www.mgmstudios.com Open in urlscan Pro
2600:9000:2250:9000:1d:e587:7e40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://airmovieofficial.com/
Effective URL:
https://www.mgmstudios.com/air/
Submission: On May 08 via manual (May 8th 2023, 9:14:52 am UTC) from IN — Scanned from DE

Summary HTTP 66 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 66 HTTP transactions. The main IP is 2600:9000:2250:9000:1d:e587:7e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.mgmstudios.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 17th 2022. Valid for: a year.

This is the only time www.mgmstudios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.74.99.103 204.74.99.103	397213 (SECURITYS...) (SECURITYSERVICES)
15	2600:9000:225... 2600:9000:2250:9000:1d:e587:7e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:223... 2600:9000:223e:2e00:1:5424:4140:21	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8d:... 2a04:4e42:8d::444	54113 (FASTLY) (FASTLY)
6	2606:4700:440... 2606:4700:4400::ac40:936c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 3	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	13.224.189.77 13.224.189.77	16509 (AMAZON-02) (AMAZON-02)
1	34.246.14.9 34.246.14.9	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f128:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
66	24

1 204.74.99.103 (United States) 1 redirects

ASN397213 (SECURITYSERVICES, US)

airmovieofficial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2250:9000:1d:e587:7e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.mgmstudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:2e00:1:5424:4140:21 (United States)

ASN16509 (AMAZON-02, US)

dx35vtwkllhj9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::444 (United States)

ASN54113 (FASTLY, US)

production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:936c (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

11015163.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-77.fra2.r.cloudfront.net

showtimes-v2.s-prod.pow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.14.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-14-9.eu-west-1.compute.amazonaws.com

stdata.powster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f128:181:face:b00c:0:25de (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgmstudios.com www.mgmstudios.com	223 KB
7	doubleclick.net 3 redirects 11015163.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	7 KB
6	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6080	112 KB
6	cloudfront.net dx35vtwkllhj9.cloudfront.net	1 MB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	3 KB
4	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 9108 www.google.de — Cisco Umbrella Rank: 6386	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	266 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 432 p.typekit.net — Cisco Umbrella Rank: 559	152 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 826	1003 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	239 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	114 KB
2	pow.io showtimes-v2.s-prod.pow.io — Cisco Umbrella Rank: 130153	767 B
2	cbsi.com production-cmp.isgprivacy.cbsi.com — Cisco Umbrella Rank: 10781	13 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3736	455 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 909	14 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 527	261 B
1	powster.com stdata.powster.com — Cisco Umbrella Rank: 115408	414 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 580	312 B
1	airmovieofficial.com 1 redirects airmovieofficial.com	225 B
66	21

	Domain	Requested by
15	www.mgmstudios.com	www.mgmstudios.com
6	cookie-cdn.cookiepro.com	www.mgmstudios.com cookie-cdn.cookiepro.com
6	dx35vtwkllhj9.cloudfront.net	www.mgmstudios.com
4	www.google.com	2 redirects 11015163.fls.doubleclick.net
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	www.mgmstudios.com www.google-analytics.com 11015163.fls.doubleclick.net
3	www.google.de	11015163.fls.doubleclick.net
3	tr.snapchat.com	sc-static.net
3	11015163.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	use.typekit.net	www.mgmstudios.com use.typekit.net
2	www.facebook.com	11015163.fls.doubleclick.net
2	www.googleadservices.com	www.googletagmanager.com
2	connect.facebook.net	11015163.fls.doubleclick.net connect.facebook.net
2	showtimes-v2.s-prod.pow.io	www.mgmstudios.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	production-cmp.isgprivacy.cbsi.com	www.mgmstudios.com production-cmp.isgprivacy.cbsi.com
1	www.google.co.uk	11015163.fls.doubleclick.net
1	sc-static.net	11015163.fls.doubleclick.net
1	insight.adsrvr.org	11015163.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	11015163.fls.doubleclick.net
1	stdata.powster.com	www.mgmstudios.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	p.typekit.net	use.typekit.net
1	airmovieofficial.com	1 redirects
66	26

This site contains links to these domains. Also see Links.

Domain
www.unitedartistsreleasing.com
twitter.com
www.facebook.com
www.pinterest.co.uk
www.tumblr.com
telegram.me
amazonstudios.typeform.com
www.instagram.com
www.tiktok.com
www.powster.com
www.motionpictures.org
www.filmratings.com
www.mgm.com
cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
www.mgmstudios.com Amazon RSA 2048 M02	`2022-12-17` - `2024-01-16`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.isgprivacy.cbsi.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-26` - `2023-06-20`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
showtimes-v2.s-prod.pow.io Amazon RSA 2048 M02	`2023-02-21` - `2024-01-19`	a year	crt.sh
movies.powster.com Amazon RSA 2048 M02	`2023-02-14` - `2023-10-01`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.mgmstudios.com/air/
Frame ID: 7D45B238C2971234FD49A86D53FDE050
Requests: 42 HTTP requests in this frame

Frame: https://11015163.fls.doubleclick.net/activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Frame ID: 9D71855FE32258E74A2F719D9DD93614
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Frame ID: 13194E0F0BE570D1AA88C6A432BCF195
Requests: 1 HTTP requests in this frame

Frame: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Frame ID: 54BC18DC2411039E85E35BCEDD4A29D3
Requests: 21 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1cd6bb16-d29c-4ad3-89f9-119359ee72b8&u_scsid=385a335b-1a67-4457-8b44-001a431dd61c&u_sclid=09d5c003-3d1f-4e35-98f1-3630d0828fff
Frame ID: DC16426F144A75C85B3D79EAC8BF5016
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Air | Official Website | April 05 2023Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://airmovieofficial.com/ HTTP 301
https://www.mgmstudios.com/air/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

66
Requests

97 %
HTTPS

68 %
IPv6

21
Domains

26
Subdomains

24
IPs

4
Countries

1984 kB
Transfer

3762 kB
Size

9
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unitedartistsreleasing.com/

Search URL Search Domain Scan URL

URL: https://www.unitedartistsreleasing.com/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.unitedartistsreleasing.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Watch%20Air%20with%20me&url=https%3A%2F%2Fwww.mgmstudios.com%2Fair

