www.mgmstudios.com Open in urlscan Pro
2600:9000:2250:7600:1d:e587:7e40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://airmovieofficial.com/
Effective URL:
https://www.mgmstudios.com/air/
Submission: On May 08 via manual (May 8th 2023, 11:10:14 am UTC) from IN — Scanned from DE

Summary HTTP 67 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 20 domains to perform 67 HTTP transactions. The main IP is 2600:9000:2250:7600:1d:e587:7e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.mgmstudios.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 17th 2022. Valid for: a year.

This is the only time www.mgmstudios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.74.99.103 204.74.99.103	397213 (SECURITYS...) (SECURITYSERVICES)
15	2600:9000:225... 2600:9000:2250:7600:1d:e587:7e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:223... 2600:9000:223e:7c00:1:5424:4140:21	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8d:... 2a04:4e42:8d::444	54113 (FASTLY) (FASTLY)
6	2606:4700:440... 2606:4700:4400::ac40:936c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.59 13.224.189.59	16509 (AMAZON-02) (AMAZON-02)
1	34.246.14.9 34.246.14.9	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 3	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
67	24

1 204.74.99.103 (United States) 1 redirects

ASN397213 (SECURITYSERVICES, US)

airmovieofficial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2250:7600:1d:e587:7e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.mgmstudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:7c00:1:5424:4140:21 (United States)

ASN16509 (AMAZON-02, US)

dx35vtwkllhj9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::444 (United States)

ASN54113 (FASTLY, US)

production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:936c (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-59.fra2.r.cloudfront.net

showtimes-v2.s-prod.pow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.14.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-14-9.eu-west-1.compute.amazonaws.com

stdata.powster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

11015163.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgmstudios.com www.mgmstudios.com	223 KB
7	doubleclick.net 3 redirects 11015163.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	7 KB
6	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6080	112 KB
6	cloudfront.net dx35vtwkllhj9.cloudfront.net	1 MB
5	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 9108 www.google.de — Cisco Umbrella Rank: 6386	1 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	333 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 432 p.typekit.net — Cisco Umbrella Rank: 559	152 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 826	1002 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	239 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	114 KB
2	pow.io showtimes-v2.s-prod.pow.io — Cisco Umbrella Rank: 130153	768 B
2	cbsi.com production-cmp.isgprivacy.cbsi.com — Cisco Umbrella Rank: 10781	13 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 909	14 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 527	261 B
1	powster.com stdata.powster.com — Cisco Umbrella Rank: 115408	414 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 580	303 B
1	airmovieofficial.com 1 redirects airmovieofficial.com	225 B
67	20

	Domain	Requested by
15	www.mgmstudios.com	www.mgmstudios.com
6	cookie-cdn.cookiepro.com	www.mgmstudios.com cookie-cdn.cookiepro.com
6	dx35vtwkllhj9.cloudfront.net	www.mgmstudios.com
5	www.googletagmanager.com	www.mgmstudios.com www.google-analytics.com 11015163.fls.doubleclick.net www.googletagmanager.com
4	www.google.de	11015163.fls.doubleclick.net
4	www.google.com	2 redirects 11015163.fls.doubleclick.net
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
3	tr.snapchat.com	sc-static.net
3	11015163.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	use.typekit.net	www.mgmstudios.com use.typekit.net
2	www.facebook.com	11015163.fls.doubleclick.net
2	www.googleadservices.com	www.googletagmanager.com
2	connect.facebook.net	11015163.fls.doubleclick.net connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	showtimes-v2.s-prod.pow.io	www.mgmstudios.com
2	production-cmp.isgprivacy.cbsi.com	www.mgmstudios.com production-cmp.isgprivacy.cbsi.com
1	sc-static.net	11015163.fls.doubleclick.net
1	insight.adsrvr.org	11015163.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	11015163.fls.doubleclick.net
1	stdata.powster.com	www.mgmstudios.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	p.typekit.net	use.typekit.net
1	airmovieofficial.com	1 redirects
67	25

This site contains links to these domains. Also see Links.

Domain
www.unitedartistsreleasing.com
twitter.com
www.facebook.com
www.pinterest.co.uk
www.tumblr.com
telegram.me
amazonstudios.typeform.com
www.instagram.com
www.tiktok.com
www.powster.com
www.motionpictures.org
www.filmratings.com
www.mgm.com
cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
www.mgmstudios.com Amazon RSA 2048 M02	`2022-12-17` - `2024-01-16`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.isgprivacy.cbsi.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-26` - `2023-06-20`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
showtimes-v2.s-prod.pow.io Amazon RSA 2048 M02	`2023-02-21` - `2024-01-19`	a year	crt.sh
movies.powster.com Amazon RSA 2048 M02	`2023-02-14` - `2023-10-01`	8 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.mgmstudios.com/air/
Frame ID: C2A9B2A01F5F052F57354707D84573D5
Requests: 42 HTTP requests in this frame

Frame: https://11015163.fls.doubleclick.net/activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Frame ID: 11C81C53A73F6BFCC26171739963ACC7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Frame ID: 51276BCB5890A68BCBA51D841F1BCD51
Requests: 1 HTTP requests in this frame

Frame: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Frame ID: 6300D5647428BF15454B71993C880AF8
Requests: 22 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1cd6bb16-d29c-4ad3-89f9-119359ee72b8&u_scsid=330b8676-8eb5-4b84-be34-e79e1c4a04ee&u_sclid=107b0f1d-eba2-444e-9a9a-801b90946b26
Frame ID: 6E85806811612BD80F5DA11053E0BF43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Air | Official Website | April 05 2023Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://airmovieofficial.com/ HTTP 301
https://www.mgmstudios.com/air/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

67
Requests

97 %
HTTPS

68 %
IPv6

20
Domains

25
Subdomains

24
IPs

3
Countries

2051 kB
Transfer

3947 kB
Size

9
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unitedartistsreleasing.com/

