www.neptunetheatre.com Open in urlscan Pro
40.86.230.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r20.rs6.net/tn.jsp?f=001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh1ArgEOil_RB6yRu-WdNJwcuBk_H9nsY...
Effective URL:
https://www.neptunetheatre.com/support/donate
Submission Tags: falconsandbox
Submission: On June 01 via api (June 1st 2023, 2:34:49 am UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 72 HTTP transactions. The main IP is 40.86.230.96, located in Québec, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.neptunetheatre.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 6th 2023. Valid for: 6 months.

This is the only time www.neptunetheatre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
4 16	40.86.230.96 40.86.230.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
7	20.150.113.36 20.150.113.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	34.232.221.224 34.232.221.224	14618 (AMAZON-AES) (AMAZON-AES)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2014	15169 (GOOGLE) (GOOGLE)
72	18

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 40.86.230.96 (Québec, Canada) 4 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.neptunetheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.150.113.36 (Québec, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

immediac.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.232.221.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-221-224.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-mw4rd72-yzq1m.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	neptunetheatre.com 4 redirects www.neptunetheatre.com	119 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5230	919 B
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 111 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51	2 KB
7	windows.net immediac.blob.core.windows.net — Cisco Umbrella Rank: 942573	482 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	560 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	279 B
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3105 www.google.com — Cisco Umbrella Rank: 3	1 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3066	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	308 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
1	appspot.com gtm-mw4rd72-yzq1m.uc.r.appspot.com
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 172	2 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	4 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3893	4 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 7191	363 B
0	Failed function sub() { [native code] }. Failed
0	eyereturn.com Failed o2.eyereturn.com Failed
72	19

	Domain	Requested by
16	www.neptunetheatre.com	4 redirects www.neptunetheatre.com
7	www.google.de	www.neptunetheatre.com
7	immediac.blob.core.windows.net	www.neptunetheatre.com
7	www.googletagmanager.com	www.neptunetheatre.com www.googletagmanager.com
6	www.facebook.com	www.neptunetheatre.com
6	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	tags.srv.stackadapt.com	www.neptunetheatre.com tags.srv.stackadapt.com
4	connect.facebook.net	www.neptunetheatre.com connect.facebook.net
3	www.google.com	1 redirects www.neptunetheatre.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	www.neptunetheatre.com
2	region1.analytics.google.com	www.googletagmanager.com
1	gtm-mw4rd72-yzq1m.uc.r.appspot.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	www.neptunetheatre.com
1	netdna.bootstrapcdn.com	www.neptunetheatre.com
1	r20.rs6.net	1 redirects
0	awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb Failed	www.googletagmanager.com
0	o2.eyereturn.com Failed	www.neptunetheatre.com
72	22

This site contains links to these domains. Also see Links.

Domain
neptunetheatre.info
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
sales.neptunetheatre.com
www.immediac.com

Subject Issuer	Validity	Valid
www.neptunetheatre.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-05-06` - `2023-11-06`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-03-28` - `2024-03-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-10` - `2023-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.neptunetheatre.com/support/donate
Frame ID: D4624CE145EF59E5262C645549C4380B
Requests: 72 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate

Page URL History Show full URLs

http://r20.rs6.net/tn.jsp?f=001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh1ArgEOil_RB... HTTP 302
https://www.neptunetheatre.com/support/donate Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

89 %
HTTPS

74 %
IPv6

19
Domains

22
Subdomains

18
IPs

4
Countries

1558 kB
Transfer

3754 kB
Size

20
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://neptunetheatre.info/3NzPRr7
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/neptunetheatre

Search URL Search Domain Scan URL

URL: https://twitter.com/NeptuneTheatre

Search URL Search Domain Scan URL

URL: https://www.instagram.com/NeptuneTheatre/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NeptuneHFX

Search URL Search Domain Scan URL

URL: https://sales.neptunetheatre.com/Online/login.asp?targetPage=maintainAccount.asp&_ga=2.206925456.2044163178.1650282690-118308046.1646405853
Title: SIGN IN

Search URL Search Domain Scan URL

URL: https://sales.neptunetheatre.com/Online/default.asp?doWork::WScontent::loadArticle=Load&BOparam::WScontent::loadArticle::article_id=D4F41F43-2D55-4774-9081-7286956F5B3D&_ga=2.109049665.2136147671.1641302579-652007593.1638188389