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.mgmstudios.com%2Fair

Search URL Search Domain Scan URL

URL: https://www.pinterest.co.uk/pin/create/button/?url=https%3A%2F%2Fwww.mgmstudios.com%2Fair&media=https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/share.jpg&description=Watch%20Air%20with%20me

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fwww.mgmstudios.com%2Fair/&description=Watch%20Air%20with%20me

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fwww.mgmstudios.com%2Fair&text=Watch%20Air%20with%20me

Search URL Search Domain Scan URL

URL: https://amazonstudios.typeform.com/AIRadvancebuy
Title: Group Tickets Group Tickets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airmovie

Search URL Search Domain Scan URL

URL: https://www.instagram.com/airmovie/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@airmovie?lang=en

Search URL Search Domain Scan URL

URL: https://twitter.com/airmovie

Search URL Search Domain Scan URL

URL: https://www.powster.com/
Title: Movie Platform © 2023 Powster

Search URL Search Domain Scan URL

URL: https://www.motionpictures.org/
Title: MPA

Search URL Search Domain Scan URL

URL: https://www.filmratings.com/
Title: Film Ratings

Search URL Search Domain Scan URL

URL: https://www.mgm.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.mgm.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://airmovieofficial.com/ HTTP 301
https://www.mgmstudios.com/air/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://11015163.fls.doubleclick.net/activityi;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F HTTP 302
https://11015163.fls.doubleclick.net/activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Request Chain 43

https://adservice.google.de/ddm/fls/i/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F HTTP 302
https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Request Chain 57

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=hr1YZPyaDKiv9u8Pzqqp6Ag&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw3aXVORXNBZ3VOUXBSR1FXM3Exem9YZ1MydFNXdFZVVmNwQzVsMW9CTkRpR0g1NV9LUVFwWjQ HTTP 302
https://www.google.com/pagead/1p-conversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw3aXVORXNBZ3VOUXBSR1FXM3Exem9YZ1MydFNXdFZVVmNwQzVsMW9CTkRpR0g1NV9LUVFwWjQ&is_vtc=1&ocp_id=hr1YZPyaDKiv9u8Pzqqp6Ag&cid=CAQSKQBygQiDN4o73wwwq2Jgc8-V8gXPN8XSWku0qELKu-PShVuatxwNzygL&random=246624512 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw3aXVORXNBZ3VOUXBSR1FXM3Exem9YZ1MydFNXdFZVVmNwQzVsMW9CTkRpR0g1NV9LUVFwWjQ&is_vtc=1&ocp_id=hr1YZPyaDKiv9u8Pzqqp6Ag&cid=CAQSKQBygQiDN4o73wwwq2Jgc8-V8gXPN8XSWku0qELKu-PShVuatxwNzygL&random=246624512&ipr=y&prhg=0

Request Chain 58

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=hr1YZJWZDJjH7_UP3t62gAU&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw2V1dxajhlbmozZUVzakZaSy1BRnFZV1l6eW9ydm05NjhZMGVFYlZaaE0yNFNxQ2hNZS1MUTg HTTP 302
https://www.google.com/pagead/1p-conversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw2V1dxajhlbmozZUVzakZaSy1BRnFZV1l6eW9ydm05NjhZMGVFYlZaaE0yNFNxQ2hNZS1MUTg&is_vtc=1&ocp_id=hr1YZJWZDJjH7_UP3t62gAU&cid=CAQSKQBygQiDPjO9WEphJGW05JxZCn59a3-OevHNaRxsHXFL5f698U2_bpeY&random=3102618376 HTTP 302
https://www.google.de/pagead/1p-conversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw2V1dxajhlbmozZUVzakZaSy1BRnFZV1l6eW9ydm05NjhZMGVFYlZaaE0yNFNxQ2hNZS1MUTg&is_vtc=1&ocp_id=hr1YZJWZDJjH7_UP3t62gAU&cid=CAQSKQBygQiDPjO9WEphJGW05JxZCn59a3-OevHNaRxsHXFL5f698U2_bpeY&random=3102618376&ipr=y&prhg=0

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mgmstudios.com/air/
Redirect Chain

http://airmovieofficial.com/
https://www.mgmstudios.com/air/

112 KB
32 KB

843ms
386ms

Document
text/html

2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9a68c165a795864ef97b9a079de99a3470474a8206847f433e1c405f45f6913

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 08 May 2023 09:14:46 GMT
etag: W/"0364dc1f13ccee2fe15e6df05bcaf78e"
last-modified: Tue, 04 Apr 2023 00:23:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: _vKmWvqB-dNY3GuI6tFOPDBbbzPRbglRNDAwRjrhwjuowo__UpBtGw==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: KnCMJBcCrOlR35XyEc5fHnmsdVa4166L
x-cache: RefreshHit from cloudfront

Redirect headers

Accept-Ranges: none
Connection: close
Content-type: text/html
Date: Mon, 08 May 2023 09:14:44 GMT
Last-Modified: Mon, 08 May 2023 09:14:44 GMT
Location: https://www.mgmstudios.com/air/

GET
H2 200 bolt.css
www.mgmstudios.com/air/css/ 81 KB
13 KB 97ms
96ms Stylesheet
text/css 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/bolt.css?v=1680567550737
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5aed3453fec826274024742aae2b6b0a6637a8280136f7c9bdd00558a6b1351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Mnf_tYA_UZ.sGR2Z8Y1dRNNVsj5v_eO8
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:23:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"0eeca0fbbc50942d4a24d66548ba1189"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: RLE0xE0gh9rtkmtQIwyVV8iTnDC2D0Li4EOKpzR6HFU7OX4x2PoHXw==

GET
H2 200 gsb3nxg.css
use.typekit.net/ 2 KB
873 B 49ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gsb3nxg.css

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 08 May 2023 09:14:45 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 641

