-theatre-arts.xyz/%26apos%3bdata_image/svg%2bxml%3butf8%2c_svg%20xmlns%3d_http_/www.w3.org/2000/svg_%20xmlns_xlink%3d_http_/www.w3.org/1999/xlink_%20viewBox%3d_0%200%2034/svg_%26apos%3b.2.delaye Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://med-theatre-arts.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
fonts.gstatic.com
framerusercontent.com
med-theatre-arts.xyz
pagead2.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
18.173.187.48
2600:9000:20ae:1200:d:ada1:a280:93a1
2a00:1450:4001:810::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:830::2001
2a05:d014:58f:6202::64
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
49849ecbed506ebd8f6fb567d47a6aa5f877acd6a470c0b07f0bc67355515d8c
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
551a1530b1b8da86c83dfb5beaf12b739fad447970ed3e32dbf89dc91eddd09c
5eee73ab3757ce0307002fa7499d4fcfc66ee04cbdf47d7cd43314f7fcf239d4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867
704eb7b438b4338beda7c67f6304b69767a7a01e4f51260f76103b15606f858f
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7c61d2648e19c2cdee2d0e23b277b42d6bec8ac6df522307173d9a703fd8d020
817e0cffc32fdcc4e07bc23f620e54661b7d942c6fa4ca00e292d3b187c780a8
873139ac62488ee30432f7deeebc1f96b68a5795e7132b7c8553e27376777b8e
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8d21f00bcc6c98063284f03df461325b9c1a681a24bbc0dd8480348fb10b53c5
97e86a956ddb1841ec1f296f3a8d2b8cd5dd72588b09f1318ab6435d4fd54c93
e0bc0ac6518f385438e17af5f0cfdc75177d39fdf79ae2b4053f8490a5c6020b