thebabytheater.com Open in urlscan Pro
192.124.249.187 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thebabytheater.com/
Submission: On July 02 via automatic, source phishtank (July 2nd 2024, 5:25:24 pm UTC) — Scanned from DE

Summary HTTP 47 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 192.124.249.187, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is thebabytheater.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on June 24th 2024. Valid for: a year.

This is the only time thebabytheater.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	192.124.249.187 192.124.249.187	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2b3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
47	11

32 192.124.249.187 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10187.sucuri.net

thebabytheater.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b3c (United States)

ASN13335 (CLOUDFLARENET, US)

pop.dojo.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

gymnasiumfilmgale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	thebabytheater.com thebabytheater.com	332 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	131 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	234 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	989 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	164 KB
1	gymnasiumfilmgale.com gymnasiumfilmgale.com — Cisco Umbrella Rank: 927624
1	dojo.cc pop.dojo.cc	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
47	9

	Domain	Requested by
32	thebabytheater.com	thebabytheater.com
3	use.fontawesome.com	thebabytheater.com use.fontawesome.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	thebabytheater.com www.gstatic.com
2	www.googletagmanager.com	thebabytheater.com www.googletagmanager.com
1	gymnasiumfilmgale.com	pop.dojo.cc
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	pop.dojo.cc	thebabytheater.com
1	fonts.googleapis.com	thebabytheater.com
47	11

This site contains links to these domains. Also see Links.

Domain
www.vagaro.com
www.facebook.com
twitter.com
www.instagram.com
hardwebdesign.com

Subject Issuer	Validity	Valid
thebabytheater.com Starfield Secure Certificate Authority - G2	`2024-06-24` - `2025-06-24`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
dojo.cc GTS CA 1P5	`2024-05-06` - `2024-08-04`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
gymnasiumfilmgale.com R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://thebabytheater.com/
Frame ID: 39602127A810F78D08DFACF48CACE3CC
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFOgUlAAAAAOVuw9JL-FKWAqi-9bfEbULCjXkl&co=aHR0cHM6Ly90aGViYWJ5dGhlYXRlci5jb206NDQz&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=rjtk8gby2if
Frame ID: 780404675A4A129ED16245E1E5F8BCBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - The Baby Theater

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

47
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

889 kB
Transfer

1881 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vagaro.com/thebabytheater/services
Title: BOOK NOW

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheBabyTheater/

Search URL Search Domain Scan URL

URL: https://twitter.com/theBabyTheater

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thebabytheater/

Search URL Search Domain Scan URL

URL: http://hardwebdesign.com/
Title: Hard Web Design

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thebabytheater.com/ 37 KB
11 KB 340ms
39ms Document
text/html 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

8d3738cd6321ba93e47faefe2ca8bfab34382de869922de510880b2b3f140e1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Tue, 02 Jul 2024 17:25:18 GMT
link: <https://thebabytheater.com/wp-json/>; rel="https://api.w.org/", <https://thebabytheater.com/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json", <https://thebabytheater.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-proxy-cache: MISS
x-sucuri-cache: HIT
x-sucuri-id: 15037
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 144ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9891d15f4d1053d2a69a38af4e16c049d1123d877a7a8914eca155abb93cd348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jul 2024 17:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 17:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jul 2024 17:25:18 GMT

GET
H2 200 jquery.bxslider.css
thebabytheater.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/includes/libraries/bxslider-4/dist/ 4 KB
1 KB 410ms
407ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/includes/libraries/bxslider-4/dist/jquery.bxslider.css?ver=6.1.5

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

2a71d14cea1c3c9aa7a217f8d053955ef35812b2c8446f01199bcc78eb52d3ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:36 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 testimonials-widget.css
thebabytheater.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/assets/css/ 3 KB
953 B 415ms
412ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/assets/css/testimonials-widget.css?ver=6.1.5

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:35 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 testimonials-widget-premium.css
thebabytheater.com/wp-content/plugins/testimonials-widget/assets/css/ 2 KB
790 B 421ms
418ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget-premium.css?ver=6.1.5