GET
H2 200 bolt.js Show response
www.mgmstudios.com/air/js/ 268 KB
89 KB 103ms
103ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f27ae8b199b6d386d81a3e0668b56d154ec8c989e5f44367aa631a9ab9b5c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: P7Ox3nXaNUj0BcMnD3E0fx51UkKErIUU
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:24:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"12e6364351633fabf05e00ffc75a84d5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: TO-kj_WVqxLt53uEnzrP87KNXFzjrQdNmKyBvQmvz6NxEBabpSkUcw==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/ 67 KB
68 KB 56ms
9ms Image
image/png 2600:9000:223e:2e00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/tt.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72389987d6aca47b8ac611d818c4d1c9f323e6ce4256f17c5e68f01047715682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:34:47 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 17:47:37 GMT
server: AmazonS3
age: 905999
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "4e13fd38fa534d28a74c41542e2d1256"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 68997
x-amz-cf-id: lfLPaQttrScRr5zv51kn6JIGAei2nzsSkFoU1wjHU9U2ir2bvIkkGw==

GET
H2 200 legal-logos.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/ 45 KB
45 KB 63ms
16ms Image
image/png 2600:9000:223e:2e00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/legal-logos.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e4874ef0b3c56a3cb9de96287f6b78cbde6b3f3d28d23c59b6e9a61e85894e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 12:50:48 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 17:48:30 GMT
server: AmazonS3
age: 332638
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "c10e453b1b436f8048fe4c44e9c12a51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 45581
x-amz-cf-id: c77feF8n__hSHk_Mln9r-_DYnBgGR6eRzszSRNCE_EhgCvd4yia5nA==

GET
H2 200 MGM_logo.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/images/ 8 KB
8 KB 55ms
8ms Image
image/png 2600:9000:223e:2e00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/images/MGM_logo.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a92f7611c81829c264d3a335108120d98790bec4181ac939d21b693d6765c15e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:08:07 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Sun, 01 Jan 2023 16:36:33 GMT
server: AmazonS3
age: 234399
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "64d724e62f57f5649cbb9f04c7decbc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 7804
x-amz-cf-id: jjQEDiYr4DBJBTBrmD43gDjMwCcKVnCdAUksEe_2K00yLl12qt5r-g==

GET
H2 200 optanon-v1.1.0.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 38 KB
11 KB 40ms
6ms Script
application/x-javascript 2a04:4e42:8d::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::444 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad6c004c443d6c1ac8a66e25a5973b3d49fddcb31dc4574c6504e8f1df66aaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 3141
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:9c580762-a51b-4fe0-ac97-38190a1955e5
x-cache: HIT
content-length: 10990
x-amz-id-2: fp8JPTpkY1Xxn82GFdojk4xDE8cl003h9Kf1UTWK9FAYLsnD0uTC+0eCWaN6PPTZTmDl8EU04hdJOKzjCugkdA==
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230033-FRA
last-modified: Wed, 08 Mar 2023 17:18:04 GMT
x-timer: S1683537286.569481,VS0,VE0
etag: "bea9da88ccef790fb77abaea44ea345e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-cache-hits: 38

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 53ms
26ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
age: 86023
x-ms-lease-status: unlocked
last-modified: Fri, 28 Apr 2023 01:32:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e15ca256-f01e-0029-6ab4-790639000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c409822693d3678-FRA
expires: Tue, 09 May 2023 09:14:45 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 54ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gsb3nxg&ht=tk&f=139.175&a=10433865&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 08 May 2023 09:14:45 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
59 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVQPVJS

Requested by

Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cb1287b8e451c0195f99b27aeac5480fc53bd8d72048d7ea06d34c6cdeba403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 60002
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 09:14:45 GMT

GET
H2 200 6b44bc0e-7a40-48d1-94d0-68b075dfcb06.json Show response
cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/ 4 KB
2 KB 67ms
51ms XHR
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/6b44bc0e-7a40-48d1-94d0-68b075dfcb06.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e436a78f4a86b064bb82cfbadeefc9364bd05f03eb9fc3c2b0a1076d2e08628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: qObhThsbBqP0DzDWvKOTrA==
age: 69778
x-ms-lease-status: unlocked
last-modified: Fri, 23 Dec 2022 00:01:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6d66bb41-e01e-000a-3467-479cfa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c409822ce9235fd-FRA

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 77 KB
77 KB 33ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://www.mgmstudios.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
server: nginx
etag: "11c083ab1a15272638ae385d966dba01aa76cbb4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 78476

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 74 KB
74 KB 34ms
8ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://www.mgmstudios.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
server: nginx
etag: "df3243d3c759de78b3798be9b3d13ba4e81d0d86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75868

GET
H2 200 shamanNotifier.js Show response
production-cmp.isgprivacy.cbsi.com/cps/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a04:4e42:8d::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js

Requested by

Host: production-cmp.isgprivacy.cbsi.com
URL: https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::444 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

610c5a59da900120a0d5f44bd9513aba3f3d5b06ad873bcc982b311660089bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 3041
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:9cbcd0af-4de2-4091-b6b3-76fcc179dd9d
x-cache: HIT
content-length: 1542
x-amz-id-2: iNybYvCWdg+7LxD4lz6Q04szUM8QVOA4ZzTeWP97MuQgWE9biaFFzPFfTj72If9k3YQVlt7xeNM=
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230033-FRA
last-modified: Wed, 03 May 2023 15:39:32 GMT
x-timer: S1683537286.582293,VS0,VE0
etag: "7dce15f7aa041f17c080967b9367b7b0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-cache-hits: 61

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 54ms
36ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.mgmstudios.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c40982339f61c30-FRA
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQPVJS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 08:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2346
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 08 May 2023 10:35:39 GMT

GET
H2

200

activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F Show response
11015163.fls.doubleclick.net/ Frame 9D71
Redirect Chain

https://11015163.fls.doubleclick.net/activityi;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?
https://11015163.fls.doubleclick.net/activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A...