Search URL Search Domain Scan URL

URL: http://www.immediac.com/
Title: Halifax Web Design

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r20.rs6.net/tn.jsp?f=001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh1ArgEOil_RB6yRu-WdNJwcuBk_H9nsYvVQGZa1zT6KNw2oBwtznkWzH5C1bUJnKkl7GBR29OvXzNI6-8J8VpM0jPegCMjR036r7ePezxoXR-0zhymEYJWDef-F-1x32Jw%3D%3D&c=GYenAJ6f1Ve0lNHbZqwiupzShQ4phtrygCdTin3QP6FFDUPRPDZc2Q%3D%3D&c=GYenAJ6f1Ve0lNHbZqwiupzShQ4phtrygCdTin3QP6FFDUPRPDZc2Q%3D%3D&c=GYenAJ6f1Ve0lNHbZqwiupzShQ4phtrygCdTin3QP6FFDUPRPDZc2Q%3D%3D&c=GYenAJ6f1Ve0lNHbZqwiupzShQ4phtrygCdTin3QP6FFDUPRPDZc2Q%3D%3D&c=GYenAJ6f1Ve0lNHbZqwiupzShQ4phtrygCdTin3QP6FFDUPRPDZc2Q%3D%3D&ch=ghPFM1aPWtPu4DRwZg5pb3VRxMWMUekI3C-PE0Qyrdlb_FyIVsGFCQ%3D%3D%3Br20.rs6.net%2Ftn.jsp%3Ff%3D001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh4_W5rSz5CkoIqdcaZdsvVGaYmU2ik_ClGC3VFaNyQ9ZVhEElNm6ML_HfUtQdET0n3m5Kggc2ha1fDvpfzbURM8ZakE_MHa4SPq_2kp2UnSEp3YKPixfWw8%3D&ch=ghPFM1aPWtPu4DRwZg5pb3VRxMWMUekI3C-PE0Qyrdlb_FyIVsGFCQ%3D%3D%3Br20.rs6.net%2Ftn.jsp%3Ff%3D001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNhz8oUr8nlfln3xDobgOa5wk0nJPiK1_cQ1YWkaGYfNFUOVnNVuDH1h2p6rvBMx79fZ2ItAtQLTy40U7HDFxuvMYQxxkNMorl5Qd1Wccp7qoT&ch=ghPFM1aPWtPu4DRwZg5pb3VRxMWMUekI3C-PE0Qyrdlb_FyIVsGFCQ%3D%3D%3Br20.rs6.net%2Ftn.jsp%3Ff%3D001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh63sW-G_eBNWARVAmSJxlm1yh6bZC1rTw73sYicV1-tVv5CjQOpQ_ZrwAZq2UL84VKwpLdfORwl0ILzs9G_txpja_ui3qbiA9b7-nrSgQNwnLAhGtnrakWg%3D&ch=ghPFM1aPWtPu4DRwZg5pb3VRxMWMUekI3C-PE0Qyrdlb_FyIVsGFCQ%3D%3D%3Br20.rs6.net%2Ftn.jsp%3Ff%3D001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh3vY36IfjOyTq8ADD23ud7dsYEPj22dEHFDLP34ZAUfeX40wMAefK2AGwseSiJSuNRZKVnHHNgvtkAANPkstPbTZiY9G0N6xNXUOx_lJyK3Er2CT_aeLVwM%3D&ch=ghPFM1aPWtPu4DRwZg5pb3VRxMWMUekI3C-PE0Qyrdlb_FyIVsGFCQ%3D%3D HTTP 302
https://www.neptunetheatre.com/support/donate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.neptunetheatre.com/lib/bootstrap/dist/css/bootstrap.css HTTP 301
https://www.neptunetheatre.com/lib/bootstrap/dist/css/bootstrap.min.css

Request Chain 1

https://www.neptunetheatre.com/css/site.css?v=dWMZx7CZn6fRfo_owPsdFLOPOM34r0ACgAlAxUsLq7o HTTP 301
https://www.neptunetheatre.com/css/site.min.css?v=dWMZx7CZn6fRfo_owPsdFLOPOM34r0ACgAlAxUsLq7o

Request Chain 16

https://www.neptunetheatre.com/lib/jquery/dist/jquery.js HTTP 301
https://www.neptunetheatre.com/lib/jquery/dist/jquery.min.js

Request Chain 17

https://www.neptunetheatre.com/lib/bootstrap/dist/js/bootstrap.js HTTP 301
https://www.neptunetheatre.com/lib/bootstrap/dist/js/bootstrap.min.js

Request Chain 46

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&label=pdraCI6wts8BELChkL0C&hn=www.googleadservices.com&frm=0&tiba=Donate&value=0&auid=1554587387.1685586883&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wwN4ZPv2II3H7_UPisivgAg&sscte=1&crd=&eitems=ChEI8ODbowYQ6t7ottybts79ARIdAJ7NYkGi6SDRKhguIhCSB8eP3l4EIoO5Msei71c&pscrd=Ek9DaEVJOE9EYm93WVFqcFB3b0xmWXc1UExBUkltQUY5VGlwOXE1cElsVnpnSGo4SklaNkM2QzdWaUJjenU4TG5Ca1M4QzdJWUV3TkpnbVJJGlpDaEVJOE9EYm93WVF4b0cwaU5QN3ZKVFZBUkl1QUxEWFltR1Mtb2x0YUtleHhlX09ZdmhBcnYwXy11Wm4wcjg3NTAxTkN4dy1PZDNPUW5SZ3VnZEpHLVowMlEiEwi75Lm7hKH_AhWN47sIHQrkC4A HTTP 302
https://www.google.com/pagead/1p-conversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&label=pdraCI6wts8BELChkL0C&hn=www.googleadservices.com&frm=0&tiba=Donate&value=0&auid=1554587387.1685586883&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9EYm93WVFqcFB3b0xmWXc1UExBUkltQUY5VGlwOXE1cElsVnpnSGo4SklaNkM2QzdWaUJjenU4TG5Ca1M4QzdJWUV3TkpnbVJJGlpDaEVJOE9EYm93WVF4b0cwaU5QN3ZKVFZBUkl1QUxEWFltR1Mtb2x0YUtleHhlX09ZdmhBcnYwXy11Wm4wcjg3NTAxTkN4dy1PZDNPUW5SZ3VnZEpHLVowMlEiEwi75Lm7hKH_AhWN47sIHQrkC4A&is_vtc=1&ocp_id=wwN4ZPv2II3H7_UPisivgAg&eitems=ChEI8ODbowYQ6t7ottybts79ARIdAJ7NYkGLfvU-PrS15OkahH8DasVtDElNlxedOT0&random=150350738 HTTP 302
https://www.google.de/pagead/1p-conversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&label=pdraCI6wts8BELChkL0C&hn=www.googleadservices.com&frm=0&tiba=Donate&value=0&auid=1554587387.1685586883&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9EYm93WVFqcFB3b0xmWXc1UExBUkltQUY5VGlwOXE1cElsVnpnSGo4SklaNkM2QzdWaUJjenU4TG5Ca1M4QzdJWUV3TkpnbVJJGlpDaEVJOE9EYm93WVF4b0cwaU5QN3ZKVFZBUkl1QUxEWFltR1Mtb2x0YUtleHhlX09ZdmhBcnYwXy11Wm4wcjg3NTAxTkN4dy1PZDNPUW5SZ3VnZEpHLVowMlEiEwi75Lm7hKH_AhWN47sIHQrkC4A&is_vtc=1&ocp_id=wwN4ZPv2II3H7_UPisivgAg&eitems=ChEI8ODbowYQ6t7ottybts79ARIdAJ7NYkGLfvU-PrS15OkahH8DasVtDElNlxedOT0&random=150350738&ipr=y