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

6828300d5b79d0f302a4592359059d88c8ab8b55ec1892e90495fb8c4c00f7c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:33 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 testimonials-widget-premium-form.css
thebabytheater.com/wp-content/plugins/testimonials-widget/assets/css/ 466 B
520 B 414ms
411ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget-premium-form.css?ver=6.1.5

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

ad73edbef737795259a75db8ad5c17bd45e0c64378db34bfe85ae48657a2532a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:33 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
thebabytheater.com/wp-content/themes/HWDweaver/ 7 KB
2 KB 430ms
428ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/themes/HWDweaver/style.css?ver=2.2.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

30f09abb07572e7ddb8502d0bf7dadb0232f5df665c3d4c58a08009386815f0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 19:20:01 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-mobile.min.css
thebabytheater.com/wp-content/themes/weaver-ii-pro/ 11 KB
2 KB 439ms
437ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/themes/weaver-ii-pro/style-mobile.min.css?ver=2.2.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

906e0792dec4d836c3b4388011688a7c2a9e2b47ca09df68ca8b35c8e6e300eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:48 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-weaverii.css
thebabytheater.com/wp-content/uploads/weaverii-subthemes/ 18 KB
5 KB 429ms
427ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/uploads/weaverii-subthemes/style-weaverii.css?ver=4048

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

16810033467ea3168e41a3d2349687fdd00b17bfa46f169457baa76afdd25215

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: STATIC/PATH
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Mar 2023 22:04:59 GMT
server: nginx
etag: W/"6412410b-4991"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15037
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
thebabytheater.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 447ms
445ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.5

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 20 May 2023 07:19:30 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
thebabytheater.com/wp-includes/css/ 217 B
503 B 457ms
455ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:02 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
thebabytheater.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 449ms
447ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:31 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
thebabytheater.com/wp-includes/js/jquery/ 88 KB
32 KB 453ms
451ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
thebabytheater.com/wp-includes/js/jquery/ 11 KB
5 KB 462ms
460ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jq-sticky-anything.min.js Show response
thebabytheater.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 7 KB
2 KB 469ms
468ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

d2395cfb0a07c27a145f3c0279aab130cd0a80453416b92328144d99c8213743

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:33 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 326ms
232ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: thebabytheater.com
URL: https://thebabytheater.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Origin: https://thebabytheater.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ks3%2BHApsAknVFU5%2FJoesA7stUXvjzURHoqvfUQc55NGRhww2YWSQ61Iu0nJ6flKtNnpzOIST3MP7%2FLzisWCLi3ffpu4AC2sbshFqAPEs39gUr%2BFWIu%2BIwuVpxEKpalOtObIorN3Xk4iK7mK%2Fm%2F8LpmfY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89d055999cf818f7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 154ms
70ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158109024-1

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

931ba46abc534cba0e4c053069b8dcc71fbee72a8f577847b7343e5421f1f90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Jul 2024 17:25:19 GMT

GET
H2 200 cropped-header.png
thebabytheater.com/wp-content/uploads/2019/09/ 73 KB
73 KB 76ms
75ms Image
image/png 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thebabytheater.com/wp-content/uploads/2019/09/cropped-header.png

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

7948ffddd03c5c243857b46760bf367aba64a8a738e1ec61282df7cd99302133

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: STATIC/TYPE
date: Tue, 02 Jul 2024 17:25:18 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 74377
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Mar 2023 22:04:58 GMT
server: nginx
etag: "6412410a-12289"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15037
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Heartbeat-jewelry-1-414x300.jpg
thebabytheater.com/wp-content/uploads/2022/01/ 24 KB
25 KB 83ms
83ms Image
image/jpeg 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thebabytheater.com/wp-content/uploads/2022/01/Heartbeat-jewelry-1-414x300.jpg

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

6985a307c039a825b79a16327eef727667eec10a31a9e03e27fa1d0555d52837

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: STATIC/TYPE
date: Tue, 02 Jul 2024 17:25:18 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 24726
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Mar 2023 22:04:58 GMT
server: nginx
etag: "6412410a-6096"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15037
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6824.js Show response
pop.dojo.cc/ 13 KB
5 KB 294ms
191ms Script
application/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pop.dojo.cc/6824.js