498 B
454 B

46ms
45ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11015163.fls.doubleclick.net/activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQPVJS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

84df16258e6804ad523a4a43c3c20e24c73353f664027bd12babb2f0638d4b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mgmstudios.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 09:14:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 09:14:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11015163.fls.doubleclick.net/activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 regions
showtimes-v2.s-prod.pow.io/v2.0/app/ Frame 0
0 63ms
34ms Preflight
application/json 13.224.189.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=air&rules_groups%5B0%5D=appId%3A%3A15059%3A%3A%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-77.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.mgmstudios.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-lat,x-requested-lon,x-requested-countries,x-requested-approxpos,pow-cache-include
access-control-allow-methods: GET,OPTIONS,POST,PUT,DELETE,HEAD,PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 08 May 2023 09:14:45 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-apigw-id: EmKM8EehjoEFvaQ=
x-amz-cf-id: wHx5y4CxRLnoIaj_KvvjvCj-NC4LFXaJyHyHzwJ_mlZijOlF7CgxiA==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 371b8b45-ad3e-4e15-a515-7df540ee1274
x-cache: Miss from cloudfront

GET
H2 200 geo Show response
stdata.powster.com/ 129 B
414 B 117ms
35ms Fetch
application/json 34.246.14.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stdata.powster.com/geo
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.14.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-14-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b966b01496c4d845527762ec0d5d75682019d06e2b4b6df6a4f4c6d866b84172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 regions Show response
showtimes-v2.s-prod.pow.io/v2.0/app/ 122 B
767 B 105ms
104ms Fetch
application/json 13.224.189.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=air&rules_groups%5B0%5D=appId%3A%3A15059%3A%3A%2F
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-77.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 14e9860df1af6a6f34231597515d818cc61c777c6222e5427c084f6e3791224a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 122
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 0c7a1951-083c-4447-864a-2a87dd9b4389
etag: W/"7a-X+6Wp/drHQ6f8sR8sQcKrI8TPZ0"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6458bd85-09a9c6cf394e77fb754cf11d;Sampled=0;lineage=86c3ccff:0
x-cache: Miss from cloudfront
x-amz-apigw-id: EmKM9FitjoEFsPQ=
content-length: 122
x-amz-cf-id: sPtz1gCJuj2NawApj1XefGWLkECpwF0FW2RA55yCsdwAKAQovrcgog==
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, x-requested-lat, x-requested-lon, x-requested-countries, x-app-region, x-requested-approxpos, x-api-key, pow-cache-include, x-pow-cache-include

GET
H2 200 278.bolt.css
www.mgmstudios.com/air/css/ 3 KB
1 KB 88ms
88ms Stylesheet
text/css 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/278.bolt.css?v=a2851749e835368d2027
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef0a91f5f7261184c625acf9e558f556a57fa6228225badb44396025f9badb99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: rPC2w_K5KxGufgIgxzd63Ey0X3DhktkU
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:23:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"248426d2ea9f26ab5ac1a219ff2269a8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: bQ-Unh3lv1ZvmMYMrYJjW4yotXaNlON3YLIT95WWoQiBu9JtHs54xA==

GET
H2 200 cookies.bolt.js Show response
www.mgmstudios.com/air/js/ 10 KB
4 KB 104ms
104ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/cookies.bolt.js?v=a2851749e835368d2027
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8eae35942fd0ef336f6ea59263b6d91db712f753d60f7c9d45128c74171dc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: LLkbTRBU3.FR2zQ7ifth8zFoxwhxbwva
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:24:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"7daba943d8e9a56210a05c0a29f1e46a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 3haJ_uFPbsnMyE1t4ONyPwzUGf-_mGomA227Yf3NaqCz54SwNaXSLQ==

GET
H2 200 488.bolt.css
www.mgmstudios.com/air/css/ 5 KB
2 KB 109ms
109ms Stylesheet
text/css 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/488.bolt.css?v=b9048ff9f5a4550fd1c5
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74de515bc27ffc3c8ad13ac202628cfe11cd70f281a21f2003564a51554c48ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: vMBzI3Ogx_zzlPVQVVVLxwjAqFLmb7Ax
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:23:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"6642aaa939212a04a27e9af49a3722b0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: nqUR_xFGtnOu8hXY09I2JDkQxaSJv5q6pukN41OaDxEijdl0Iy74ZQ==

GET
H2 200 cookiesPreference.bolt.js Show response
www.mgmstudios.com/air/js/ 5 KB
2 KB 151ms
151ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/cookiesPreference.bolt.js?v=b9048ff9f5a4550fd1c5
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b976aad58a68680311e04cd0ba022f429cf5dbdd8a9029c3ada7f3d56fd6bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Gz9Ot4coiIklshEltOOBzJ47zde3lc7J
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:24:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"d16a1b6992d1bd03d848145496e45905"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ywEYoMjUYmZg0430cJstGljd2EC3Hmico6fNo_OK7ISHSncDM76eVg==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/ 57 KB
58 KB 9ms
8ms Image
image/png 2600:9000:223e:2e00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/tt.png
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7d888e786516becd4d42b22927dc98708aa795dbcafacaad108cfbe6e5a6fc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 10:27:09 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Tue, 04 Apr 2023 00:18:36 GMT
server: AmazonS3
age: 427657
x-amz-cf-pop: FRA56-P4
etag: "9e63ef3ae1ec2ad61d66e291c9a997b2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 58678
x-amz-cf-id: zwxKYm4bUKT9IfcJl47bE9Vq2B3b2MXTeuNSXWEajbm1nVaBx7dzow==

GET
H2 200 bg.jpg
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/ 342 KB
343 KB 191ms
191ms Image
image/jpeg 2600:9000:223e:2e00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/bg.jpg
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 777d1f3711873837f55a81b5d9b0d0e03de0c64b9da0677f3e991f6c47d4a603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Sun, 07 May 2023 02:21:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "783d007569b5a93779635d0336a17ea8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 350379
x-amz-cf-id: AQXCqkKU-HIdrWPA8OdXcLHq2G8tiGykyUi1DCRGYa9tsOSmPa4muQ==

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.20.0/ 376 KB
77 KB 27ms
27ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 84134
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 01:56:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 73118ff2-301e-0044-2367-47b272000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c409823eafc3678-FRA
expires: Tue, 09 May 2023 09:14:45 GMT

GET
H2 200 658.bolt.js Show response
www.mgmstudios.com/air/js/ 13 KB
5 KB 518ms
516ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/658.bolt.js?v=c61c8923254e4898ef73
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd80bd802cad3d43d153c231fa4e5292ea2352cd8db4bfeae13b6cb3a5bb4854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: eD3ZybEZNFv3PkVISYNFXSi0LbWxSd0u
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:47 GMT
last-modified: Tue, 04 Apr 2023 00:24:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"9f9a3790b332bace93a496f4c045967b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yuoHQsYLrQAqrJ73-VdSRZ__1y_U0nJBN9LPrBajBf65kqEXftIVgA==