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
www.neptunetheatre.com/support/
Redirect Chain

http://r20.rs6.net/tn.jsp?f=001XfhbZoALRMGUpNChJfvOnN0UYkOEpcg2oaEB0S13ztMZ7_B5PLZNh1ArgEOil_RB6yRu-WdNJwcuBk_H9nsYvVQGZa1zT6KNw2oBwtznkWzH5C1bUJnKkl7GBR29OvXzNI6-8J8VpM0jPegCMjR036r7ePezxoXR-0zhym...
https://www.neptunetheatre.com/support/donate

34 KB
11 KB

553ms
189ms

Document
text/html

40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c2e20894c957667729c9948a75d76bdc9da445ee525e3b4f6c15644331377cca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 02:34:42 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 01 Jun 2023 02:34:42 GMT
Location: https://www.neptunetheatre.com/support/donate
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2

200

bootstrap.min.css
www.neptunetheatre.com/lib/bootstrap/dist/css/
Redirect Chain

https://www.neptunetheatre.com/lib/bootstrap/dist/css/bootstrap.css
https://www.neptunetheatre.com/lib/bootstrap/dist/css/bootstrap.min.css

118 KB
27 KB

143ms
143ms

Stylesheet
text/css

40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/lib/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 17:18:20 GMT
server: Microsoft-IIS/10.0
etag: "1d9409855a04f75"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes

Redirect headers

location: /lib/bootstrap/dist/css/bootstrap.min.css
date: Thu, 01 Jun 2023 02:34:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H2

200

site.min.css
www.neptunetheatre.com/css/
Redirect Chain

https://www.neptunetheatre.com/css/site.css?v=dWMZx7CZn6fRfo_owPsdFLOPOM34r0ACgAlAxUsLq7o
https://www.neptunetheatre.com/css/site.min.css?v=dWMZx7CZn6fRfo_owPsdFLOPOM34r0ACgAlAxUsLq7o

13 KB
4 KB

134ms
134ms

Stylesheet
text/css

40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/css/site.min.css?v=dWMZx7CZn6fRfo_owPsdFLOPOM34r0ACgAlAxUsLq7o
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ab49a5fae2c8c021cfec9f48485d92cfd7dc0941acfe69c458daf9cd8be9a570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Mar 2023 13:02:48 GMT
server: Microsoft-IIS/10.0
etag: "1d95675469d3e95"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes

Redirect headers

location: /css/site.min.css?v=dWMZx7CZn6fRfo_owPsdFLOPOM34r0ACgAlAxUsLq7o
date: Thu, 01 Jun 2023 02:34:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 96ms
42ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T8RZEE6FFJ

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

321416c217f67b352ab8ecd05502bddbf2dbc34db1ee3c560764f73f3b250d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:34:43 GMT

GET
H2 200 site-default.min.css
www.neptunetheatre.com/cms/css/ 1 KB
884 B 146ms
145ms Stylesheet
text/css 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/cms/css/site-default.min.css?v=elSofECLiyd0KhAakA6W50bUF1QFP4gsflLC83hgV4k
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a54a87c408b8b27742a101a900e96e746d41754053f882c7e52c2f378605789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 17:18:20 GMT
server: Microsoft-IIS/10.0
etag: "1d9409855a1938d"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 17 KB
4 KB 94ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 28310608
cdn-cachedat: 2021-06-08 21:25:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2e9fc66612974ffc4ebb2bd3ce86bfa6
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7d040f224b520368-FRA
cdn-requestpullsuccess: True

GET
H2 200 animate.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 71 KB
4 KB 74ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.css

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5876468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3541
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-11a43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOJaEvzSbuI1vD%2BfawVvlbgZ0651pQjIHz%2BvWdfy1JvNOwJfa2lPFAC5A0pK20gTEcre6NB7M%2Fnz9GBoouh4%2BLdLLmyHHDnGE%2BmJ5BvJjfg3cvl8c2cq8oFasSSZNvndtmFDdpC4NKdELs8%2Fmw3Mjuhb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d040f2238179945-FRA
expires: Tue, 21 May 2024 02:34:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
774 B 86ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbec0c2c120a3d48e8857b7cb40e0d693219b1d103f9038b81739e8fb4df2bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 01:52:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 02:34:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
900 B 85ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7556c220859e509cf18297cacd5f9348ea5a55b13392e59be1086064f7f0f7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 00:54:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 02:34:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
848 B 84ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2eb421e7e76f7c200ed0e05378711184e419da544f020596b0c5cb51a7d7e9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 01:01:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 02:34:42 GMT

GET
H/1.1 200
OK topLogo2022.png
immediac.blob.core.windows.net/neptunetheatre/2022/ 36 KB
37 KB 592ms
141ms Image
image/png 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/2022/topLogo2022.png
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a13d79e8d81419b58e8b659cccd149a2e357e4fbdc8d58c0157ac5345fc66828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:43 GMT
Last-Modified: Wed, 18 May 2022 13:07:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: z5We232HYkIgssvpRdSDDg==
ETag: "0x8DA38CF6253AEE0"
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 80f90822-a01e-0004-7f31-94318d000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 37017
x-ms-lease-state: available

GET
H2 200 fbIcon.png
www.neptunetheatre.com/images/ 1 KB
2 KB 171ms
169ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.neptunetheatre.com/images/fbIcon.png
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dee9539db4ab2658d42849ed89259717fc7804b5a82bf43fa0cd301d008407ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
last-modified: Tue, 19 Apr 2022 13:29:51 GMT
server: Microsoft-IIS/10.0
etag: "1d853f18c177458"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1496

GET
H2 200 twitterIcon.png
www.neptunetheatre.com/images/ 2 KB
2 KB 178ms
176ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.neptunetheatre.com/images/twitterIcon.png
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f45a95526ba6c8d5c4b0e5749bbcecee1e496a2ac61c2425f0b40e13dbea8e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
last-modified: Tue, 19 Apr 2022 13:29:52 GMT
server: Microsoft-IIS/10.0
etag: "1d853f18cb00e70"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1648

GET
H2 200 instagramIcon.png
www.neptunetheatre.com/images/ 2 KB
2 KB 179ms
177ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.neptunetheatre.com/images/instagramIcon.png
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e204166b8955a44bf74b8f112dc537943dbd53b6a2277ea1d0a439022668e923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
last-modified: Tue, 19 Apr 2022 13:29:51 GMT
server: Microsoft-IIS/10.0
etag: "1d853f18c1779a3"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 2083