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14da0007492f917d4885542f31bd246f6315738aed92599d7be606621c0b664e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgiB1C8m3TLJLYjh9CuIQ5%2BbM3a4E8iJm96FhqEH30gnZp%2FBnEW6fJzIw9sJ6Iu1hAukcXvgjaRlVjpHc1GMfbE96%2FMAAeRTKJJm0AkdZY6KBRZCJwAHC1KOd8UUp1I%2B5gzyGCMR3HK7nw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 89d0559a6e9c9f1f-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 search_button.gif
thebabytheater.com/wp-content/themes/weaver-ii-pro/images/ 292 B
618 B 38ms
37ms Image
image/gif 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thebabytheater.com/wp-content/themes/weaver-ii-pro/images/search_button.gif

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

f70ef46b9456a476a1086b311758533810a14c61a64d982992c987e70dcb9da9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: MISS
date: Tue, 02 Jul 2024 17:25:18 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15037
accept-ranges: bytes
content-length: 292
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
thebabytheater.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 414ms
414ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:31 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
thebabytheater.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 130ms
129ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:31 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stickThis.js Show response
thebabytheater.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 738 B
681 B 130ms
129ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

11da2a2884f4862a564914b4a40dfeb5df98f6ff289e906b06db735827b1cfce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:33 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 weaverjslib.min.js Show response
thebabytheater.com/wp-content/themes/weaver-ii-pro/js/ 9 KB
3 KB 130ms
128ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/themes/weaver-ii-pro/js/weaverjslib.min.js?ver=2.2.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

b5ed3e68ceaf20ee88dd62a79fe3499602919d7394af8bb88fec9dcac92f4e7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:47 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
thebabytheater.com/wp-includes/js/ 5 KB
2 KB 131ms
129ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masonry.min.js Show response
thebabytheater.com/wp-includes/js/ 24 KB
8 KB 133ms
131ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.masonry.min.js Show response
thebabytheater.com/wp-includes/js/jquery/ 2 KB
1 KB 132ms
130ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
989 B 135ms
55ms Script
text/javascript 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdFOgUlAAAAAOVuw9JL-FKWAqi-9bfEbULCjXkl&ver=3.0

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

61e6b1dc911ba7f7ea042e8f227492fe6be2bf8ecf96ab4a1b38e842ca369d21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 02 Jul 2024 17:25:19 GMT

GET
H2 200 regenerator-runtime.min.js Show response
thebabytheater.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 410ms
408ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
thebabytheater.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 422ms
421ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:06 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
thebabytheater.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
839 B 411ms
409ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.4

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:31 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
thebabytheater.com/wp-includes/js/ 18 KB
5 KB 435ms
434ms Script
application/javascript 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.5

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:05:07 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
thebabytheater.com/wp-content/themes/weaver-ii-pro/ 37 KB
9 KB 134ms
133ms Stylesheet
text/css 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/themes/weaver-ii-pro/style.min.css

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/wp-content/themes/HWDweaver/style.css?ver=2.2.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

93385c4007ce484de97341a09d7744c7606aa2b5d40f0838c40f3d2325ddb601

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/wp-content/themes/HWDweaver/style.css?ver=2.2.4
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 22:04:48 GMT
server: nginx
content-encoding: br
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15037
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bbb.jpg
thebabytheater.com/wp-content/uploads/2019/03/ 55 KB
55 KB 38ms
38ms Image
image/jpeg 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thebabytheater.com/wp-content/uploads/2019/03/bbb.jpg

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

c11f99962fb7d75ccd6c2de41c67c8e312d0e246189d184d3d93fb52c8788349

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: STATIC/TYPE
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 56349
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Mar 2023 22:04:58 GMT
server: nginx
etag: "6412410a-dc1d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15037
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
21 KB 120ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://thebabytheater.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 04:58:47 GMT
x-content-type-options: nosniff
age: 476792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 04:58:47 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 234ms
234ms Font
font/woff2 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://thebabytheater.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=al9jtCPTNgv7FDH%2Fkh47Hz6uDvjWQvzXeZ84FQTwLaXzKYFjLg294Cl3b%2FVD%2FDuwfu3xliJnq9GTaj%2BmbkpfwDdUxaFR%2BlyqxTF2UWH8j7drJt%2BSIQlgByFfhT23sELb4mD%2F0TJNO1plRzwRF0aKGuCR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89d0559cda5118f7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 59572

