theatre1.us Open in urlscan Pro
2606:4700:3037::ac43:b4cd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://theatre1.us/
Submission: On May 26 via api (May 26th 2024, 4:06:30 am UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3037::ac43:b4cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is theatre1.us.
TLS certificate: Issued by GTS CA 1P5 on April 22nd 2024. Valid for: 3 months.

This is the only time theatre1.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3037::ac43:b4cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::61	15169 (GOOGLE) (GOOGLE)
6	172.240.108.84 172.240.108.84	7979 (SERVERS-COM) (SERVERS-COM)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::8a	15169 (GOOGLE) (GOOGLE)
6	136.243.35.166 136.243.35.166	24940 (HETZNER-AS) (HETZNER-AS)
1	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
41	7

23 2606:4700:3037::ac43:b4cd (United States)

ASN13335 (CLOUDFLARENET, US)

theatre1.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)

usingstrikingindoors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.243.35.166 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.35.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

intrstreams.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	theatre1.us theatre1.us	245 KB
6	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34036
6	usingstrikingindoors.com usingstrikingindoors.com
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	251 B
1	fastly.net ad-trackdelivery.global.ssl.fastly.net Failed intrstreams.global.ssl.fastly.net	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
41	6

	Domain	Requested by
23	theatre1.us	theatre1.us
6	ad.a-ads.com	theatre1.us
6	usingstrikingindoors.com	theatre1.us
1	intrstreams.global.ssl.fastly.net	theatre1.us
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	theatre1.us
0	ad-trackdelivery.global.ssl.fastly.net Failed	theatre1.us
41	7

This site contains links to these domains. Also see Links.

Domain
theatre18.us
wordpress.org

Subject Issuer	Validity	Valid
theatre1.us GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
usingstrikingindoors.com R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://theatre1.us/
Frame ID: 451B72439731C39B442E258634A98B71
Requests: 44 HTTP requests in this frame

Frame: https://ad.a-ads.com/2269127?size=320x100
Frame ID: 336CC81C9540397AC132DFEE9628A0CE
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2269128?size=300x250
Frame ID: DB68A1696A390DE84A79560C8F7CD5C0
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2269127?size=320x100
Frame ID: 74627BE1DCD67A52EBECC86CAEDD2D4A
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2269127?size=320x100
Frame ID: E5E4AB64279741E528F8FBCEB59AB7DE
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2269128?size=300x250
Frame ID: 5076ADC683658E3605F11A7D2C4A014D
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2269127?size=320x100
Frame ID: E24474081812C6E88D399E4B1C5C1E30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Theatre1 | Movie News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

349 kB
Transfer

935 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://theatre18.us/
Title: Home

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
theatre1.us/ 73 KB
14 KB 3970ms
3941ms Document
text/html 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21dddb2e573c733f4e33a48b22f491d40be4b9cea942dcbd7fee4add821310a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 889ae452cd8f333c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 26 May 2024 04:06:23 GMT
link: <https://theatre1.us/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdh9Pi%2FMDfcn2v%2FsNS1E2UxjFbITg3UBmWZ1w8teVq0tY6On0PZLDjIYwqi4qOHwwrFZNP2xbW2YSdF9sqOADGdamnDFYwxma%2FulTDtSJq8XhUL0xR6ESVpm5ienmZoohPyph%2Bib2I%2BVsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 lazyload.min.js Show response
theatre1.us/wp-content/plugins/w3-total-cache/pub/js/ 9 KB
4 KB 251ms
250ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3938d0c22ecff2da863abf14289c17b892cb774cb4492d0358ec5179e67ddfb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 03:54:43 GMT
server: cloudflare
etag: W/"66385483-23d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y55RrqwelQeWxZkGQDuwl%2FMgcrP%2Bx4QPOkAsQAc3k7lEGZb3gm%2Fzzzif46%2BxXlkH28wXQ3mTxkvEyDi78gk4xDQ7qfpxcMKyrjaEp4InqZAsLeqMhOcM9c0hKD0kJhsFjFJ36KRvCCH6Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b7b23333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 style.min.css
theatre1.us/wp-includes/css/dist/block-library/ 111 KB
19 KB 730ms
728ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 16:35:14 GMT
server: cloudflare
etag: W/"660ed6c2-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fSrzMpHRA3GbM0xnOs%2FLUVHngEj2Un7LDg0YvSCR7KQWymeO%2BaJniyo2A71FKg0xlUUFivIheDBU2yM2%2BMftwGRES8%2BjvlydZ9ijwldD%2Fwnfw8ASu%2FCjcIzNjmsFPgU9HvPqINHW%2FXTSxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 889ae46b7b26333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 custom-color-overrides.css
theatre1.us/wp-content/themes/twentytwentyone/assets/css/ 130 B
635 B 729ms
727ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/themes/twentytwentyone/assets/css/custom-color-overrides.css?ver=2.2