GET
H2 200 youtubeIcon.png
www.neptunetheatre.com/images/ 2 KB
2 KB 180ms
178ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.neptunetheatre.com/images/youtubeIcon.png
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b75111f09e027b2abbcf7cbed7680fdab5c140ca1560c43ecce74119cebca745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
last-modified: Tue, 19 Apr 2022 13:29:52 GMT
server: Microsoft-IIS/10.0
etag: "1d853f18cb00f39"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1849

GET
H/1.1 200
OK seachIcon.png
immediac.blob.core.windows.net/neptunetheatre/images/ 2 KB
2 KB 586ms
136ms Image
image/png 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/images/seachIcon.png
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f9e203d310f03906df4d38845d494ae8170d06aed36167ccb9118d927d3b098b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:42 GMT
Last-Modified: Wed, 20 Apr 2022 19:30:03 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: iGKPjRIjlXm1pmKKJDQYYQ==
ETag: "0x8DA23042B4EF8E7"
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 70c3bbf4-701e-0042-3a31-94ef1b000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 1555
x-ms-lease-state: available

GET
H/1.1 200
OK Support-Neptune-Today-New-fast.jpg
immediac.blob.core.windows.net/neptunetheatre/2020-21/Home%20Page%20Banners/ 361 KB
362 KB 635ms
185ms Image
image/jpeg 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/2020-21/Home%20Page%20Banners/Support-Neptune-Today-New-fast.jpg
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7a427baaae0c5be8fe4afcf12fcf9a6f504c0b2ab3379b38d4d041e849a4e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:42 GMT
Last-Modified: Thu, 02 Apr 2020 18:31:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: /eQTy+R5tlv5mxtaWRyDtg==
ETag: "0x8D7D7340CAB351A"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 9de6fc1e-a01e-0069-2731-949ba3000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 370081
x-ms-lease-state: available

GET
H2

200

jquery.min.js Show response
www.neptunetheatre.com/lib/jquery/dist/
Redirect Chain

https://www.neptunetheatre.com/lib/jquery/dist/jquery.js
https://www.neptunetheatre.com/lib/jquery/dist/jquery.min.js

84 KB
38 KB

231ms
231ms

Script
text/javascript

40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/lib/jquery/dist/jquery.min.js
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 17:18:20 GMT
server: Microsoft-IIS/10.0
etag: "1d9409855a0d859"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes

Redirect headers

location: /lib/jquery/dist/jquery.min.js
date: Thu, 01 Jun 2023 02:34:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H2

200

bootstrap.min.js Show response
www.neptunetheatre.com/lib/bootstrap/dist/js/
Redirect Chain

https://www.neptunetheatre.com/lib/bootstrap/dist/js/bootstrap.js
https://www.neptunetheatre.com/lib/bootstrap/dist/js/bootstrap.min.js

36 KB
13 KB

413ms
413ms

Script
text/javascript

40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/lib/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 17:18:20 GMT
server: Microsoft-IIS/10.0
etag: "1d9409855a106bb"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes

Redirect headers

location: /lib/bootstrap/dist/js/bootstrap.min.js
date: Thu, 01 Jun 2023 02:34:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H2 200 owl.carousel.min.js Show response
www.neptunetheatre.com/js/ 39 KB
14 KB 170ms
168ms Script
text/javascript 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/js/owl.carousel.min.js
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 13:29:52 GMT
server: Microsoft-IIS/10.0
etag: "1d853f18cb095d2"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes

GET
H2 200 site.min.js Show response
www.neptunetheatre.com/cms/js/ 11 KB
5 KB 170ms
168ms Script
text/javascript 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neptunetheatre.com/cms/js/site.min.js?v=M2Y0OffSkp96E71uY2HRKf5E7KcdNDIixcJusP3NDqI
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33663439f7d2929f7a13bd6e6361d129fe44eca71d343222c5c26eb0fdcd0ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/support/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 17:18:20 GMT
server: Microsoft-IIS/10.0
etag: "1d9409855a1bcbe"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
69 KB 131ms
78ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d034c3bb57bc38997982045c90988990b7cab67456e2fa3b1b5d30dc45f4a9d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70846
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 02:34:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 88ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 02:34:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27497
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: i61+kTxyZTENRVK/CbtNzbQ0CRUYAbROxDuNOt1SuOQoQXD4EmP508urVhROLZ/35jUxRi7yDbA6tufhBOJtmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neptunetheatre.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 18:18:02 GMT
x-content-type-options: nosniff
age: 375401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 18:18:02 GMT

GET
H/1.1 200
OK BMO_BIG.svg
immediac.blob.core.windows.net/neptunetheatre/images/ 3 KB
3 KB 564ms
138ms Image
image/svg+xml 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/images/BMO_BIG.svg
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ba877abceaabd43b24437da6faf324a42d331a4272337fdc7b23b5c96a7ff306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:43 GMT
Last-Modified: Mon, 13 Mar 2023 15:43:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: pL67uFXXSPhgffGELzplDQ==
ETag: "0x8DB23D9B0D3AAF9"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 983a1046-d01e-004f-2d31-940017000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 2615
x-ms-lease-state: available

GET
H/1.1 200
OK Charm-Diamond-Centres.JPG
immediac.blob.core.windows.net/neptunetheatre/Sponsor%20Logos/ 48 KB
48 KB 561ms
134ms Image
image/jpeg 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/Sponsor%20Logos/Charm-Diamond-Centres.JPG
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 10701cd57ff852047cf2067538bf1b461e120e978c72c45c7b66b0e942d11ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:43 GMT
Last-Modified: Thu, 05 May 2022 13:30:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ic1Agb5OYiUEG4G33p6crA==
ETag: "0x8DA2E9B7BA97159"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 267c98db-a01e-0040-2a31-94ede1000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 49022
x-ms-lease-state: available