GET
H2 200 48.bolt.js Show response
www.mgmstudios.com/air/js/ 20 KB
7 KB 360ms
358ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/48.bolt.js?v=4f845444357071577d04
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87f9a4fb9b0a473b0e396d76bd00c0a21a5dff566bd71a3ff7386d096a111caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: _VMelmUrZ.vc7JhcuhkqJM25Dqti_LCT
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:47 GMT
last-modified: Tue, 04 Apr 2023 00:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"b813236ce6bcba13ab3695783c84e89d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: uC9LoH5hCz0lec4YB8jIvDvqFXnxhbcYGl8XKNrN-5LiQ4z2noq3eQ==

GET
H2 200 643.bolt.css
www.mgmstudios.com/air/css/ 26 KB
5 KB 150ms
148ms Stylesheet
text/css 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/643.bolt.css?v=952c9449f3c8933a0afa
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b72a9d1c86fd5e49744cfc8fbe96990bb969d345fdb1645713d6398e5b9c98dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: VgPjY1qjbATO0Yd6Cv6nPfx_y_Zs5KQ8
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:46 GMT
last-modified: Tue, 04 Apr 2023 00:23:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"1028b36c8d6c97c284699727e7bb1db6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: gQqkdWD_ikqYWGHP4mwQ5R2QWsftFDWZ-oomdvO4t3kewKnlsSH0Vg==

GET
H2 200 643.bolt.js Show response
www.mgmstudios.com/air/js/ 30 KB
11 KB 377ms
375ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/643.bolt.js?v=952c9449f3c8933a0afa
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51a90a10263bb33a19bf90e1fdcb04fad609d6e0ae0201df14a7fb95136f0cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: LvVZrXXI4k2_64vnH95NJEr0WpLnhAjb
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:47 GMT
last-modified: Tue, 04 Apr 2023 00:23:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"224bc5cf5bf6ad5adcc9da881317fcf4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: QTqPfDlx01_sngNU_cq_DorbpDQOh1oA0Yq9qd2xrDcDxz4LgL2VBg==

GET
H2 200 107.bolt.css
www.mgmstudios.com/air/css/ 35 KB
7 KB 399ms
397ms Stylesheet
text/css 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/107.bolt.css?v=b8777bcf8a49532d0174
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb78c89cc84d7525c00d50ee9f44e9b0a7612f3e1b0611e2717b5defeb4dbace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: ZCpahxFNxlUAQlaObwzzHjIDfOCIhATK
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:47 GMT
last-modified: Tue, 04 Apr 2023 00:23:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"b74812021cc73ecf6589a6ad2efa1c81"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: TJsZjZNeV3jpgwjf9WE8TNtDkggFBXQ0lkJad8QVh04if6vjabsOgA==

GET
H2 200 107.bolt.js Show response
www.mgmstudios.com/air/js/ 70 KB
22 KB 206ms
205ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/107.bolt.js?v=b8777bcf8a49532d0174
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 334f3548597442eb5b4998bdd4050c2351af0b07b20b388f02076aace07004fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
x-amz-version-id: BOUBLAsfVniD_dJMwD9.JD6T7GrFd5fx
content-encoding: gzip
last-modified: Tue, 04 Apr 2023 00:23:53 GMT
server: AmazonS3
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
etag: W/"f28063eb295fce569f24850b8eaca6ee"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: BKL76Z-jtpU9tE6DYUY9tmwxFXlTmoaXmeH0oETMo0jRR1Yxye-SfQ==

GET
H2 200 392.bolt.css
www.mgmstudios.com/air/css/ 31 KB
6 KB 449ms
448ms Stylesheet
text/css 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/css/392.bolt.css?v=5f1889946f693d17cb00
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3728a8ac3bee620b834556e9ee2e8e7a3b2768ccdd38a940d5b224f9923e2a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: LJE_YpcuTB7kl.GKibOYifKkxOuA_K5v
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:47 GMT
last-modified: Tue, 04 Apr 2023 00:23:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"bcf0230bb242857b7f13122ad4c784a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: BOFbpyb63qzATsBVvt6mtMDvFphqFgBT11vU3X-TzPaF3_KmM5HUBg==

GET
H2 200 showtimes.bolt.js Show response
www.mgmstudios.com/air/js/ 56 KB
17 KB 424ms
423ms Script
application/javascript 2600:9000:2250:9000:1d:e587:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mgmstudios.com/air/js/showtimes.bolt.js?v=5f1889946f693d17cb00
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/js/bolt.js?v=1680567550737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9000:1d:e587:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa3e7bbe6cf5507d9b359e41ec1509016e9b292946cfa3bb7f8d928249674032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/air/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: eAeNE0SrkEa6V8q7wx72zpZnB9fiqP_A
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
date: Mon, 08 May 2023 09:14:47 GMT
last-modified: Tue, 04 Apr 2023 00:25:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"bdf1bba8f2d279738e3a7e08ea9bc5d0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: kvH1KZc88Kp-1cii5k1mS_7XPVdMEw-vgBLx2V1m5a0h3xLv5PSjdw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 17ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1859188359&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F&ul=en-us&de=UTF-8&dt=Air%20%7C%20Official%20Website%20%7C%20April%2005%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=661650568&gjid=1204057884&cid=767164190.1683537286&tid=UA-96913497-26&_gid=124635051.1683537286&_r=1&_slc=1&gtm=45He3530n81NVQPVJS&z=222255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

31d61cf66e31319ad033b9a5cfde5949c045a7a8c640f4c47aeeb6f65c5d6196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mgmstudios.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mgmstudios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-287C5TXPPL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf26f4e32f6fb6822b5e62758b6ee4db36c24e380513fcf24852aa5745a64e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 09:14:45 GMT

GET
H2 200 dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F Show response
adservice.google.com/ddm/fls/i/ Frame 1319 497 B
654 B 67ms
45ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Requested by

Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/activityi;dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6455eb833aa21648135bd5fe49e7e500aaff6f02c3b3b4dc29a4bbb5a964cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11015163.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 279
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 09:14:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/0161018f-3501-4ccf-a444-683762db966c/ 26 KB
7 KB 20ms
20ms Fetch
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/6b44bc0e-7a40-48d1-94d0-68b075dfcb06/0161018f-3501-4ccf-a444-683762db966c/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

938d3e71eb31457bd1bfebe41ae14b5090d3295c9753e929084443815519551d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: FZEsog9SZvyWLyMRgF2BDQ==
age: 46709
x-ms-lease-status: unlocked
last-modified: Fri, 23 Dec 2022 00:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: da78b6bc-f01e-005b-4067-470176000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c409824486335fd-FRA

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/ 13 KB
3 KB 21ms
21ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: /OL7qnwFOarng5AW29V9Pw==
age: 46709
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 01:56:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 89e27845-001e-0084-3b67-474a4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c409824789635fd-FRA
expires: Tue, 09 May 2023 09:14:45 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/ 62 KB
15 KB 23ms
23ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77663496c7f4793551934d6896057e598a9aaf389d67d02e37051ef1d7bdb2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 May 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: WLrkAD3qn/muVrO/sVe24A==
age: 46709
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 01:56:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2364f44a-301e-008f-1867-47b127000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c409824789f35fd-FRA
expires: Tue, 09 May 2023 09:14:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-287C5TXPPL&gtm=45je3530&_p=1859188359&cid=767164190.1683537286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&_s=1&sid=1683537285&sct=1&seg=0&dl=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F&dt=Air%20%7C%20Official%20Website%20%7C%20April%2005%202023&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-287C5TXPPL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mgmstudios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F Show response
11015163.fls.doubleclick.net/ddm/fls/r/ Frame 54BC
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww...
https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A...

3 KB
973 B

46ms
46ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

114957ecf6e57d5ffb2816929574990f65d61387e6051144f7d130d3d8256929

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 948
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 09:14:46 GMT
expires: Mon, 08 May 2023 09:14:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 09:14:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 54BC 70 B
261 B 106ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=dz18eg5&ct=0:vs7rk44&fmt=3
Requested by: Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 54BC 185 KB
67 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11061495236

Requested by

Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6e8f89af4c53ee31cf392d2980d9f8131c7b60c08b34fd952bf1feb839363f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 09:14:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 54BC 185 KB
67 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cb637680f8dd93f6f33c5cba70fdb61e905ed50eaeb5857768299266e39969d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 09:14:46 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 54BC 31 KB
14 KB 66ms
28ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: 11015163.fls.doubleclick.net
URL: https://11015163.fls.doubleclick.net/ddm/fls/r/dc_pre=CM6Hho-x5f4CFQVHGAodRmcGdA;src=11015163;type=mgmyx0;cat=mgmai0;ord=4108490619446;gtm=45He3530;auiddc=507519327.1683537286;u1=Air;~oref=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13611
x-amz-cf-id: xUJ4UHmfRjwsjK2X3RcSsmVACjrEXJJSSq84jv_ESQEJnmT2li-nhA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 54BC 106 KB
28 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 09:14:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bFiuT3nmjGEUQJEDY9hCM//Huwt/wSbLtJk9owuuZQ4uKoRIFa5XHZS8JgH9owpSFEgfCE92hAsYvWYELn+dRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 979894966262812 Show response
connect.facebook.net/signals/config/ Frame 54BC 300 KB
86 KB 135ms
134ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/979894966262812?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8865ba0cfacf7420b3d7b1caad7d5697b0dd38f20f49a19535f75b231f14c04b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 09:14:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9xPM42wK4kBWpXVrwJPWq0N+Y9fgYHM+cw5JP/szYa4GV/fI82GisP8rI53hYDiR0qdzAZXcy+VZ5scad8CNNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/ Frame 54BC 3 KB
1 KB 106ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/?random=1683537286143&cv=11&fst=1683537286143&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&frm=2&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061495236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff56692c9023cb845ea3684bb3cf666092be82dfab6fb316a05ed03f7bfae6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11061495236/ Frame 54BC 3 KB
2 KB 60ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11061495236/?random=1683537286153&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061495236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ae79f1aa4e95ba87c51e7a6c005c774f430cc3e74ca7bb944c99c3e5fc5976ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/ Frame 54BC 3 KB
1 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/?random=1683537286163&cv=11&fst=1683537286163&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&frm=2&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7139d66de4b63bbc039580ff6255729f874bc3a7e3086778d1e2ac97c11222e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11061379584/ Frame 54BC 3 KB
2 KB 41ms
22ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11061379584/?random=1683537286172&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061379584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0589914df81ae1e6a2ce7f358e4514ede87d5c937d4f0f53a078f369a856789a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame DC16 0
201 B 63ms
16ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1cd6bb16-d29c-4ad3-89f9-119359ee72b8&u_scsid=385a335b-1a67-4457-8b44-001a431dd61c&u_sclid=09d5c003-3d1f-4e35-98f1-3630d0828fff

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://11015163.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 08 May 2023 09:14:46 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 1cd6bb16-d29c-4ad3-89f9-119359ee72b8.js Show response
tr.snapchat.com/config/net/ Frame 54BC 144 B
449 B 83ms
35ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/net/1cd6bb16-d29c-4ad3-89f9-119359ee72b8.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

bead585de7b0a9747a9830097ad2261b3e4cb127d7e601738a4cd34fd66ccdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://11015163.fls.doubleclick.net/
Origin: https://11015163.fls.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://11015163.fls.doubleclick.net
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame 54BC 68 B
353 B 69ms
21ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://11015163.fls.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 09:14:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://11015163.fls.doubleclick.net
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2

200

/
www.google.co.uk/pagead/1p-conversion/11061379584/ Frame 54BC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11...
https://www.google.com/pagead/1p-conversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclic...
https://www.google.co.uk/pagead/1p-conversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doublecl...