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54e310005e904894ed9c3e6582efae4f8e57e695cba3adb1e304bec2e68a5951

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 May 2024 11:15:04 GMT
server: cloudflare
etag: W/"6640a4b8-82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCsJU01JoSo9MjHI%2BoCg23lUb9MonQg69mHX5XcnZ5BfRD8PzGHmdnlMyuvZUnxjX7iIcY%2BOI5SriDKWVT3twziWesaI%2BOlUKZP6zXHmwYFSbTSMJ%2F5J8cukZQ7Ban%2B3kwKvvR7VjrQXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 889ae46b7b28333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 styles.css
theatre1.us/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 737ms
735ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.5

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 May 2024 12:25:30 GMT
server: cloudflare
etag: W/"664f35ba-b4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKQ%2FSojs9d0S2XYJYA7g3QdgVTjjIzcJMLxiPCxadkamXoajTFvQ0qXkuxN80PoAe0WGNFVYm0SHcoUBpT%2B50VqP%2BteyOxj6%2BeSua1y2cRJg4eXHOQ8q87Q7xqm99MiunPReOjZir5ms7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 889ae46b7b29333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 idblog-core.css
theatre1.us/wp-content/plugins/idblog-core/css/ 7 KB
3 KB 726ms
724ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 11:40:10 GMT
server: cloudflare
etag: W/"6568749a-1a77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FQUAbAulE4ylk5BQt3e64HPsLqKbrHfMplzbdbJ16g2%2BD3MJCXBB6pmrKV604S%2FiQq6%2BCWKEM%2BYMthfIbu0A0E1P95cfefNVfUAGRID%2FF6eyXTcbrt1Sr6lq2GI%2BwCSHAQg24bcGNr7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 889ae46b7b2a333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 style.css
theatre1.us/wp-content/themes/twentytwentyone/ 152 KB
29 KB 737ms
736ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/themes/twentytwentyone/style.css?ver=2.2

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

246738ac96de9466cccfa9f3df1cfea58bf90ce8ac784455b766047526dca4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 May 2024 11:15:04 GMT
server: cloudflare
etag: W/"6640a4b8-25fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4O6Gaf1oX0MyuixkRRtBOUu4ndzCeyzx1Oj8pySSH5rA9bfrDcKsymelimIKbi3%2BOSGA3TxwqKhQSg3nraT2LDBNj4pnTfOeIOKgYbcsJhKq0hlubmN%2BYolhYbHUG70H8rf%2FgEvNTaFFBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 889ae46b7b2b333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 jquery.min.js Show response
theatre1.us/wp-includes/js/jquery/ 86 KB
34 KB 745ms
743ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 02:39:24 GMT
server: cloudflare
etag: W/"654af4dc-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQxVJhzfJpfNRGQgmjPKYUr9o2oQSUswNxJm%2BcLO%2F6XkPSVu%2BbmXXHYCMpxr7GrQXqJBEuyZWwkPRcHr37y8W9J5crXXIJMpOHvd17OlmvKnmYFDot1A%2BxdDjwBYm2ojHh%2BrAe%2BJMeuuOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b7b2c333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 jquery-migrate.min.js Show response
theatre1.us/wp-includes/js/jquery/ 13 KB
6 KB 727ms
725ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 02:43:36 GMT
server: cloudflare
etag: W/"64d2fd58-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGXXNedjX%2BR7DJif6ItY1KjL90XiIzGsf7kbSGU%2F4mQMucSuRAqXgPQqGkcVkBBcoswFixIyDKTmqrADJi6TSdgbI9X%2F%2BA3f46%2BLv00j%2FZHAfHiWZfIhTfJk17B%2FoVV1uH3MD5Y0XxbmDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b7b2d333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 advanced.min.js Show response
theatre1.us/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 728ms
726ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.52.3