GET
H/1.1 200
OK Donate-Now-Button.jpg
immediac.blob.core.windows.net/neptunetheatre/2020-21/ 11 KB
11 KB 697ms
133ms Image
image/jpeg 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/2020-21/Donate-Now-Button.jpg
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 542c150ad49cced22749e825822d3dd90c55652eb28856f4b9ba046b4d792a51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:43 GMT
Last-Modified: Wed, 08 Jul 2020 18:46:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: cRCz/luoAjhQVdcUj8tGbw==
ETag: "0x8D8236F498E5895"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 70c3bc6c-701e-0042-2a31-94ef1b000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 10829
x-ms-lease-state: available

GET
H/1.1 200
OK ET.jpg
immediac.blob.core.windows.net/neptunetheatre/ALL/INTERAC%20IMAGES/ 18 KB
18 KB 458ms
140ms Image
image/jpeg 20.150.113.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immediac.blob.core.windows.net/neptunetheatre/ALL/INTERAC%20IMAGES/ET.jpg
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.113.36 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ad88f933b80b37e4707ea8c34376f2c954f1891972fac71a90d8ede85595525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 02:34:43 GMT
Last-Modified: Sun, 10 May 2020 12:44:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zRZHJjw3J498gWDMGFS4Zg==
ETag: "0x8D7F4DFE17072D6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 65eef292-f01e-0035-5b31-946a5a000000
Access-Control-Expose-Headers: content-length
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 18324
x-ms-lease-state: available

GET
H2 200 242768034135684 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 95ms
89ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/242768034135684?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82485ef1e42eedd5c0cffffdbae43c7eb9e54627a521ec41a8d038c1e2d9cc9b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 02:34:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DXIprxgpBoOhWCIVAUX32ulNH6g2o4wk7D1qGStSQ4v5pvDdjb0LzUR6OFbPLCXGqeDFFgQWegDS46RMEUto3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 80ms
23ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 00:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 7149
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 01 Jun 2023 02:35:34 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/665063600/ 3 KB
2 KB 125ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/665063600/?random=1685586883436&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&label=pdraCI6wts8BELChkL0C&hn=www.googleadservices.com&frm=0&tiba=Donate&value=0&bttype=purchase&auid=1554587387.1685586883&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

34ec68b2eb2e2f6ee43c8685df29c452167d6aaeab5bfcaa17821120b436a207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1600
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
o2.eyereturn.com/ 0
0

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 356ms
113ms Script
text/javascript 34.232.221.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.221.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-221-224.compute-1.amazonaws.com
Software: /
Resource Hash: e9cf5244c7df39db5f0784c090facc298a2b88b4496b2ce4945a2059d7c59e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Jun 2023 02:34:43 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CF195600FY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74512f5c009e3b13b5c56e9df971e8d44553bdc88a2d8c91f0a76dcfb15b2b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:34:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6R0TJ1J1SP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dca861140a496590b210e8afdb0fccc53e65c6b3edfbe9bd77f2cce93bc37dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:34:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T8RZEE6FFJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a7bbf84b060a399aaa1ce708b40481e13ac90f06857549a723bafad67915874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:34:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 87ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T8RZEE6FFJ&gtm=45je35v0&_p=1692995752&cid=546284248.1685586883&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685586883&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T8RZEE6FFJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 61ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CF195600FY&gtm=45je35v0&_p=1692995752&_gaz=1&cid=546284248.1685586883&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685586883&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=2&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF195600FY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 114ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CF195600FY&cid=546284248.1685586883&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF195600FY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 123ms
40ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CF195600FY&cid=546284248.1685586883&gtm=45je35v0&aip=1&z=121258378

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6R0TJ1J1SP&gtm=45je35v0&_p=1692995752&_gaz=1&cid=546284248.1685586883&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685586883&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R0TJ1J1SP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 68ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6R0TJ1J1SP&cid=546284248.1685586883&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R0TJ1J1SP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 118ms
75ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6R0TJ1J1SP&cid=546284248.1685586883&gtm=45je35v0&aip=1&z=1680406187

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 30ms
29ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1692995752&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&ul=en-us&de=UTF-8&dt=Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=905499332&gjid=1100619919&cid=546284248.1685586883&tid=UA-1387790-1&_gid=1035978453.1685586884&_r=1&_slc=1&gtm=45He35v0n71TV9H5Q&z=411281308

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neptunetheatre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 30ms
29ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1692995752&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&ul=en-us&de=UTF-8&dt=Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1670900065&gjid=1486248471&cid=546284248.1685586883&tid=UA-1387790-7&_gid=1035978453.1685586884&_r=1&_slc=1&gtm=45He35v0n71TV9H5Q&z=632304346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neptunetheatre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 790173218029995 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 96ms
95ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/790173218029995?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f63add4856f1f2636ae51e6ffdc9c0a5a2584fed2a4792e579d2c8cf24d06ecd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 02:34:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1PH9iNt0KXM49bI46YZrwkjOGhpGkPJi00DAXbbitgxlvID2YJn61jikXBKf1ezqRBvczNpgZrScztqjI8TU8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 87ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=242768034135684&ev=PageView&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&rl=&if=false&ts=1685586883647&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685586883642.911525884&cs_est=true&it=1685586883384&coo=false&rqm=GET

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 02:34:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/665063600/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2F...
https://www.google.de/pagead/1p-conversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fs...

42 B
64 B

38ms
37ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&label=pdraCI6wts8BELChkL0C&hn=www.googleadservices.com&frm=0&tiba=Donate&value=0&auid=1554587387.1685586883&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9EYm93WVFqcFB3b0xmWXc1UExBUkltQUY5VGlwOXE1cElsVnpnSGo4SklaNkM2QzdWaUJjenU4TG5Ca1M4QzdJWUV3TkpnbVJJGlpDaEVJOE9EYm93WVF4b0cwaU5QN3ZKVFZBUkl1QUxEWFltR1Mtb2x0YUtleHhlX09ZdmhBcnYwXy11Wm4wcjg3NTAxTkN4dy1PZDNPUW5SZ3VnZEpHLVowMlEiEwi75Lm7hKH_AhWN47sIHQrkC4A&is_vtc=1&ocp_id=wwN4ZPv2II3H7_UPisivgAg&eitems=ChEI8ODbowYQ6t7ottybts79ARIdAJ7NYkGLfvU-PrS15OkahH8DasVtDElNlxedOT0&random=150350738&ipr=y