42 B
455 B

380ms
40ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw3aXVORXNBZ3VOUXBSR1FXM3Exem9YZ1MydFNXdFZVVmNwQzVsMW9CTkRpR0g1NV9LUVFwWjQ&is_vtc=1&ocp_id=hr1YZPyaDKiv9u8Pzqqp6Ag&cid=CAQSKQBygQiDN4o73wwwq2Jgc8-V8gXPN8XSWku0qELKu-PShVuatxwNzygL&random=246624512&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/pagead/1p-conversion/11061379584/?random=1781493203&cv=11&fst=1683537286172&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=i-snCLfulpMYEICEvZop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw3aXVORXNBZ3VOUXBSR1FXM3Exem9YZ1MydFNXdFZVVmNwQzVsMW9CTkRpR0g1NV9LUVFwWjQ&is_vtc=1&ocp_id=hr1YZPyaDKiv9u8Pzqqp6Ag&cid=CAQSKQBygQiDN4o73wwwq2Jgc8-V8gXPN8XSWku0qELKu-PShVuatxwNzygL&random=246624512&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11061495236/ Frame 54BC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11...
https://www.google.com/pagead/1p-conversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclic...
https://www.google.de/pagead/1p-conversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick...

42 B
108 B

23ms
23ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw2V1dxajhlbmozZUVzakZaSy1BRnFZV1l6eW9ydm05NjhZMGVFYlZaaE0yNFNxQ2hNZS1MUTg&is_vtc=1&ocp_id=hr1YZJWZDJjH7_UP3t62gAU&cid=CAQSKQBygQiDPjO9WEphJGW05JxZCn59a3-OevHNaRxsHXFL5f698U2_bpeY&random=3102618376&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11061495236/?random=1690993479&cv=11&fst=1683537286153&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&label=MTDACPTXlpMYEMSLxJop&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=507519327.1683537286&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEx2aW9nWVFsc2pCckxUYnU5MWFFaVVBZGhtRmpwSjNIVE9sUXhfalZ0N2swdG0wdkJmbEN5UjB5a1J3aDBCcUV0WDlTWkc1GldDaEFJOEx2aW9nWVF1N3ZEOUlPczU4UnJFaTBBMlJVTUw2V1dxajhlbmozZUVzakZaSy1BRnFZV1l6eW9ydm05NjhZMGVFYlZaaE0yNFNxQ2hNZS1MUTg&is_vtc=1&ocp_id=hr1YZJWZDJjH7_UP3t62gAU&cid=CAQSKQBygQiDPjO9WEphJGW05JxZCn59a3-OevHNaRxsHXFL5f698U2_bpeY&random=3102618376&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11061379584/ Frame 54BC 42 B
108 B 32ms
21ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11061379584/?random=1683537286163&cv=11&fst=1683536400000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=410130489&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11061379584/ Frame 54BC 42 B
455 B 50ms
24ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11061379584/?random=1683537286163&cv=11&fst=1683536400000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=410130489&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11061495236/ Frame 54BC 42 B
455 B 31ms
20ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11061495236/?random=1683537286143&cv=11&fst=1683536400000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648992717&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11061495236/ Frame 54BC 42 B
108 B 82ms
57ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11061495236/?random=1683537286143&cv=11&fst=1683536400000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&ref=https%3A%2F%2Fadservice.google.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648992717&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 09:14:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onesheet.jpg
dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/ 532 KB
533 KB 12ms
8ms Image
image/jpeg 2600:9000:223e:2e00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/united-artists-releasing/air/images/regions/us/updates/onesheet.jpg
Requested by: Host: www.mgmstudios.com
URL: https://www.mgmstudios.com/air/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69afcfd46f52312ebc959181126ce42bf46504164c2dbf81172227af41c4e13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mgmstudios.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 12:52:54 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Tue, 04 Apr 2023 00:18:32 GMT
server: AmazonS3
age: 678113
x-amz-cf-pop: FRA56-P4
etag: "6ec8b3deef4962fc4ea353b4fc9a0c3c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 544771
x-amz-cf-id: seSBtaD359vkVXV5oslpjrur00HntbHB94TkKy2lxqCrsCOBqHHVUg==