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ff2f173784b131e58f376088dfd9f53aedfcbc9feb5a65d5f90d671f9b8e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 07:33:02 GMT
server: cloudflare
etag: W/"6644652e-1d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BlGM9GOy744dEd5ZRuCROWFrxPAM6iHF%2F2%2FrOJM1MRhi4QMS%2FvFUu9CD5tTHZeFX7dIrfQN07K%2F55pleRQI87bu2qeKNsRxbBYR1KZ74PxD2VhzUA%2B1fhHH14A4WNu1DSvD5vaSqC2vFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b7b2f333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 primary-navigation.js Show response
theatre1.us/wp-content/themes/twentytwentyone/assets/js/ 6 KB
2 KB 690ms
690ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=2.2

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e8a3ca0ea2bae6770aa54a3eff6c6758086dd409856adfdb70b2901d73afc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 May 2024 11:17:04 GMT
server: cloudflare
etag: W/"6640a530-179e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0%2B4wTb9BqAIjG5j%2BwwsEk%2BR2DnM%2FmnRQDV76Mv5%2BqgP2nMCLmDnM1mU6uXD%2BtoWh1%2F5XEvRkeRJ8BUFqBssLML2a8bmIM6kw6XghsealZwREO%2F8oIDD9qC%2FcLfnLYnvlhEV%2BM6Y18hrHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae4702dfd333c-EWR
expires: Sun, 26 May 2024 16:06:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 155ms
48ms Script
application/javascript 2607:f8b0:400d:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-TBZRL9T

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a6c7ef5d283f2049253513f5df5ee3a8b4193bd16d01ff86a447936f7a365d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102410
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 May 2024 04:06:24 GMT

GET
H3 200 print.css
theatre1.us/wp-content/themes/twentytwentyone/assets/css/ 3 KB
2 KB 683ms
683ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/themes/twentytwentyone/assets/css/print.css?ver=2.2

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 May 2024 11:15:04 GMT
server: cloudflare
etag: W/"6640a4b8-b51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKq8qnGJPq%2Fcd%2Bt%2FcDI0u%2BCma2WOe4hyQ0VdGQQV0ijXWOpFppe3d6AnfxcfZpJiI4WYv7j1A3AEYJaNfx%2BuogrYFxu0A2xjXqbaVZQLXBp7n8DL75KWT4N%2BE%2FInl3xjCk3YJtzeWuw4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 889ae4705e0c333c-EWR
expires: Sun, 26 May 2024 16:06:24 GMT

GET
H3 200 index.js Show response
theatre1.us/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 731ms
730ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.5

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 May 2024 12:25:30 GMT
server: cloudflare
etag: W/"664f35ba-2cf9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdmC0kFwUZotRVeqWeBN%2BPf0CTliFRT9o7CfbElM7gdvBLOQdFKr6wHAcFnBkQE55G7rhX8b1iwbrmontN5Y6MtKDZznxHzPtgu262zyJl5T2UDkc%2B2zydMao0OEdjH44HEUIakfyr089A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b9b3d333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 index.js Show response
theatre1.us/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 727ms
725ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.5

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 May 2024 12:25:30 GMT
server: cloudflare
etag: W/"664f35ba-32fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sA219mWqG6gim4Al37vpvF55Momkw1UdBazGQmuvf9t5UTGtVqlHUNl8X9N6Xn0Lb975Av2N48M72eZAQ0%2FzGd3zT3CrpXJD58z61alOo7JJpFnlFcw5G5l7SYTAhUI6SXSCKALB%2BKALFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b9b3f333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 ajax.js Show response
theatre1.us/wp-content/plugins/wp-post-views//assets/js/ 634 B
840 B 727ms
726ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/wp-post-views//assets/js/ajax.js?ver=6.5.3