Search URL Search Domain Scan URL

URL: https://www.unitedartistsreleasing.com/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.unitedartistsreleasing.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Watch%20Air%20with%20me&url=https%3A%2F%2Fwww.mgmstudios.com%2Fair

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.mgmstudios.com%2Fair

Search URL Search Domain Scan URL

URL: https://www.pinterest.co.uk/pin/create/button/?url=https%3A%2F%2Fwww.mgmstudios.com%2Fair&media=https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/share.jpg&description=Watch%20Air%20with%20me

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fwww.mgmstudios.com%2Fair/&description=Watch%20Air%20with%20me

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fwww.mgmstudios.com%2Fair&text=Watch%20Air%20with%20me

Search URL Search Domain Scan URL

URL: https://amazonstudios.typeform.com/AIRadvancebuy
Title: Group Tickets Group Tickets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airmovie

Search URL Search Domain Scan URL

URL: https://www.instagram.com/airmovie/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@airmovie?lang=en

Search URL Search Domain Scan URL

URL: https://twitter.com/airmovie

Search URL Search Domain Scan URL

URL: https://www.powster.com/
Title: Movie Platform © 2023 Powster

Search URL Search Domain Scan URL

URL: https://www.motionpictures.org/
Title: MPA

Search URL Search Domain Scan URL

URL: https://www.filmratings.com/
Title: Film Ratings

Search URL Search Domain Scan URL

URL: https://www.mgm.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.mgm.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://airmovieofficial.com/ HTTP 301
https://www.mgmstudios.com/air/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://11015163.fls.doubleclick.net/activityi;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F HTTP 302
https://11015163.fls.doubleclick.net/activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Request Chain 44

https://adservice.google.de/ddm/fls/i/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F HTTP 302
https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Request Chain 60

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kNhYZLizFLW59u8P4v2gyAg&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTDlXLThEWmp2VmVyd3pmcTRwNU53cEVkMm9PU0pPTkMza1FMcEsxenEtQTFJV004WmpneWN4YkE HTTP 302
https://www.google.com/pagead/1p-conversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTDlXLThEWmp2VmVyd3pmcTRwNU53cEVkMm9PU0pPTkMza1FMcEsxenEtQTFJV004WmpneWN4YkE&is_vtc=1&ocp_id=kNhYZLizFLW59u8P4v2gyAg&cid=CAQSKQBygQiDNRQgjz7oB8dNLk1zgl6onhrO1RLtULrAQMtHqn29coUylGh6&random=2489360062 HTTP 302
https://www.google.de/pagead/1p-conversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTDlXLThEWmp2VmVyd3pmcTRwNU53cEVkMm9PU0pPTkMza1FMcEsxenEtQTFJV004WmpneWN4YkE&is_vtc=1&ocp_id=kNhYZLizFLW59u8P4v2gyAg&cid=CAQSKQBygQiDNRQgjz7oB8dNLk1zgl6onhrO1RLtULrAQMtHqn29coUylGh6&random=2489360062&ipr=y&prhg=0

Request Chain 61

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kNhYZLixFLLI7_UPpu-H8Ao&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTHk4dG8wUnE4MzJoWUg5bmlCY01EeXNjTUpQbE9IMGNUUnhqdDJYc3hndGZTWXRtdUx6bkVxSWc HTTP 302
https://www.google.com/pagead/1p-conversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTHk4dG8wUnE4MzJoWUg5bmlCY01EeXNjTUpQbE9IMGNUUnhqdDJYc3hndGZTWXRtdUx6bkVxSWc&is_vtc=1&ocp_id=kNhYZLixFLLI7_UPpu-H8Ao&cid=CAQSKQBygQiDUhDeuqzQpaSQbZGh6RnUI_CdJhHmPB708Bhzo-TFTJyVEsS3&random=2534672638 HTTP 302
https://www.google.de/pagead/1p-conversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTHk4dG8wUnE4MzJoWUg5bmlCY01EeXNjTUpQbE9IMGNUUnhqdDJYc3hndGZTWXRtdUx6bkVxSWc&is_vtc=1&ocp_id=kNhYZLixFLLI7_UPpu-H8Ao&cid=CAQSKQBygQiDUhDeuqzQpaSQbZGh6RnUI_CdJhHmPB708Bhzo-TFTJyVEsS3&random=2534672638&ipr=y&prhg=0

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mgmstudios.com/air/
Redirect Chain

http://airmovieofficial.com/
https://www.mgmstudios.com/air/

112 KB
32 KB

208ms
121ms

Document
text/html

2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9a68c165a795864ef97b9a079de99a3470474a8206847f433e1c405f45f6913

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 08 May 2023 11:10:07 GMT
etag: W/"0364dc1f13ccee2fe15e6df05bcaf78e"
last-modified: Tue, 04 Apr 2023 00:23:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id: v20itrhW5L1bTy8I72xi5VB4qZxjrJyQkWQUKBgBWGgmJSfWndJmtQ==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: KnCMJBcCrOlR35XyEc5fHnmsdVa4166L
x-cache: RefreshHit from cloudfront

Redirect headers

Accept-Ranges: none
Connection: close
Content-type: text/html
Date: Mon, 08 May 2023 11:10:06 GMT
Last-Modified: Mon, 08 May 2023 11:10:06 GMT
Location: https://www.mgmstudios.com/air/

GET
H2 200 bolt.css
www.mgmstudios.com/air/css/ 81 KB
13 KB 99ms
99ms Stylesheet
text/css 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/bolt.css?v=1680567550737
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5aed3453fec826274024742aae2b6b0a6637a8280136f7c9bdd00558a6b1351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Mnf_tYA_UZ.sGR2Z8Y1dRNNVsj5v_eO8
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:07 GMT
last-modified: Tue, 04 Apr 2023 00:23:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"0eeca0fbbc50942d4a24d66548ba1189"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: ePwYZfOiu5Yu0Tbj-3YQHK8ubv6QU7raC7D6pmp08VOPAra1Hsf2eQ==