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/665063600/?random=1599911469&cv=11&fst=1685586883436&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&label=pdraCI6wts8BELChkL0C&hn=www.googleadservices.com&frm=0&tiba=Donate&value=0&auid=1554587387.1685586883&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9EYm93WVFqcFB3b0xmWXc1UExBUkltQUY5VGlwOXE1cElsVnpnSGo4SklaNkM2QzdWaUJjenU4TG5Ca1M4QzdJWUV3TkpnbVJJGlpDaEVJOE9EYm93WVF4b0cwaU5QN3ZKVFZBUkl1QUxEWFltR1Mtb2x0YUtleHhlX09ZdmhBcnYwXy11Wm4wcjg3NTAxTkN4dy1PZDNPUW5SZ3VnZEpHLVowMlEiEwi75Lm7hKH_AhWN47sIHQrkC4A&is_vtc=1&ocp_id=wwN4ZPv2II3H7_UPisivgAg&eitems=ChEI8ODbowYQ6t7ottybts79ARIdAJ7NYkGLfvU-PrS15OkahH8DasVtDElNlxedOT0&random=150350738&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1387790-1&cid=546284248.1685586883&jid=905499332&gjid=1100619919&_gid=1035978453.1685586884&_u=YCDACEAABAAAACAAI~&z=1673644078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neptunetheatre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1387790-7&cid=546284248.1685586883&jid=1670900065&gjid=1486248471&_gid=1035978453.1685586884&_u=YCDACEABBAAAACAAI~&z=1645080497

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neptunetheatre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 88ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1387790-1&cid=546284248.1685586883&jid=905499332&_u=YCDACEAABAAAACAAI~&z=815982374

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
48ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1387790-1&cid=546284248.1685586883&jid=905499332&_u=YCDACEAABAAAACAAI~&z=815982374

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 77ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1387790-7&cid=546284248.1685586883&jid=1670900065&_u=YCDACEABBAAAACAAI~&z=2032596359

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 41ms
38ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1387790-7&cid=546284248.1685586883&jid=1670900065&_u=YCDACEABBAAAACAAI~&z=2032596359

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790173218029995&ev=PageView&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&rl=&if=false&ts=1685586883791&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685586883642.911525884&it=1685586883384&coo=false&rqm=GET

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 02:34:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 112ms
111ms Stylesheet
text/css 34.232.221.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.221.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-221-224.compute-1.amazonaws.com
Software: /
Resource Hash: d8b46f6b76486af4b4560fa1d367dc7e4572fa6dd92153ec99a8876255c7e15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Jun 2023 02:34:43 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
793 B 336ms
112ms Fetch
image/jpeg 34.232.221.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.221.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-221-224.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Jun 2023 02:34:44 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H3 200 708984563513872 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 109ms
108ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/708984563513872?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

829857745a9d41d3723ce26de2b9f67689134357a619c0397409c2c3e30df5bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 02:34:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5BGW6fenhJtvcVlaMP03F9PjrPaXAJgNgW/6c2aicnZhULxFsdPEEfsZV+silplz7NmS65rqgmmVssD8BRT07A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
84 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8982X81KS0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a7b21a7ba42dfc2b0517f904ab0482c6d243c7093a24137be47428af5743791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85979
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:34:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6M51335965&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9H5Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cfa4c3ddd929ec9306d424bb1ca7a7cda2d889054b16bdd575230895d52a321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:34:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:34:44 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
315 B 113ms
112ms XHR
text/plain 34.232.221.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=YCM6F9iy1fCnXm34loGZVw&is_js=true&landing_url=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&t=Donate&tip=ed7PbGGgmBn4tijnqOzXWqf1jGi77FhiJYOG9Y0ksJk&host=https://www.neptunetheatre.com&sa_conv_data_css_value=%270-8cf540b6-ec41-5ea7-60bf-b47e216d658a%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98cf540b6ec415ea760bfb47e216d658ad972da16&sa-user-id-v2=s%253AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%252BjWvDZvNRXCZ5ROl3S8&sa-user-id=s%253A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.221.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-221-224.compute-1.amazonaws.com
Software: /
Resource Hash: 89f4ca50fdf5bf15b25d85f9cf39614ca2813f3bee151a9cbb113e8395843b99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://www.neptunetheatre.com
date: Thu, 01 Jun 2023 02:34:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 500 collect
gtm-mw4rd72-yzq1m.uc.r.appspot.com/g/ 0
0 229ms
160ms Ping
text/html 2a00:1450:4001:829::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-mw4rd72-yzq1m.uc.r.appspot.com/g/collect?v=2&tid=G-6M51335965&gtm=45je35v0&_p=1692995752&_gaz=1&cid=546284248.1685586883&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685586884&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M51335965&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 29ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6M51335965&cid=546284248.1685586883&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M51335965&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6M51335965&cid=546284248.1685586883&gtm=45je35v0&aip=1&z=1923908266

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb/g/ 0
0

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 28ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8982X81KS0&cid=546284248.1685586883&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8982X81KS0&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neptunetheatre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8982X81KS0&cid=546284248.1685586883&gtm=45je35v0&aip=1&z=1824864494

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:34:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 22ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=708984563513872&ev=PageView&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&rl=&if=false&ts=1685586884317&sw=1600&sh=1200&v=2.9.104&r=stable&a=gtmss&ec=0&o=30&fbp=fb.1.1685586883642.911525884&it=1685586883384&coo=false&eid=cc935ef4-3e6d-44f8-8995-ce710ac9fbe6_1685586883256.21&rqm=GET