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 330ms
330ms Font
font/woff2 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://thebabytheater.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgYhg%2F%2B5956wmcYOkV8j3tglF4f22TDLV1wlsjF%2BuNea%2F6ajqbWXAAZs%2Brlqwxx3cD96fpqRhQEcsSmk%2FZ763CnPKiey5lA97lxtFCB0QQO2K2TMakMLk%2FyBpTD%2BkxrtPcjYmKDJl91LabqMnW4MC4%2BB"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89d0559cda5a18f7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63376

GET
H2 200 heartbeat-jewelry-2-414x300.jpg
thebabytheater.com/wp-content/uploads/2022/01/ 24 KB
25 KB 38ms
37ms Image
image/jpeg 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thebabytheater.com/wp-content/uploads/2022/01/heartbeat-jewelry-2-414x300.jpg

Requested by

Host: thebabytheater.com
URL: https://thebabytheater.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

6985a307c039a825b79a16327eef727667eec10a31a9e03e27fa1d0555d52837

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: STATIC/TYPE
date: Tue, 02 Jul 2024 17:25:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 24726
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Mar 2023 22:04:58 GMT
server: nginx
etag: "6412410a-6096"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15037
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 536 KB
213 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdFOgUlAAAAAOVuw9JL-FKWAqi-9bfEbULCjXkl&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Origin: https://thebabytheater.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217833
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Jul 2025 17:12:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
88 KB 77ms
75ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DNYV9QQE78&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158109024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebafd53b5c75ae70fcff7beaf7c173109986b9593507d5cd024350c579d4c802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 17:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90482
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Jul 2024 17:25:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158109024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3372
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 02 Jul 2024 18:29:07 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 133ms
45ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DNYV9QQE78&gtm=45je4710h2v9106373848za200&_p=1719941119456&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1614879372.1719941120&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1719941119&sct=1&seg=0&dl=https%3A%2F%2Fthebabytheater.com%2F&dt=Home%20-%20The%20Baby%20Theater&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1341&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNYV9QQE78&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 17:25:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thebabytheater.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 45ms
44ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=599323387&t=pageview&_s=1&dl=https%3A%2F%2Fthebabytheater.com%2F&ul=de-de&de=UTF-8&dt=Home%20-%20The%20Baby%20Theater&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1476247700&gjid=546282921&cid=1614879372.1719941120&tid=UA-158109024-1&_gid=805937192.1719941120&_r=1&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1591659214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 17:25:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thebabytheater.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
gymnasiumfilmgale.com/65c5567c2873ad806bfa52f35f0aa711/ 0
0 856ms
127ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gymnasiumfilmgale.com/65c5567c2873ad806bfa52f35f0aa711/invoke.js
Requested by: Host: pop.dojo.cc
URL: https://pop.dojo.cc/6824.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 17:25:20 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 7804 0
0 157ms
67ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFOgUlAAAAAOVuw9JL-FKWAqi-9bfEbULCjXkl&co=aHR0cHM6Ly90aGViYWJ5dGhlYXRlci5jb206NDQz&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=rjtk8gby2if

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3jU8hHVMHObh5kMHMHtIrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://thebabytheater.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3jU8hHVMHObh5kMHMHtIrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jul 2024 17:25:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 fav.png
thebabytheater.com/wp-content/uploads/2019/03/ 30 KB
31 KB 217ms
217ms Other
image/png 192.124.249.187
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://thebabytheater.com/wp-content/uploads/2019/03/fav.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.187 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10187.sucuri.net