GET
H2 200 gsb3nxg.css
use.typekit.net/ 2 KB
873 B 56ms
9ms Stylesheet
text/css 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gsb3nxg.css

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 08 May 2023 11:10:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 641

GET
H2 200 bolt.js Show response
www.mgmstudios.com/air/js/ 268 KB
89 KB 59ms
59ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f27ae8b199b6d386d81a3e0668b56d154ec8c989e5f44367aa631a9ab9b5c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: P7Ox3nXaNUj0BcMnD3E0fx51UkKErIUU
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:07 GMT
last-modified: Tue, 04 Apr 2023 00:24:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"12e6364351633fabf05e00ffc75a84d5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: VVUthWKCNvVyOba9CB7YU3i_Uaz4NzetzVEYF3xmBw0oPO3B2qZiBA==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/ 67 KB
68 KB 44ms
17ms Image
image/png 2600:9000:223e:7c00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/tt.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72389987d6aca47b8ac611d818c4d1c9f323e6ce4256f17c5e68f01047715682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:34:47 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 17:47:37 GMT
server: AmazonS3
age: 912920
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "4e13fd38fa534d28a74c41542e2d1256"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 68997
x-amz-cf-id: YuzYYN0sHg79iWSLfQnbcEr1C0Z_qduTRVhFfhxsbngwWWDCAyiXBw==

GET
H2 200 legal-logos.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/ 45 KB
45 KB 37ms
10ms Image
image/png 2600:9000:223e:7c00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/legal-logos.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e4874ef0b3c56a3cb9de96287f6b78cbde6b3f3d28d23c59b6e9a61e85894e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 12:50:48 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 17:48:30 GMT
server: AmazonS3
age: 339559
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "c10e453b1b436f8048fe4c44e9c12a51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 45581
x-amz-cf-id: NmtW_cdFUR9OdFpG0FsgZowAS1kGAv_5XAEqhhEfvQKafCui1pzruQ==

GET
H2 200 MGM_logo.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/images/ 8 KB
8 KB 35ms
9ms Image
image/png 2600:9000:223e:7c00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/images/MGM_logo.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a92f7611c81829c264d3a335108120d98790bec4181ac939d21b693d6765c15e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:08:07 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Sun, 01 Jan 2023 16:36:33 GMT
server: AmazonS3
age: 241320
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "64d724e62f57f5649cbb9f04c7decbc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 7804
x-amz-cf-id: xQ1DYWiPSazJTcyZZlAGcxbq971Pgk2Wk1goJsc45GPvw5bmsNuQCw==

GET
H2 200 optanon-v1.1.0.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 38 KB
11 KB 44ms
7ms Script
application/x-javascript 2a04:4e42:8d::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::444 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad6c004c443d6c1ac8a66e25a5973b3d49fddcb31dc4574c6504e8f1df66aaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2862
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:9c580762-a51b-4fe0-ac97-38190a1955e5
x-cache: HIT
content-length: 10990
x-amz-id-2: fp8JPTpkY1Xxn82GFdojk4xDE8cl003h9Kf1UTWK9FAYLsnD0uTC+0eCWaN6PPTZTmDl8EU04hdJOKzjCugkdA==
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 08 Mar 2023 17:18:04 GMT
x-timer: S1683544207.891707,VS0,VE0
etag: "bea9da88ccef790fb77abaea44ea345e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-cache-hits: 42

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 55ms
30ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 11:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
age: 6543
x-ms-lease-status: unlocked
last-modified: Fri, 28 Apr 2023 01:32:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e15ca256-f01e-0029-6ab4-790639000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c41411c9e936919-FRA
expires: Tue, 09 May 2023 11:10:06 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 55ms
15ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gsb3nxg&ht=tk&f=139.175&a=10433865&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
59 KB 144ms
60ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVQPVJS

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12186023908662be7f93ffcac48442f76911ed3c9871c1e2054f2ea9e1c5e01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60125
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 11:10:06 GMT

GET
H2 200 6b44bc0e-7a40-48d1-94d0-68b075dfcb06.json Show response
cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/ 4 KB
2 KB 55ms
25ms XHR
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/6b44bc0e-7a40-48d1-94d0-68b075dfcb06.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e436a78f4a86b064bb82cfbadeefc9364bd05f03eb9fc3c2b0a1076d2e08628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 11:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: qObhThsbBqP0DzDWvKOTrA==
age: 69838
x-ms-lease-status: unlocked
last-modified: Fri, 23 Dec 2022 00:01:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6d66bb41-e01e-000a-3467-479cfa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c41411d194491f9-FRA

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 77 KB
77 KB 26ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://www.mgmstudios.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
server: nginx
etag: "11c083ab1a15272638ae385d966dba01aa76cbb4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 78476

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 74 KB
74 KB 26ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://www.mgmstudios.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
server: nginx
etag: "df3243d3c759de78b3798be9b3d13ba4e81d0d86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75868

GET
H2 200 shamanNotifier.js Show response
production-cmp.isgprivacy.cbsi.com/cps/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a04:4e42:8d::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js

Requested by

Host: production-cmp.isgprivacy.cbsi.com
URL: https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::444 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

610c5a59da900120a0d5f44bd9513aba3f3d5b06ad873bcc982b311660089bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2760
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:9cbcd0af-4de2-4091-b6b3-76fcc179dd9d
x-cache: HIT
content-length: 1542
x-amz-id-2: iNybYvCWdg+7LxD4lz6Q04szUM8QVOA4ZzTeWP97MuQgWE9biaFFzPFfTj72If9k3YQVlt7xeNM=
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 03 May 2023 15:39:32 GMT
x-timer: S1683544207.904986,VS0,VE0
etag: "7dce15f7aa041f17c080967b9367b7b0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-cache-hits: 66

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 68ms
28ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.mgmstudios.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c41411d899291f9-FRA
access-control-allow-headers: Content-Type