Requested by

Host: www.neptunetheatre.com
URL: https://www.neptunetheatre.com/support/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 02:34:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET collect
awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb/g/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=242768034135684&ev=Microdata&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&rl=&if=false&ts=1685586885151&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20%22%2C%22meta%3Adescription%22%3A%22The%20Neptune%20Theatre%20is%20the%20largest%20professional%20theatre%20company%20in%20Atlantic%20Canada%20with%20a%20capacity%20of%20458%20and%20is%20located%20in%20downtown%20Halifax%2C%20Nova%20Scotia%2C%20Canada.%22%2C%22meta%3Akeywords%22%3A%22Theatre%2C%20Halifax%2C%20Neptune%2C%20Neptune%20Theatre%2C%20musical%2C%20Broadway%2C%20stage%2C%20intermission%2C%20backstage%2C%20night%20out%2C%20entertainment%2C%20plans%2C%20Theatre%20School%2C%20learning%2C%20live%20theatre%2C%20comedy%2C%20drama%2C%20play%2C%20acting%2C%20actor%2C%20actress%2C%20director%2C%20designer%2C%20creative%2C%20art%2C%20Summer%20Camp%2C%20Nova%20Scotia%2C%20Downtown%20Halifax%2C%20things%20to%20do%20in%20Halifax%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685586883642.911525884&it=1685586883384&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 02:34:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790173218029995&ev=Microdata&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&rl=&if=false&ts=1685586885298&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20%22%2C%22meta%3Adescription%22%3A%22The%20Neptune%20Theatre%20is%20the%20largest%20professional%20theatre%20company%20in%20Atlantic%20Canada%20with%20a%20capacity%20of%20458%20and%20is%20located%20in%20downtown%20Halifax%2C%20Nova%20Scotia%2C%20Canada.%22%2C%22meta%3Akeywords%22%3A%22Theatre%2C%20Halifax%2C%20Neptune%2C%20Neptune%20Theatre%2C%20musical%2C%20Broadway%2C%20stage%2C%20intermission%2C%20backstage%2C%20night%20out%2C%20entertainment%2C%20plans%2C%20Theatre%20School%2C%20learning%2C%20live%20theatre%2C%20comedy%2C%20drama%2C%20play%2C%20acting%2C%20actor%2C%20actress%2C%20director%2C%20designer%2C%20creative%2C%20art%2C%20Summer%20Camp%2C%20Nova%20Scotia%2C%20Downtown%20Halifax%2C%20things%20to%20do%20in%20Halifax%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685586883642.911525884&it=1685586883384&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 02:34:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=708984563513872&ev=Microdata&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&rl=&if=false&ts=1685586885820&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20%22%2C%22meta%3Adescription%22%3A%22The%20Neptune%20Theatre%20is%20the%20largest%20professional%20theatre%20company%20in%20Atlantic%20Canada%20with%20a%20capacity%20of%20458%20and%20is%20located%20in%20downtown%20Halifax%2C%20Nova%20Scotia%2C%20Canada.%22%2C%22meta%3Akeywords%22%3A%22Theatre%2C%20Halifax%2C%20Neptune%2C%20Neptune%20Theatre%2C%20musical%2C%20Broadway%2C%20stage%2C%20intermission%2C%20backstage%2C%20night%20out%2C%20entertainment%2C%20plans%2C%20Theatre%20School%2C%20learning%2C%20live%20theatre%2C%20comedy%2C%20drama%2C%20play%2C%20acting%2C%20actor%2C%20actress%2C%20director%2C%20designer%2C%20creative%2C%20art%2C%20Summer%20Camp%2C%20Nova%20Scotia%2C%20Downtown%20Halifax%2C%20things%20to%20do%20in%20Halifax%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&a=gtmss&ec=1&o=30&fbp=fb.1.1685586883642.911525884&it=1685586883384&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neptunetheatre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 02:34:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: o2.eyereturn.com
URL: https://o2.eyereturn.com/?site=11890&page=generic

Domain: awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb
URL: https://awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb/g/collect?v=2&tid=G-8982X81KS0&gtm=45je35v0&_p=1692995752&_gaz=1&cid=546284248.1685586883&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685586884&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=2&_ss=2&_c=1

Domain: awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb
URL: https://awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb/g/collect?v=2&tid=G-8982X81KS0&gtm=45je35v0&_p=1692995752&cid=546284248.1685586883&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&_s=2&sid=1685586884&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=gtm.dom&ep.event_id=cc935ef4-3e6d-44f8-8995-ce710ac9fbe6_1685586883256.21&ep.event_name=PageView&_et=3&richsstsse