GET
H2 200 /
www.facebook.com/tr/ Frame 54BC 0
185 B 99ms
32ms Image
text/plain 2a03:2880:f128:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=979894966262812&ev=PageView&dl=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1683537286338&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&it=1683537286115&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:181:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 09:14:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 54BC 0
54 B 35ms
34ms Image
text/plain 2a03:2880:f128:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=979894966262812&ev=Microdata&dl=https%3A%2F%2F11015163.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM6Hho-x5f4CFQVHGAodRmcGdA%3Bsrc%3D11015163%3Btype%3Dmgmyx0%3Bcat%3Dmgmai0%3Bord%3D4108490619446%3Bgtm%3D45He3530%3Bauiddc%3D507519327.1683537286%3Bu1%3DAir%3B~oref%3Dhttps%253A%252F%252Fwww.mgmstudios.com%252Fair%252F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1683537287867&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&it=1683537286115&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:181:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11015163.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 09:14:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 11:40:23	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.mgmstudios.com/	1970-01-20 13:48:33	Name: _gcl_au Value: 1.1.507519327.1683537286
.mgmstudios.com/	1970-01-20 11:40:23	Name: _gid Value: GA1.2.124635051.1683537286
.mgmstudios.com/	1970-01-20 11:38:57	Name: _gat_UA-96913497-26 Value: 1
.mgmstudios.com/	1970-01-20 21:14:57	Name: _ga_287C5TXPPL Value: GS1.1.1683537285.1.0.1683537285.0.0.0
.mgmstudios.com/	1970-01-20 21:14:57	Name: _ga Value: GA1.1.767164190.1683537286
.mgmstudios.com/	1970-01-20 20:24:33	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+May+08+2023+09%3A14%3A45+GMT%2B0000+(GMT)&version=6.20.0&hosts=&landingPath=https%3A%2F%2Fwww.mgmstudios.com%2Fair%2F&groups=C0001%3A1%2CC0002%3A0
.doubleclick.net/	1970-01-20 21:00:33	Name: IDE Value: AHWqTUlj6U_EwMGdBsLxYrHG1ycMBC1kelX9fe5nxSbcSnRZDFA9QdwVR1Kz2srw7sk
.snapchat.com/	1970-01-20 21:00:33	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRUAIAQFwIm8V6kf4xCmMHx3L26Gwsk0hfYJI4eAOCtyYBtqdU8IH75L0OMDthVeJDIAAAA=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11015163.fls.doubleclick.net
adservice.google.com
adservice.google.de
airmovieofficial.com
connect.facebook.net
cookie-cdn.cookiepro.com
dx35vtwkllhj9.cloudfront.net
geolocation.onetrust.com
googleads.g.doubleclick.net
insight.adsrvr.org
p.typekit.net
production-cmp.isgprivacy.cbsi.com
region1.google-analytics.com
sc-static.net
showtimes-v2.s-prod.pow.io
stdata.powster.com
tr.snapchat.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mgmstudios.com
13.224.189.77
142.250.184.226
143.204.207.250
172.217.16.134
2001:4860:4802:34::36
204.74.99.103
2600:9000:223e:2e00:1:5424:4140:21
2600:9000:2250:9000:1d:e587:7e40:93a1
2606:4700:4400::6812:2b9e
2606:4700:4400::ac40:936c
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a02:26f0:3500:16::215:1495
2a02:26f0:480:f::213:7ec6
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f128:181:face:b00c:0:25de
2a04:4e42:8d::444
34.246.14.9
35.190.43.134
52.223.40.198
0589914df81ae1e6a2ce7f358e4514ede87d5c937d4f0f53a078f369a856789a
114957ecf6e57d5ffb2816929574990f65d61387e6051144f7d130d3d8256929
14e9860df1af6a6f34231597515d818cc61c777c6222e5427c084f6e3791224a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
2f27ae8b199b6d386d81a3e0668b56d154ec8c989e5f44367aa631a9ab9b5c8e
31d61cf66e31319ad033b9a5cfde5949c045a7a8c640f4c47aeeb6f65c5d6196
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8
334f3548597442eb5b4998bdd4050c2351af0b07b20b388f02076aace07004fd
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3728a8ac3bee620b834556e9ee2e8e7a3b2768ccdd38a940d5b224f9923e2a5c
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9
3cb637680f8dd93f6f33c5cba70fdb61e905ed50eaeb5857768299266e39969d
3e436a78f4a86b064bb82cfbadeefc9364bd05f03eb9fc3c2b0a1076d2e08628
51a90a10263bb33a19bf90e1fdcb04fad609d6e0ae0201df14a7fb95136f0cf5
5b976aad58a68680311e04cd0ba022f429cf5dbdd8a9029c3ada7f3d56fd6bd9
610c5a59da900120a0d5f44bd9513aba3f3d5b06ad873bcc982b311660089bea
69afcfd46f52312ebc959181126ce42bf46504164c2dbf81172227af41c4e13f
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346
72389987d6aca47b8ac611d818c4d1c9f323e6ce4256f17c5e68f01047715682
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
74de515bc27ffc3c8ad13ac202628cfe11cd70f281a21f2003564a51554c48ee
77663496c7f4793551934d6896057e598a9aaf389d67d02e37051ef1d7bdb2f0
777d1f3711873837f55a81b5d9b0d0e03de0c64b9da0677f3e991f6c47d4a603
78e4874ef0b3c56a3cb9de96287f6b78cbde6b3f3d28d23c59b6e9a61e85894e
7cb1287b8e451c0195f99b27aeac5480fc53bd8d72048d7ea06d34c6cdeba403
84df16258e6804ad523a4a43c3c20e24c73353f664027bd12babb2f0638d4b29
87f9a4fb9b0a473b0e396d76bd00c0a21a5dff566bd71a3ff7386d096a111caf
8865ba0cfacf7420b3d7b1caad7d5697b0dd38f20f49a19535f75b231f14c04b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
938d3e71eb31457bd1bfebe41ae14b5090d3295c9753e929084443815519551d
9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c
a5aed3453fec826274024742aae2b6b0a6637a8280136f7c9bdd00558a6b1351
a92f7611c81829c264d3a335108120d98790bec4181ac939d21b693d6765c15e
aa3e7bbe6cf5507d9b359e41ec1509016e9b292946cfa3bb7f8d928249674032
ad6c004c443d6c1ac8a66e25a5973b3d49fddcb31dc4574c6504e8f1df66aaeb
ae79f1aa4e95ba87c51e7a6c005c774f430cc3e74ca7bb944c99c3e5fc5976ac
b6e8f89af4c53ee31cf392d2980d9f8131c7b60c08b34fd952bf1feb839363f1
b7139d66de4b63bbc039580ff6255729f874bc3a7e3086778d1e2ac97c11222e
b72a9d1c86fd5e49744cfc8fbe96990bb969d345fdb1645713d6398e5b9c98dd
b966b01496c4d845527762ec0d5d75682019d06e2b4b6df6a4f4c6d866b84172
bb78c89cc84d7525c00d50ee9f44e9b0a7612f3e1b0611e2717b5defeb4dbace
bead585de7b0a9747a9830097ad2261b3e4cb127d7e601738a4cd34fd66ccdf8
bf26f4e32f6fb6822b5e62758b6ee4db36c24e380513fcf24852aa5745a64e13
c9a68c165a795864ef97b9a079de99a3470474a8206847f433e1c405f45f6913
cd80bd802cad3d43d153c231fa4e5292ea2352cd8db4bfeae13b6cb3a5bb4854
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d8eae35942fd0ef336f6ea59263b6d91db712f753d60f7c9d45128c74171dc52
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7d888e786516becd4d42b22927dc98708aa795dbcafacaad108cfbe6e5a6fc9
ef0a91f5f7261184c625acf9e558f556a57fa6228225badb44396025f9badb99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6455eb833aa21648135bd5fe49e7e500aaff6f02c3b3b4dc29a4bbb5a964cd4
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
ff56692c9023cb845ea3684bb3cf666092be82dfab6fb316a05ed03f7bfae6c3

www.mgmstudios.com Open in urlscan Pro 2600:9000:2250:9000:1d:e587:7e40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

97 %HTTPS

68 %IPv6

21 Domains

26 Subdomains

24 IPs

4 Countries

1984 kBTransfer

3762 kBSize

9 Cookies

20 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mgmstudios.com Open in urlscan Pro
2600:9000:2250:9000:1d:e587:7e40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

97 %
HTTPS

68 %
IPv6

21
Domains

26
Subdomains

24
IPs

4
Countries

1984 kB
Transfer

3762 kB
Size

9
Cookies

66 HTTP transactions
1 data transactions