OPTIONS
H2 200 regions
showtimes-v2.s-prod.pow.io/v2.0/app/ Frame 0
0 123ms
89ms Preflight
application/json 13.224.189.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=air&rules_groups%5B0%5D=appId%3A%3A15059%3A%3A%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-59.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.mgmstudios.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-lat,x-requested-lon,x-requested-countries,x-requested-approxpos,pow-cache-include
access-control-allow-methods: GET,OPTIONS,POST,PUT,DELETE,HEAD,PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 08 May 2023 11:10:07 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-apigw-id: EmbGZEb6DoEFidg=
x-amz-cf-id: i808QxVQVad-tPf5007bOrFA3b3wE96gmwhuUlId4z60twUTwT5n2Q==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 59a4ca67-4d73-4b57-b94a-549a9b1b6471
x-cache: Miss from cloudfront

GET
H2 200 geo Show response
stdata.powster.com/ 129 B
414 B 105ms
32ms Fetch
application/json 34.246.14.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stdata.powster.com/geo
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.14.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-14-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7edf8cad84ca5bfed2df1d0a41d3c71676fb198b6029440ee2597cfdb8db38c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:07 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 regions Show response
showtimes-v2.s-prod.pow.io/v2.0/app/ 122 B
768 B 79ms
79ms Fetch
application/json 13.224.189.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=air&rules_groups%5B0%5D=appId%3A%3A15059%3A%3A%2F
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-59.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 14e9860df1af6a6f34231597515d818cc61c777c6222e5427c084f6e3791224a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Mon, 08 May 2023 11:10:07 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 122
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 9e064eba-814a-48bc-a34b-0d65f4a6905a
etag: W/"7a-X+6Wp/drHQ6f8sR8sQcKrI8TPZ0"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6458d88f-676c9d622391e8ed5e522978;Sampled=0;lineage=86c3ccff:0
x-cache: Miss from cloudfront
x-amz-apigw-id: EmbGaFEUDoEFW2A=
content-length: 122
x-amz-cf-id: IsToSlhULqxV28AdvnfJAa1T8qUfgmDTF7BYAx3SjXqYm_MoQfpDZg==
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, x-requested-lat, x-requested-lon, x-requested-countries, x-app-region, x-requested-approxpos, x-api-key, pow-cache-include, x-pow-cache-include

GET
H2 200 278.bolt.css
www.mgmstudios.com/air/css/ 3 KB
1 KB 76ms
75ms Stylesheet
text/css 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/278.bolt.css?v=a2851749e835368d2027
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef0a91f5f7261184c625acf9e558f556a57fa6228225badb44396025f9badb99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: rPC2w_K5KxGufgIgxzd63Ey0X3DhktkU
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"248426d2ea9f26ab5ac1a219ff2269a8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: Enjm3QrwdvUa3bu78EVK1iwIjPTTldSE13BOCLFdULf6NiETJXXpgQ==

GET
H2 200 cookies.bolt.js Show response
www.mgmstudios.com/air/js/ 10 KB
4 KB 85ms
85ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/cookies.bolt.js?v=a2851749e835368d2027
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8eae35942fd0ef336f6ea59263b6d91db712f753d60f7c9d45128c74171dc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: LLkbTRBU3.FR2zQ7ifth8zFoxwhxbwva
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:24:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"7daba943d8e9a56210a05c0a29f1e46a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: rIkorv92dPoOgN9nzb4xTTk0RAUgxM8HdCW5SWYHhve_xomS-qCrYA==

GET
H2 200 488.bolt.css
www.mgmstudios.com/air/css/ 5 KB
2 KB 84ms
84ms Stylesheet
text/css 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/488.bolt.css?v=b9048ff9f5a4550fd1c5
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74de515bc27ffc3c8ad13ac202628cfe11cd70f281a21f2003564a51554c48ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: vMBzI3Ogx_zzlPVQVVVLxwjAqFLmb7Ax
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"6642aaa939212a04a27e9af49a3722b0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: ehJc4Z_QOH2Ipl8Urc1VTt5fXjXEQB51OmHBhEvbvq4sH-2HEfjiuQ==

GET
H2 200 cookiesPreference.bolt.js Show response
www.mgmstudios.com/air/js/ 5 KB
2 KB 79ms
79ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/cookiesPreference.bolt.js?v=b9048ff9f5a4550fd1c5
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b976aad58a68680311e04cd0ba022f429cf5dbdd8a9029c3ada7f3d56fd6bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Gz9Ot4coiIklshEltOOBzJ47zde3lc7J
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:24:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"d16a1b6992d1bd03d848145496e45905"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: TvAqYr8CD2dmyrN6cHM13Zgt-TjUGJvP2xGo6TjaXNksl86x-mGZ6A==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/ 57 KB
58 KB 13ms
12ms Image
image/png 2600:9000:223e:7c00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/tt.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7d888e786516becd4d42b22927dc98708aa795dbcafacaad108cfbe6e5a6fc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 10:27:09 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Apr 2023 00:18:36 GMT
server: AmazonS3
age: 434579
x-amz-cf-pop: FRA56-P4
etag: "9e63ef3ae1ec2ad61d66e291c9a997b2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 58678
x-amz-cf-id: de8iOoJnaUBxypR0AMSI3L6YjjruKrwfGh4-duM6bZseklWcq4qrJQ==

GET
H2 200 bg.jpg
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/ 342 KB
343 KB 17ms
17ms Image
image/jpeg 2600:9000:223e:7c00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/bg.jpg
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 777d1f3711873837f55a81b5d9b0d0e03de0c64b9da0677f3e991f6c47d4a603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Sun, 07 May 2023 02:21:15 GMT
server: AmazonS3
age: 6922
x-amz-cf-pop: FRA56-P4
etag: "783d007569b5a93779635d0336a17ea8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 350379
x-amz-cf-id: T9ceMO1ok3NZABkUwITWKpUR_dn4l30611pWZ-b6rqT4MhvPec7Q8Q==