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.neptunetheatre.com/	1970-01-20 21:00:09	Name: SimpleCmsVisitorId Value: 14a8b159-6f52-4ecb-a1ec-39e577e3585e
.www.neptunetheatre.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 44a18c915045fcf3fb31523efcaf9557c0cdc32ff245d58a2236a9853a5fbac8
.www.neptunetheatre.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 44a18c915045fcf3fb31523efcaf9557c0cdc32ff245d58a2236a9853a5fbac8
.neptunetheatre.com/	1970-01-20 14:22:42	Name: _gcl_au Value: 1.1.1554587387.1685586883
.neptunetheatre.com/	1970-01-20 21:49:06	Name: _ga_T8RZEE6FFJ Value: GS1.1.1685586883.1.0.1685586883.0.0.0
.neptunetheatre.com/	1970-01-20 21:49:06	Name: _ga_CF195600FY Value: GS1.1.1685586883.1.0.1685586883.60.0.0
.neptunetheatre.com/	1970-01-20 21:49:06	Name: _ga_6R0TJ1J1SP Value: GS1.1.1685586883.1.0.1685586883.60.0.0
.neptunetheatre.com/	1970-01-20 12:14:33	Name: _gid Value: GA1.2.1035978453.1685586884
.neptunetheatre.com/	1970-01-20 12:13:06	Name: _gat_UA-1387790-1 Value: 1
.neptunetheatre.com/	1970-01-20 12:13:06	Name: _gat_UA-1387790-7 Value: 1
.neptunetheatre.com/	1970-01-20 14:22:42	Name: _fbp Value: fb.1.1685586883642.911525884
.doubleclick.net/	1970-01-20 12:13:07	Name: test_cookie Value: CheckForPermission
tags.srv.stackadapt.com/	1970-01-20 20:58:42	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
tags.srv.stackadapt.com/	1970-01-20 20:58:42	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.srv.stackadapt.com/	1970-01-20 20:58:42	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
www.neptunetheatre.com/	1970-01-20 20:58:42	Name: sa-user-id Value: s%253A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
www.neptunetheatre.com/	1970-01-20 20:58:42	Name: sa-user-id-v2 Value: s%253AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%252BjWvDZvNRXCZ5ROl3S8
.neptunetheatre.com/	1970-01-20 21:49:06	Name: _ga_6M51335965 Value: GS1.1.1685586884.1.0.1685586884.60.0.0
.neptunetheatre.com/	1970-01-20 21:49:06	Name: _ga Value: GA1.1.546284248.1685586883
.neptunetheatre.com/	1970-01-20 21:49:06	Name: _ga_8982X81KS0 Value: GS1.1.1685586884.1.0.1685586884.60.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://o2.eyereturn.com/?site=11890&page=generic Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb/g/collect?v=2&tid=G-8982X81KS0&gtm=45je35v0&_p=1692995752&_gaz=1&cid=546284248.1685586883&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685586884&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=2&_ss=2&_c=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://gtm-mw4rd72-yzq1m.uc.r.appspot.com/g/collect?v=2&tid=G-6M51335965&gtm=45je35v0&_p=1692995752&_gaz=1&cid=546284248.1685586883&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685586884&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=page_view&_fv=1&_ss=1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb/g/collect?v=2&tid=G-8982X81KS0&gtm=45je35v0&_p=1692995752&cid=546284248.1685586883&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&_s=2&sid=1685586884&sct=1&seg=0&dl=https%3A%2F%2Fwww.neptunetheatre.com%2Fsupport%2Fdonate&dt=Donate&en=gtm.dom&ep.event_id=cc935ef4-3e6d-44f8-8995-ce710ac9fbe6_1685586883256.21&ep.event_name=PageView&_et=3&richsstsse Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-mw4rd72-yzq1m.uc.r.appspot.com
immediac.blob.core.windows.net
netdna.bootstrapcdn.com
o2.eyereturn.com
r20.rs6.net
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.neptunetheatre.com
awq9r1rnlvrurdrevlomzw52ptemyxv0ad0yylhdqudsqxrgee9stehym1rybdhb
o2.eyereturn.com
142.250.181.226
20.150.113.36
2001:4860:4802:32::36
208.75.122.11
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:806::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
2a00:1450:4001:829::2014
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.232.221.224
40.86.230.96
10701cd57ff852047cf2067538bf1b461e120e978c72c45c7b66b0e942d11ac9
2ad88f933b80b37e4707ea8c34376f2c954f1891972fac71a90d8ede85595525
2eb421e7e76f7c200ed0e05378711184e419da544f020596b0c5cb51a7d7e9db
321416c217f67b352ab8ecd05502bddbf2dbc34db1ee3c560764f73f3b250d65
33663439f7d2929f7a13bd6e6361d129fe44eca71d343222c5c26eb0fdcd0ea2
34ec68b2eb2e2f6ee43c8685df29c452167d6aaeab5bfcaa17821120b436a207
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4a7bbf84b060a399aaa1ce708b40481e13ac90f06857549a723bafad67915874
542c150ad49cced22749e825822d3dd90c55652eb28856f4b9ba046b4d792a51
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5cfa4c3ddd929ec9306d424bb1ca7a7cda2d889054b16bdd575230895d52a321
6a7b21a7ba42dfc2b0517f904ab0482c6d243c7093a24137be47428af5743791
74512f5c009e3b13b5c56e9df971e8d44553bdc88a2d8c91f0a76dcfb15b2b63
7556c220859e509cf18297cacd5f9348ea5a55b13392e59be1086064f7f0f7a4
7a54a87c408b8b27742a101a900e96e746d41754053f882c7e52c2f378605789
82485ef1e42eedd5c0cffffdbae43c7eb9e54627a521ec41a8d038c1e2d9cc9b
829857745a9d41d3723ce26de2b9f67689134357a619c0397409c2c3e30df5bb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f4ca50fdf5bf15b25d85f9cf39614ca2813f3bee151a9cbb113e8395843b99
8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2
a13d79e8d81419b58e8b659cccd149a2e357e4fbdc8d58c0157ac5345fc66828
ab49a5fae2c8c021cfec9f48485d92cfd7dc0941acfe69c458daf9cd8be9a570
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b75111f09e027b2abbcf7cbed7680fdab5c140ca1560c43ecce74119cebca745
b7a427baaae0c5be8fe4afcf12fcf9a6f504c0b2ab3379b38d4d041e849a4e40
ba877abceaabd43b24437da6faf324a42d331a4272337fdc7b23b5c96a7ff306
c2e20894c957667729c9948a75d76bdc9da445ee525e3b4f6c15644331377cca
d034c3bb57bc38997982045c90988990b7cab67456e2fa3b1b5d30dc45f4a9d2
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d8b46f6b76486af4b4560fa1d367dc7e4572fa6dd92153ec99a8876255c7e15c
dca861140a496590b210e8afdb0fccc53e65c6b3edfbe9bd77f2cce93bc37dec
dee9539db4ab2658d42849ed89259717fc7804b5a82bf43fa0cd301d008407ec
e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481
e204166b8955a44bf74b8f112dc537943dbd53b6a2277ea1d0a439022668e923
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9cf5244c7df39db5f0784c090facc298a2b88b4496b2ce4945a2059d7c59e61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45a95526ba6c8d5c4b0e5749bbcecee1e496a2ac61c2425f0b40e13dbea8e0d
f63add4856f1f2636ae51e6ffdc9c0a5a2584fed2a4792e579d2c8cf24d06ecd
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
f9e203d310f03906df4d38845d494ae8170d06aed36167ccb9118d927d3b098b
fbec0c2c120a3d48e8857b7cb40e0d693219b1d103f9038b81739e8fb4df2bf9

www.neptunetheatre.com Open in urlscan Pro 40.86.230.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

89 %HTTPS

74 %IPv6

19 Domains

22 Subdomains

18 IPs

4 Countries

1558 kBTransfer

3754 kBSize

20 Cookies

8 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.neptunetheatre.com Open in urlscan Pro
40.86.230.96 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

89 %
HTTPS

74 %
IPv6

19
Domains

22
Subdomains

18
IPs

4
Countries

1558 kB
Transfer

3754 kB
Size

20
Cookies

72 HTTP transactions
0 data transactions