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae7252ad2f96cefa447ce1fc21d97ac12957fee172faddc2db1f8109bf909e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 07 Apr 2024 20:32:33 GMT
server: cloudflare
etag: W/"661302e1-27a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVOsh%2BjA%2BbMUqGvI7G0qlDXaIpW4AXWbZ2cnZEfjl5cswQbkETUoxC3regmGzrRkOB4bU4C90Kg0zXsuMyHhSsMSo1Wr%2Bpug%2BdDIqwt8nyyhFPIWAqh3wyAXkBSPryEw%2BP6yEApWhO2kYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b9b41333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 sticky.js Show response
theatre1.us/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 6 KB
3 KB 728ms
726ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.3

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 May 2023 10:47:51 GMT
server: cloudflare
etag: W/"647725d7-171a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0e9BHbsUzj6fh1ZkTtTcheLa2onlxzE%2F6MDLv7UkyqlD3F%2BtT4SVFU3CdHjbLePqrVMPIXE%2FkYKYlHMRmlswGkT4mbUqtklxlMuJkBO98XZJFGgXe6ds0NX0kpi7O8r78YGa6ls1KOTaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b9b42333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 advanced-ads-pro.min.js Show response
theatre1.us/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
3 KB 728ms
727ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.19.2

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 May 2023 08:21:56 GMT
server: cloudflare
etag: W/"646dc924-1834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srl2uZRwRLr7VhgVa%2B2%2FoDDv2BCCsv9AFpEqcN4uZM%2FNUQDKCjfU8zZWZdxjlfpczlloN77faLr9T1%2Bkc8NBG9UYlLZZfKFtEzLLYjsRKgfRSZ8hM%2FMvqW%2Biy%2FG7bLDz8QRhIAESdAKJ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b9b43333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
H3 200 responsive-embeds.js Show response
theatre1.us/wp-content/themes/twentytwentyone/assets/js/ 1 KB
1 KB 728ms
728ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=2.2

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 May 2024 11:15:04 GMT
server: cloudflare
etag: W/"6640a4b8-467"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MuvQ1PsfX71xBUf4ybOeaGwSvQju2uLTUN%2FLhsNB0ZLOqPzw%2FTakfJyAecorumjq2oPFgnjWSVKkLvKIzPyQZYdiE2XWkUQtUd2b9XruUDZz8WPOP%2Bn6n1V5n5hmChDOVM4mgUIdl%2Fclw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae46b9b44333c-EWR
expires: Sun, 26 May 2024 16:06:23 GMT

GET
BLOB 200
OK 0759cf60-b8fd-4b72-a799-845453323267
https://theatre1.us/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theatre1.us/0759cf60-b8fd-4b72-a799-845453323267
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET tracking.php
ad-trackdelivery.global.ssl.fastly.net/ 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a270e7766de38f6fe43a3ee537c4a402685bf4cfdace59fc6732542c47b950d

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 975c3983148303fba8b69a803912fd08a8743d758866dd696caefdfb0b9fc713

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 028f882f54a1fea8c51e0863d4a628b6af2b3fa90755eb275aac68c174ef6b74

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 403
Forbidden invoke.js
usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/ 0
0 1056ms
16ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 26 May 2024 04:06:25 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 75ms
24ms Ping
text/plain 2607:f8b0:400d:c0e::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YH5YJKJY5J&gtm=45Pe45m0v9167311727za200&_p=1716696384047&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=2042019746.1716696384&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716696384&sct=1&seg=0&dl=https%3A%2F%2Ftheatre1.us%2F&dt=Theatre1%20%7C%20Movie%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5005
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TBZRL9T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0e::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 26 May 2024 04:06:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theatre1.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2269127
ad.a-ads.com/ Frame 336C 0
0 297ms
102ms Document
text/html 136.243.35.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2269127?size=320x100