GET
H2 200 658.bolt.js Show response
www.mgmstudios.com/air/js/ 13 KB
5 KB 98ms
98ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/658.bolt.js?v=c61c8923254e4898ef73
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd80bd802cad3d43d153c231fa4e5292ea2352cd8db4bfeae13b6cb3a5bb4854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: eD3ZybEZNFv3PkVISYNFXSi0LbWxSd0u
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:24:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"9f9a3790b332bace93a496f4c045967b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: xts32SwUXeGig8ScLeSpMbJEWsjHTYytnGIr4kPCKPzJZbSgJSmgDg==

GET
H2 200 48.bolt.js Show response
www.mgmstudios.com/air/js/ 20 KB
7 KB 109ms
106ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/48.bolt.js?v=4f845444357071577d04
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87f9a4fb9b0a473b0e396d76bd00c0a21a5dff566bd71a3ff7386d096a111caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: _VMelmUrZ.vc7JhcuhkqJM25Dqti_LCT
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"b813236ce6bcba13ab3695783c84e89d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: V2a099Z4Ad91bc7H2qElkP0zAeYhA8vLNcfK3bmLqLvpUtABQQMMfA==

GET
H2 200 643.bolt.css
www.mgmstudios.com/air/css/ 26 KB
5 KB 74ms
71ms Stylesheet
text/css 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/643.bolt.css?v=952c9449f3c8933a0afa
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b72a9d1c86fd5e49744cfc8fbe96990bb969d345fdb1645713d6398e5b9c98dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: VgPjY1qjbATO0Yd6Cv6nPfx_y_Zs5KQ8
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"1028b36c8d6c97c284699727e7bb1db6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: UhYhKpDC5vwSsifyan2chJL1BG6h-YukYXdsOUsUXiG4WDtJrNJWqw==

GET
H2 200 643.bolt.js Show response
www.mgmstudios.com/air/js/ 30 KB
11 KB 110ms
107ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/643.bolt.js?v=952c9449f3c8933a0afa
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51a90a10263bb33a19bf90e1fdcb04fad609d6e0ae0201df14a7fb95136f0cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: LvVZrXXI4k2_64vnH95NJEr0WpLnhAjb
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"224bc5cf5bf6ad5adcc9da881317fcf4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qwgVb_DQjSErf5yKpCSR_e6XGMUFkvTjknrlI9s_jygljP6Z7WHH2w==

GET
H2 200 107.bolt.css
www.mgmstudios.com/air/css/ 35 KB
7 KB 108ms
104ms Stylesheet
text/css 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/107.bolt.css?v=b8777bcf8a49532d0174
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb78c89cc84d7525c00d50ee9f44e9b0a7612f3e1b0611e2717b5defeb4dbace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: ZCpahxFNxlUAQlaObwzzHjIDfOCIhATK
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"b74812021cc73ecf6589a6ad2efa1c81"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: nmHL7tSHVzPH0ADq3qoNKL21oTxCx9uE-vuAgvUZ4h3UbQyKj8eVvg==

GET
H2 200 107.bolt.js Show response
www.mgmstudios.com/air/js/ 70 KB
22 KB 86ms
82ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/107.bolt.js?v=b8777bcf8a49532d0174
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 334f3548597442eb5b4998bdd4050c2351af0b07b20b388f02076aace07004fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: BOUBLAsfVniD_dJMwD9.JD6T7GrFd5fx
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"f28063eb295fce569f24850b8eaca6ee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Bbuqo3geJ_ZDZ2Pt0tkt0vC2w5g9V9oXenGQ1r1zvqxVC0ZCfJhg-A==

GET
H2 200 392.bolt.css
www.mgmstudios.com/air/css/ 31 KB
6 KB 81ms
77ms Stylesheet
text/css 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/392.bolt.css?v=5f1889946f693d17cb00
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3728a8ac3bee620b834556e9ee2e8e7a3b2768ccdd38a940d5b224f9923e2a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: LJE_YpcuTB7kl.GKibOYifKkxOuA_K5v
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:23:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"bcf0230bb242857b7f13122ad4c784a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: GOq_1q8gteig_ynGvxhXllbcgjrxnIdM4DCaiy5nME5ZZpA12X-99g==

GET
H2 200 showtimes.bolt.js Show response
www.mgmstudios.com/air/js/ 56 KB
17 KB 169ms
166ms Script
application/javascript 2600:9000:2250:7600:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/showtimes.bolt.js?v=5f1889946f693d17cb00
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa3e7bbe6cf5507d9b359e41ec1509016e9b292946cfa3bb7f8d928249674032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: eAeNE0SrkEa6V8q7wx72zpZnB9fiqP_A
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 11:10:08 GMT
last-modified: Tue, 04 Apr 2023 00:25:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"bdf1bba8f2d279738e3a7e08ea9bc5d0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: wE5tjBNSmHziiEEq4awm0mcmGMVRLSss1w4gLtV2d-yZS3P9_ZUOQg==

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.20.0/ 376 KB
77 KB 31ms
30ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 11:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 5359
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 01:56:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 73118ff2-301e-0044-2367-47b272000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c41411dffd36919-FRA
expires: Tue, 09 May 2023 11:10:07 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/0161018f-3501-4ccf-a444-683762db966c/ 26 KB
7 KB 27ms
27ms Fetch
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/0161018f-3501-4ccf-a444-683762db966c/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

938d3e71eb31457bd1bfebe41ae14b5090d3295c9753e929084443815519551d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 11:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: FZEsog9SZvyWLyMRgF2BDQ==
age: 69839
x-ms-lease-status: unlocked
last-modified: Fri, 23 Dec 2022 00:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1030e07e-601e-0092-805d-56bc9b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c41411f2ac991f9-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQPVJS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 10:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2068
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 08 May 2023 12:35:39 GMT

GET
H2

200

activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F Show response
11015163.fls.doubleclick.net/ Frame 11C8
Redirect Chain

https://11015163.fls.doubleclick.net/activityi;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?
https://11015163.fls.doubleclick.net/activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3...