Software

nginx /

Resource Hash

b56fc8ab1fbbae495cb89e91d2ac08d66e81fa5279b2ac15fe6f4a5e5fc57469

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thebabytheater.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: STATIC/PATH
date: Tue, 02 Jul 2024 17:25:20 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 30992
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Mar 2023 22:04:58 GMT
server: nginx
etag: "6412410a-7910"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15037
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 02:04:53	Name: _GRECAPTCHA Value: 09AOG26BfuWELOh_raa_muRC35Wr33ht96Sy9e4XyLrOJwZbcOTrloN-4cNeoz8_08qAtmcU8Gl1QzZ6zFYalU0Vc
thebabytheater.com/	1970-01-20 21:45:42	Name: twp_session Value: 25d43b7a0944ce26d6e74bc4b02aa747%7C%7C1719934016%7C%7C1719933656
.thebabytheater.com/	1970-01-21 07:21:41	Name: _ga_DNYV9QQE78 Value: GS1.1.1719941119.1.0.1719941119.0.0.0
.thebabytheater.com/	1970-01-21 07:21:41	Name: _ga Value: GA1.2.1614879372.1719941120
.thebabytheater.com/	1970-01-20 21:47:07	Name: _gid Value: GA1.2.805937192.1719941120
.thebabytheater.com/	1970-01-20 21:45:41	Name: _gat_gtag_UA_158109024_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gymnasiumfilmgale.com/65c5567c2873ad806bfa52f35f0aa711/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gymnasiumfilmgale.com
pop.dojo.cc
region1.google-analytics.com
thebabytheater.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
172.217.16.196
172.240.127.234
192.124.249.187
2001:4860:4802:32::36
2606:4700:3037::ac43:8ef5
2606:4700:3108::ac42:2b3c
2a00:1450:4001:80b::200e
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2008
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
11da2a2884f4862a564914b4a40dfeb5df98f6ff289e906b06db735827b1cfce
14da0007492f917d4885542f31bd246f6315738aed92599d7be606621c0b664e
16810033467ea3168e41a3d2349687fdd00b17bfa46f169457baa76afdd25215
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
2a71d14cea1c3c9aa7a217f8d053955ef35812b2c8446f01199bcc78eb52d3ef
30f09abb07572e7ddb8502d0bf7dadb0232f5df665c3d4c58a08009386815f0e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61e6b1dc911ba7f7ea042e8f227492fe6be2bf8ecf96ab4a1b38e842ca369d21
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
6828300d5b79d0f302a4592359059d88c8ab8b55ec1892e90495fb8c4c00f7c2
6985a307c039a825b79a16327eef727667eec10a31a9e03e27fa1d0555d52837
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7948ffddd03c5c243857b46760bf367aba64a8a738e1ec61282df7cd99302133
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8d3738cd6321ba93e47faefe2ca8bfab34382de869922de510880b2b3f140e1c
906e0792dec4d836c3b4388011688a7c2a9e2b47ca09df68ca8b35c8e6e300eb
931ba46abc534cba0e4c053069b8dcc71fbee72a8f577847b7343e5421f1f90d
93385c4007ce484de97341a09d7744c7606aa2b5d40f0838c40f3d2325ddb601
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
9891d15f4d1053d2a69a38af4e16c049d1123d877a7a8914eca155abb93cd348
a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ad73edbef737795259a75db8ad5c17bd45e0c64378db34bfe85ae48657a2532a
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b56fc8ab1fbbae495cb89e91d2ac08d66e81fa5279b2ac15fe6f4a5e5fc57469
b5ed3e68ceaf20ee88dd62a79fe3499602919d7394af8bb88fec9dcac92f4e7e
c11f99962fb7d75ccd6c2de41c67c8e312d0e246189d184d3d93fb52c8788349
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d2395cfb0a07c27a145f3c0279aab130cd0a80453416b92328144d99c8213743
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
ebafd53b5c75ae70fcff7beaf7c173109986b9593507d5cd024350c579d4c802
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f70ef46b9456a476a1086b311758533810a14c61a64d982992c987e70dcb9da9
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

thebabytheater.com Open in urlscan Pro 192.124.249.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

73 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

889 kBTransfer

1881 kBSize

6 Cookies

5 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thebabytheater.com Open in urlscan Pro
192.124.249.187 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

889 kB
Transfer

1881 kB
Size

6
Cookies

47 HTTP transactions
0 data transactions