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.35.166 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.35.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://theatre1.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 26 May 2024 04:06:25 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://theatre1.us/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f31e892346ae98c65b422d749528adfb78266bbc88411b16cf18d17a469441f

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 319edc0087d21316c75a2fb8184ef6b8341687e211d51fa48de91341208bd8ff

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 403
Forbidden invoke.js
usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/ 0
0 18ms
18ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 26 May 2024 04:06:25 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 2269128
ad.a-ads.com/ Frame DB68 0
0 362ms
190ms Document
text/html 136.243.35.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2269128?size=300x250

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.35.166 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.35.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://theatre1.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 26 May 2024 04:06:25 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://theatre1.us/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14034460331ad4d1cc2fb12ccc794f41430522b19afe927f4c4615b2a4d12dae

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17bdbd779a61ae35c0d1d703d952df3f87ca5f3c37175fc4ac8b3f1904a22fcf

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 403
Forbidden invoke.js
usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/ 0
0 18ms
18ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 26 May 2024 04:06:25 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 2269127
ad.a-ads.com/ Frame 7462 0
0 355ms
103ms Document
text/html 136.243.35.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2269127?size=320x100

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.35.166 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.35.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://theatre1.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 26 May 2024 04:06:25 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://theatre1.us/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 403
Forbidden invoke.js
usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/ 0
0 16ms
16ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 26 May 2024 04:06:25 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 2269127
ad.a-ads.com/ Frame E5E4 0
0 604ms
268ms Document
text/html 136.243.35.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2269127?size=320x100

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.35.166 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.35.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://theatre1.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 26 May 2024 04:06:25 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://theatre1.us/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden invoke.js
usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/ 0
0 18ms
18ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 26 May 2024 04:06:25 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 2269128
ad.a-ads.com/ Frame 5076 0
0 508ms
209ms Document
text/html 136.243.35.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2269128?size=300x250

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.35.166 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.35.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://theatre1.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 26 May 2024 04:06:25 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://theatre1.us/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden invoke.js
usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/ 0
0 16ms
16ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 26 May 2024 04:06:25 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 2269127
ad.a-ads.com/ Frame E244 0
0 685ms
119ms Document
text/html 136.243.35.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2269127?size=320x100

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.35.166 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.35.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://theatre1.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 26 May 2024 04:06:25 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://theatre1.us/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET tracking.php
ad-trackdelivery.global.ssl.fastly.net/ 0
0

GET
H/1.1 200
OK j5cWkH Show response
intrstreams.global.ssl.fastly.net/ 4 KB
2 KB 466ms
442ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://intrstreams.global.ssl.fastly.net/j5cWkH?return=js.client&&se_referrer=&default_keyword=Theatre1%20%7C%20Movie%20News&landing_url=theatre1.us%2F&name=_dk8ZFKzwRzjnJgm8&host=https%3A%2F%2Fintrstreams.global.ssl.fastly.net%2Fj5cWkH
Requested by: Host: theatre1.us
URL: https://theatre1.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 33f8a37a47baa693a7f2255cef12755f491d8ef38bf248ea30ccd5bb3326f953

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Cache-Hits: 0
Date: Sun, 26 May 2024 04:06:25 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Cache: MISS
Connection: keep-alive
Content-Length: 1596
X-Served-By: cache-lga21955-LGA
Server: nginx
X-Timer: S1716696385.259511,VS0,VE433
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Sun, 26 May 2024 04:06:25 GMT

GET
H3 200 wp-emoji-release.min.js Show response
theatre1.us/wp-includes/js/ 18 KB
6 KB 699ms
699ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 16:35:14 GMT
server: cloudflare
etag: W/"660ed6c2-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwhVWKlDfrbHfBIcVnQLqaxDw02RM7sF3OoI6tbhw35BgtArdomglvFzz%2B89tHPS2iCxkDyWkd1vDYeKfnEgmvMVwwvR2TsoP6i%2Bj6HWQ%2Fzd3eJaQjQyUCpHVotJSm6nKAapen1cSvqmDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 889ae477ba8f333c-EWR
expires: Sun, 26 May 2024 16:06:25 GMT