499 B
473 B

77ms
76ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11015163.fls.doubleclick.net/activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQPVJS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

65852bf23db6f38f676d541ec8a7c1d0c0ce204f4397b4a5d916ff0e199a21c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mgmstudios.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 11:10:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 11:10:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11015163.fls.doubleclick.net/activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 onesheet.jpg
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/ 532 KB
533 KB 11ms
11ms Image
image/jpeg 2600:9000:223e:7c00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/onesheet.jpg
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69afcfd46f52312ebc959181126ce42bf46504164c2dbf81172227af41c4e13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 12:52:54 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Apr 2023 00:18:32 GMT
server: AmazonS3
age: 685034
x-amz-cf-pop: FRA56-P4
etag: "6ec8b3deef4962fc4ea353b4fc9a0c3c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 544771
x-amz-cf-id: EXGT3A6J0hfZH9IkFRwXbliNB-9xhIrNcWnN2WeRTOd-fefmcUq7gw==

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/ 13 KB
3 KB 24ms
24ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 11:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: /OL7qnwFOarng5AW29V9Pw==
age: 69839
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 01:56:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 89e27845-001e-0084-3b67-474a4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c41411fdb4a91f9-FRA
expires: Tue, 09 May 2023 11:10:07 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/ 62 KB
15 KB 39ms
38ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77663496c7f4793551934d6896057e598a9aaf389d67d02e37051ef1d7bdb2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 11:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: WLrkAD3qn/muVrO/sVe24A==
age: 1148
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 01:56:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2364f44a-301e-008f-1867-47b127000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c41411fdb4d91f9-FRA
expires: Tue, 09 May 2023 11:10:07 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=766324219&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F&ul=en-us&de=UTF-8&dt=Air%20%7C%20Official%20Website%20%7C%20April%2005%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=173932513&gjid=1788669338&cid=225997601.1683544207&tid=UA-96913497-26&_gid=1568183559.1683544207&_r=1&_slc=1&gtm=45He3530n81NVQPVJS&z=2058220925

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

31d61cf66e31319ad033b9a5cfde5949c045a7a8c640f4c47aeeb6f65c5d6196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mgmstudios.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mgmstudios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
73 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-287C5TXPPL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0e59a0bb6c745443d826298ed6b373944d825739ea6ae36e7e6192333bf1e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 11:10:07 GMT

GET
H2 200 dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F Show response
adservice.google.com/ddm/fls/i/ Frame 5127 498 B
673 B 158ms
75ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Requested by

Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/activityi;dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7bee41f1ab1110947b8ae0637752f59c49c346a43d43b5d7be166f6fd504f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11015163.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 11:10:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 57ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-287C5TXPPL&gtm=45je3530&_p=766324219&cid=225997601.1683544207&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&sid=1683544207&sct=1&seg=0&dl=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F&dt=Air%20%7C%20Official%20Website%20%7C%20April%2005%202023&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-287C5TXPPL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mgmstudios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F Show response
11015163.fls.doubleclick.net/ddm/fls/r/ Frame 6300
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fww...
https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3...

3 KB
973 B

80ms
79ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

114957ecf6e57d5ffb2816929574990f65d61387e6051144f7d130d3d8256929

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 948
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 11:10:07 GMT
expires: Mon, 08 May 2023 11:10:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 11:10:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 6300 70 B
261 B 112ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=dz18eg5&ct=0:vs7rk44&fmt=3
Requested by: Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6300 185 KB
67 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11061495236

Requested by

Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4805c7a1ba96a9f192924bd79c37fccedf3e3b86435f60c68f810b2726abebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68296
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 11:10:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6300 185 KB
67 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1498fd0df2083ceb9c8d24e146d2ed2d80bef2dd06636f01169a7b779c608d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68239
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 11:10:08 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 6300 31 KB
14 KB 55ms
27ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ6TyfPK5f4CFYHdmgodqgsJaA;src=11015163;type=mgmyx0;cat=mgmai0;ord=7307250008367;gtm=45He3530;auiddc=1727334559.1683544207;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: gzip
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13611
x-amz-cf-id: lvON82UNUjyiT_eBpnYBox2emNeEwq4ET5IHa_AV3WTvA9v2aexx0g==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6300 106 KB
28 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 11:10:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: W16vUsOVBIup/i/yh5xrzH82GJ8XGSck86GZNsIrVbHdZ03s4HAauan1Z3zoM/y0Vl1UwQlADnaWyPJ5teKxrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 979894966262812 Show response
connect.facebook.net/signals/config/ Frame 6300 300 KB
86 KB 64ms
63ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/979894966262812?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8865ba0cfacf7420b3d7b1caad7d5697b0dd38f20f49a19535f75b231f14c04b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 11:10:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ecShAR57H2Iy/MOkSV7CmaFZqD098itDE5ECBZup4XNPuutGVY23lmJoXDR4TCYuq2DjdFLQce4ZytBoEcOirQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 6E85 0
201 B 222ms
22ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1cd6bb16-d29c-4ad3-89f9-119359ee72b8&u_scsid=330b8676-8eb5-4b84-be34-e79e1c4a04ee&u_sclid=107b0f1d-eba2-444e-9a9a-801b90946b26

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://11015163.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 08 May 2023 11:10:08 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 1cd6bb16-d29c-4ad3-89f9-119359ee72b8.js Show response
tr.snapchat.com/config/net/ Frame 6300 144 B
449 B 222ms
21ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/net/1cd6bb16-d29c-4ad3-89f9-119359ee72b8.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

bead585de7b0a9747a9830097ad2261b3e4cb127d7e601738a4cd34fd66ccdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://11015163.fls.doubleclick.net/
Origin: https://11015163.fls.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://11015163.fls.doubleclick.net
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame 6300 68 B
352 B 228ms
28ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://11015163.fls.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 11:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://11015163.fls.doubleclick.net
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6300 185 KB
67 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11061495236&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

411d187fd7ef87d5487bdfb9883e4d5f553a5d18ca095616bcf061525a1666e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68303
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 11:10:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/ Frame 6300 3 KB
1 KB 241ms
107ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/?random=1683544208177&cv=11&fst=1683544208177&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&frm=2&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b81a4ebace6b76e09bb593c7066f614f204de56927889975d15664ec892852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11061379584/ Frame 6300 3 KB
2 KB 186ms
53ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11061379584/?random=1683544208186&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5aea7a5b10f13e404387a5b8bc628ebca1c8ba2229edd5c0633d69447717bada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1686
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/ Frame 6300 3 KB
2 KB 165ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/?random=1683544208201&cv=11&fst=1683544208201&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&frm=2&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061495236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1648bd7b7ea4419524916d34c1eec0e5ca40763742a1f659f9cd01ae3865e847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11061495236/ Frame 6300 3 KB
2 KB 160ms
52ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11061495236/?random=1683544208211&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061495236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

58429d9a89b27a8661dd2fff3ea9851c8827311848f50608d1666405bd9878c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1683
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 6300 0
185 B 102ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=979894966262812&ev=PageView&dl=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1683544208224&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&it=1683544208091&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 11:10:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/11061495236/ Frame 6300
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11...
https://www.google.com/pagead/1p-conversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclic...
https://www.google.de/pagead/1p-conversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick...

42 B
108 B

52ms
52ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTDlXLThEWmp2VmVyd3pmcTRwNU53cEVkMm9PU0pPTkMza1FMcEsxenEtQTFJV004WmpneWN4YkE&is_vtc=1&ocp_id=kNhYZLizFLW59u8P4v2gyAg&cid=CAQSKQBygQiDNRQgjz7oB8dNLk1zgl6onhrO1RLtULrAQMtHqn29coUylGh6&random=2489360062&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11061495236/?random=1823188937&cv=11&fst=1683544208211&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTDlXLThEWmp2VmVyd3pmcTRwNU53cEVkMm9PU0pPTkMza1FMcEsxenEtQTFJV004WmpneWN4YkE&is_vtc=1&ocp_id=kNhYZLizFLW59u8P4v2gyAg&cid=CAQSKQBygQiDNRQgjz7oB8dNLk1zgl6onhrO1RLtULrAQMtHqn29coUylGh6&random=2489360062&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11061379584/ Frame 6300
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F110...
https://www.google.com/pagead/1p-conversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick...
https://www.google.de/pagead/1p-conversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick....