POST
H3 200 admin-ajax.php Show response
theatre1.us/wp-admin/ 27 B
630 B 2288ms
2288ms XHR
application/json 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-admin/admin-ajax.php

Requested by

Host: theatre1.us
URL: https://theatre1.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66470493fb1d959c8bfe6608271e8be79da2c017561b878e985701319a232b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://theatre1.us/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5S5yO8GHZ8fNBMNzNnmybcc6uAkbDwePmTGCyyuvLR%2FNO9ixH5wHNVb5WvwUx3y7CBsLgfvJkOWWOWOJ6y7pJJBudYr%2FlXMdu1456DmSE4akMhGtLh92ONPHv05pLtGxmteA4BLK2ulrKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theatre1.us
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 889ae477da9f333c-EWR
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 t18_update.jpg
theatre1.us/wp-content/uploads/2023/07/ 7 KB
7 KB 20ms
19ms Image
image/jpeg 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theatre1.us/wp-content/uploads/2023/07/t18_update.jpg

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7480d8415a8bc27ffbfb9325b4b17c8624b1749a430bd0001232bddbe32d20b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87101
alt-svc: h3=":443"; ma=86400
content-length: 6997
last-modified: Sun, 02 Jul 2023 04:54:15 GMT
server: cloudflare
etag: "64a102f7-1b55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhuUZQ3tRIqaLNakQ1Mc%2BVoxuXOTgV3d%2FWRoT0L3f2E4vibyNeFsi1ebeoVlwkHwmTRJQ9LSzHzAfQkhCP%2F%2FgILkuSFivD9p6iEsFT2i5qEQM7546iJul1FwkYOh81dnsJ1iLbC7Q2zO0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 889ae477daa1333c-EWR
expires: Mon, 24 Jun 2024 03:54:44 GMT

GET
H3 200 60zzZp_2f.jpg
theatre1.us/wp-content/uploads/2024/05/ 94 KB
95 KB 1090ms
1090ms Image
image/jpeg 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theatre1.us/wp-content/uploads/2024/05/60zzZp_2f.jpg

Requested by

Host: theatre1.us
URL: https://theatre1.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

988e46e9aa0df28c0cc454ce44e3a3f53a0a67bd3fe9779dbec5cd12b302db8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 96500
last-modified: Sat, 25 May 2024 15:54:02 GMT
server: cloudflare
etag: "6652099a-178f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blijvdJxxhBrJCLrKMOEMC5zPedlmkKwTC9fIBknIu4DpNmTDnKjvETd7pWEnMDf%2B2h1MS1W4DEtwJE%2Bl5IBgFEzzAgpTM%2B%2BG4oPvYlwgfA8JHa5J6AUYrfOPDvyPLeMZGsbvtX1w6aF4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 889ae477daa2333c-EWR
expires: Tue, 25 Jun 2024 04:06:25 GMT

GET
H3 200 cropped-android-chrome-512x512-1-60x60.png
theatre1.us/wp-content/uploads/2023/07/ 2 KB
3 KB 663ms
662ms Other
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theatre1.us/wp-content/uploads/2023/07/cropped-android-chrome-512x512-1-60x60.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b654a73b59440b75b4cc2b01c0a1a0f72e671d153d12488e0c630f405fca8526

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theatre1.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:06:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2098
last-modified: Sun, 02 Jul 2023 04:53:45 GMT
server: cloudflare
etag: "64a102d9-832"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDR%2B20MF31Qrij74xNAvq1HeU3w5XAb8YrWqSTuD%2Fk%2B3Z0OkB5UM6rJZSUzAGfSpZfL%2Bm6yypOwSxaNq3B6QeFoCspoaVjv3%2Fqf3qIl5%2F2sJ4b2nlWlL%2BJKx%2FdaSJkR5DQYqwRe9k%2FtxXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 889ae4800814333c-EWR
expires: Tue, 25 Jun 2024 04:06:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad-trackdelivery.global.ssl.fastly.net
URL: https://ad-trackdelivery.global.ssl.fastly.net/tracking.php?&site=theatre1.us&referer=