42 B
108 B

53ms
53ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTHk4dG8wUnE4MzJoWUg5bmlCY01EeXNjTUpQbE9IMGNUUnhqdDJYc3hndGZTWXRtdUx6bkVxSWc&is_vtc=1&ocp_id=kNhYZLixFLLI7_UPpu-H8Ao&cid=CAQSKQBygQiDUhDeuqzQpaSQbZGh6RnUI_CdJhHmPB708Bhzo-TFTJyVEsS3&random=2534672638&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11061379584/?random=755633105&cv=11&fst=1683544208186&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=1727334559.1683544207&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVlBZGhtRmppVXpnYlJRUk1lR25tb3hwaVZRMnBFWmo3cUtiNFRHSlJnWmZ4d0FzZXBSNVEaWENoQUk4THZpb2dZUXU3dkQ5SU9zNThSckVpNEEyUlVNTHk4dG8wUnE4MzJoWUg5bmlCY01EeXNjTUpQbE9IMGNUUnhqdDJYc3hndGZTWXRtdUx6bkVxSWc&is_vtc=1&ocp_id=kNhYZLixFLLI7_UPpu-H8Ao&cid=CAQSKQBygQiDUhDeuqzQpaSQbZGh6RnUI_CdJhHmPB708Bhzo-TFTJyVEsS3&random=2534672638&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11061495236/ Frame 6300 42 B
455 B 126ms
47ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11061495236/?random=1683544208201&cv=11&fst=1683543600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3638431342&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11061495236/ Frame 6300 42 B
108 B 136ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11061495236/?random=1683544208201&cv=11&fst=1683543600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3638431342&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11061379584/ Frame 6300 42 B
108 B 80ms
48ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11061379584/?random=1683544208177&cv=11&fst=1683543600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=681433818&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11061379584/ Frame 6300 42 B
455 B 89ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11061379584/?random=1683544208177&cv=11&fst=1683543600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=681433818&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 11:10:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 6300 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=979894966262812&ev=Microdata&dl=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJ6TyfPK5f4CFYHdmgodqgsJaA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D7307250008367%3Bgtm%3D45He3530%3Bauiddc%3D1727334559.1683544207%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1683544209727&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&it=1683544208091&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 11:10:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 11:40:30	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.mgmstudios.com/	1970-01-20 13:48:40	Name: _gcl_au Value: 1.1.1727334559.1683544207
.mgmstudios.com/	1970-01-20 20:24:40	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+May+08+2023+11%3A10%3A07+GMT%2B0000+(GMT)&version=6.20.0&hosts=&landingPath=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F&groups=C0001%3A1%2CC0002%3A0
.mgmstudios.com/	1970-01-20 11:40:30	Name: _gid Value: GA1.2.1568183559.1683544207
.mgmstudios.com/	1970-01-20 11:39:04	Name: _gat_UA-96913497-26 Value: 1
.mgmstudios.com/	1970-01-20 21:15:04	Name: _ga_287C5TXPPL Value: GS1.1.1683544207.1.0.1683544207.0.0.0
.mgmstudios.com/	1970-01-20 21:15:04	Name: _ga Value: GA1.1.225997601.1683544207
.doubleclick.net/	1970-01-20 21:00:40	Name: IDE Value: AHWqTUllZUIlkt4pTafyqsle2C8LI1fZFmJvKJv_5wvxH2T8SZvWXnMHybj8KLYansg
.snapchat.com/	1970-01-20 21:00:40	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3FwRHAIAgEwIqY0eMw104MUgXFm/1sndRHpZ2d04h4THhh8NiE5lJ5958HiaEeFxy5zWAyAAAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11015163.fls.doubleclick.net
adservice.google.com
adservice.google.de
airmovieofficial.com
connect.facebook.net
cookie-cdn.cookiepro.com
dx35vtwkllhj9.cloudfront.net
geolocation.onetrust.com
googleads.g.doubleclick.net
insight.adsrvr.org
p.typekit.net
production-cmp.isgprivacy.cbsi.com
region1.google-analytics.com
sc-static.net
showtimes-v2.s-prod.pow.io
stdata.powster.com
tr.snapchat.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mgmstudios.com
13.224.189.59
142.250.185.226
142.250.74.198
143.204.207.250
2001:4860:4802:34::36
204.74.99.103
2600:9000:223e:7c00:1:5424:4140:21
2600:9000:2250:7600:1d:e587:7e40:93a1
2606:4700:4400::ac40:9062
2606:4700:4400::ac40:936c
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:1490
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8d::444
34.246.14.9
35.190.43.134
52.223.40.198
114957ecf6e57d5ffb2816929574990f65d61387e6051144f7d130d3d8256929
12186023908662be7f93ffcac48442f76911ed3c9871c1e2054f2ea9e1c5e01a
14e9860df1af6a6f34231597515d818cc61c777c6222e5427c084f6e3791224a
1648bd7b7ea4419524916d34c1eec0e5ca40763742a1f659f9cd01ae3865e847
19b81a4ebace6b76e09bb593c7066f614f204de56927889975d15664ec892852
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
2f27ae8b199b6d386d81a3e0668b56d154ec8c989e5f44367aa631a9ab9b5c8e
31d61cf66e31319ad033b9a5cfde5949c045a7a8c640f4c47aeeb6f65c5d6196
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8
334f3548597442eb5b4998bdd4050c2351af0b07b20b388f02076aace07004fd
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3728a8ac3bee620b834556e9ee2e8e7a3b2768ccdd38a940d5b224f9923e2a5c
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9
3e436a78f4a86b064bb82cfbadeefc9364bd05f03eb9fc3c2b0a1076d2e08628
411d187fd7ef87d5487bdfb9883e4d5f553a5d18ca095616bcf061525a1666e6
4805c7a1ba96a9f192924bd79c37fccedf3e3b86435f60c68f810b2726abebf4
51a90a10263bb33a19bf90e1fdcb04fad609d6e0ae0201df14a7fb95136f0cf5
58429d9a89b27a8661dd2fff3ea9851c8827311848f50608d1666405bd9878c2
5aea7a5b10f13e404387a5b8bc628ebca1c8ba2229edd5c0633d69447717bada
5b976aad58a68680311e04cd0ba022f429cf5dbdd8a9029c3ada7f3d56fd6bd9
610c5a59da900120a0d5f44bd9513aba3f3d5b06ad873bcc982b311660089bea
65852bf23db6f38f676d541ec8a7c1d0c0ce204f4397b4a5d916ff0e199a21c0
69afcfd46f52312ebc959181126ce42bf46504164c2dbf81172227af41c4e13f
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346
72389987d6aca47b8ac611d818c4d1c9f323e6ce4256f17c5e68f01047715682
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
74de515bc27ffc3c8ad13ac202628cfe11cd70f281a21f2003564a51554c48ee
77663496c7f4793551934d6896057e598a9aaf389d67d02e37051ef1d7bdb2f0
777d1f3711873837f55a81b5d9b0d0e03de0c64b9da0677f3e991f6c47d4a603
78e4874ef0b3c56a3cb9de96287f6b78cbde6b3f3d28d23c59b6e9a61e85894e
7edf8cad84ca5bfed2df1d0a41d3c71676fb198b6029440ee2597cfdb8db38c4
87f9a4fb9b0a473b0e396d76bd00c0a21a5dff566bd71a3ff7386d096a111caf
8865ba0cfacf7420b3d7b1caad7d5697b0dd38f20f49a19535f75b231f14c04b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
938d3e71eb31457bd1bfebe41ae14b5090d3295c9753e929084443815519551d
9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c
a5aed3453fec826274024742aae2b6b0a6637a8280136f7c9bdd00558a6b1351
a92f7611c81829c264d3a335108120d98790bec4181ac939d21b693d6765c15e
aa3e7bbe6cf5507d9b359e41ec1509016e9b292946cfa3bb7f8d928249674032
ad6c004c443d6c1ac8a66e25a5973b3d49fddcb31dc4574c6504e8f1df66aaeb
b72a9d1c86fd5e49744cfc8fbe96990bb969d345fdb1645713d6398e5b9c98dd
bb78c89cc84d7525c00d50ee9f44e9b0a7612f3e1b0611e2717b5defeb4dbace
bead585de7b0a9747a9830097ad2261b3e4cb127d7e601738a4cd34fd66ccdf8
c1498fd0df2083ceb9c8d24e146d2ed2d80bef2dd06636f01169a7b779c608d2
c9a68c165a795864ef97b9a079de99a3470474a8206847f433e1c405f45f6913
cd80bd802cad3d43d153c231fa4e5292ea2352cd8db4bfeae13b6cb3a5bb4854
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d8eae35942fd0ef336f6ea59263b6d91db712f753d60f7c9d45128c74171dc52
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
df7bee41f1ab1110947b8ae0637752f59c49c346a43d43b5d7be166f6fd504f5
e0e59a0bb6c745443d826298ed6b373944d825739ea6ae36e7e6192333bf1e3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7d888e786516becd4d42b22927dc98708aa795dbcafacaad108cfbe6e5a6fc9
ef0a91f5f7261184c625acf9e558f556a57fa6228225badb44396025f9badb99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

www.mgmstudios.com Open in urlscan Pro 2600:9000:2250:7600:1d:e587:7e40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

68 %IPv6

20 Domains

25 Subdomains

24 IPs

3 Countries

2051 kBTransfer

3947 kBSize

9 Cookies

20 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mgmstudios.com Open in urlscan Pro
2600:9000:2250:7600:1d:e587:7e40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

68 %
IPv6

20
Domains

25
Subdomains

24
IPs

3
Countries

2051 kB
Transfer

3947 kB
Size

9
Cookies

67 HTTP transactions
1 data transactions