Domain: ad-trackdelivery.global.ssl.fastly.net
URL: https://ad-trackdelivery.global.ssl.fastly.net/tracking.php?&site=theatre1.us&referer=

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theatre1.us/	1970-01-21 06:27:36	Name: _ga_YH5YJKJY5J Value: GS1.1.1716696384.1.0.1716696384.0.0.0
			.theatre1.us/	1970-01-21 06:27:36	Name: _ga Value: GA1.1.2042019746.1716696384

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://theatre1.us/(Line 223) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://theatre1.us/(Line 223) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://theatre1.us/(Line 297) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://theatre1.us/(Line 297) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://theatre1.us/(Line 371) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://theatre1.us/(Line 371) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://theatre1.us/(Line 467) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://theatre1.us/(Line 467) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://theatre1.us/(Line 511) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://theatre1.us/(Line 511) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://usingstrikingindoors.com/0a3316af6500a6e9eb3fbbeadff655d5/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://theatre1.us/(Line 555) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://theatre1.us/(Line 555) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://usingstrikingindoors.com/bdbf41af23170c333f4680002d8850be/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-trackdelivery.global.ssl.fastly.net
ad.a-ads.com
intrstreams.global.ssl.fastly.net
theatre1.us
usingstrikingindoors.com
www.google-analytics.com
www.googletagmanager.com
ad-trackdelivery.global.ssl.fastly.net
136.243.35.166
151.101.65.194
172.240.108.84
2606:4700:3037::ac43:b4cd
2607:f8b0:400d:c0e::8a
2607:f8b0:400d:c1d::61
028f882f54a1fea8c51e0863d4a628b6af2b3fa90755eb275aac68c174ef6b74
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031
14034460331ad4d1cc2fb12ccc794f41430522b19afe927f4c4615b2a4d12dae
17bdbd779a61ae35c0d1d703d952df3f87ca5f3c37175fc4ac8b3f1904a22fcf
21dddb2e573c733f4e33a48b22f491d40be4b9cea942dcbd7fee4add821310a6
246738ac96de9466cccfa9f3df1cfea58bf90ce8ac784455b766047526dca4c5
2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb
319edc0087d21316c75a2fb8184ef6b8341687e211d51fa48de91341208bd8ff
327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97
33f8a37a47baa693a7f2255cef12755f491d8ef38bf248ea30ccd5bb3326f953
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
3938d0c22ecff2da863abf14289c17b892cb774cb4492d0358ec5179e67ddfb0
3f31e892346ae98c65b422d749528adfb78266bbc88411b16cf18d17a469441f
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54e310005e904894ed9c3e6582efae4f8e57e695cba3adb1e304bec2e68a5951
5a270e7766de38f6fe43a3ee537c4a402685bf4cfdace59fc6732542c47b950d
5a6c7ef5d283f2049253513f5df5ee3a8b4193bd16d01ff86a447936f7a365d5
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
66470493fb1d959c8bfe6608271e8be79da2c017561b878e985701319a232b3a
7480d8415a8bc27ffbfb9325b4b17c8624b1749a430bd0001232bddbe32d20b6
842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430
8e8a3ca0ea2bae6770aa54a3eff6c6758086dd409856adfdb70b2901d73afc0e
975c3983148303fba8b69a803912fd08a8743d758866dd696caefdfb0b9fc713
988e46e9aa0df28c0cc454ce44e3a3f53a0a67bd3fe9779dbec5cd12b302db8c
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98ff2f173784b131e58f376088dfd9f53aedfcbc9feb5a65d5f90d671f9b8e4f
9ae7252ad2f96cefa447ce1fc21d97ac12957fee172faddc2db1f8109bf909e7
b654a73b59440b75b4cc2b01c0a1a0f72e671d153d12488e0c630f405fca8526
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

theatre1.us Open in urlscan Pro 2606:4700:3037::ac43:b4cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

349 kBTransfer

935 kBSize

2 Cookies

2 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theatre1.us Open in urlscan Pro
2606:4700:3037::ac43:b4cd Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

349 kB
Transfer

935 kB
Size

2
Cookies

41 HTTP transactions
9 data transactions