www.amctheatres.com Open in urlscan Pro
169.224.240.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://amc.film/3LKKnJE
Effective URL:
https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Submission: On May 11 via manual (May 11th 2023, 1:58:04 pm UTC) from RO — Scanned from DE

Summary HTTP 123 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 25 domains to perform 123 HTTP transactions. The main IP is 169.224.240.210, located in Holden, United States and belongs to AMCINET, US. The main domain is www.amctheatres.com. The Cisco Umbrella rank of the primary domain is 82622.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 27th 2023. Valid for: a year.

This is the only time www.amctheatres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 10	169.224.240.210 169.224.240.210	14509 (AMCINET) (AMCINET)
1	2600:9000:211... 2600:9000:211e:b000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a04:4e42:400... 2a04:4e42:400::393	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:c518	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
4	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 5	2600:9000:225... 2600:9000:225e:4c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:6c94:5904:71bc:8e95	16509 (AMAZON-02) (AMAZON-02)
11	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	3.88.238.34 3.88.238.34	14618 (AMAZON-AES) (AMAZON-AES)
12	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
123	33

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

amc.film	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 169.224.240.210 (Holden, United States) 1 redirects

ASN14509 (AMCINET, US)

www.amctheatres.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)

amc-theatres-res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8666708.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c518 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:4c00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:6c94:5904:71bc:8e95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.88.238.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-238-34.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 449	40 KB
11	rokt.com apps.rokt.com — Cisco Umbrella Rank: 8643	252 KB
10	amctheatres.com 1 redirects www.amctheatres.com — Cisco Umbrella Rank: 82622	1 MB
9	doubleclick.net 1 redirects 8666708.fls.doubleclick.net — Cisco Umbrella Rank: 137289 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 91	9 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4217	2 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	513 KB
7	google.de adservice.google.de — Cisco Umbrella Rank: 7680 www.google.de — Cisco Umbrella Rank: 5171	1 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	385 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2709 d.adroll.com — Cisco Umbrella Rank: 1308	25 KB
6	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1359 events.launchdarkly.com — Cisco Umbrella Rank: 1072	866 B
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	335 B
6	cloudinary.com amc-theatres-res.cloudinary.com — Cisco Umbrella Rank: 65090	256 KB
5	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 266	2 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 720	100 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 927	957 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	202 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1509	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1533 insight.adsrvr.org — Cisco Umbrella Rank: 571	3 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1026	14 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1019	46 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3856	750 B
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 5645	60 KB
1	amc.film 1 redirects amc.film	284 B
123	25

	Domain	Requested by
12	js-agent.newrelic.com	cmp.osano.com
11	apps.rokt.com	cmp.osano.com apps.rokt.com
10	www.amctheatres.com	1 redirects www.amctheatres.com cmp.osano.com
8	www.googletagmanager.com	cmp.osano.com
6	www.google.de	www.amctheatres.com
6	www.facebook.com	www.amctheatres.com
6	amc-theatres-res.cloudinary.com	www.amctheatres.com amc-theatres-res.cloudinary.com
5	bam.nr-data.net	cmp.osano.com www.amctheatres.com
5	s.adroll.com	1 redirects cmp.osano.com www.amctheatres.com
5	www.google.com	www.amctheatres.com
5	googleads.g.doubleclick.net	cmp.osano.com
4	events.launchdarkly.com	www.amctheatres.com
4	www.gstatic.com	cmp.osano.com www.recaptcha.net www.gstatic.com
4	analytics.tiktok.com	cmp.osano.com analytics.tiktok.com
3	tr.snapchat.com	cmp.osano.com www.amctheatres.com
3	bat.bing.com	cmp.osano.com www.amctheatres.com
3	connect.facebook.net	cmp.osano.com
3	www.recaptcha.net	www.amctheatres.com cmp.osano.com www.recaptcha.net
2	fonts.gstatic.com	www.recaptcha.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.amctheatres.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	cmp.osano.com www.amctheatres.com
2	app.launchdarkly.com	www.amctheatres.com
2	8666708.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	insight.adsrvr.org	cmp.osano.com
1	sc-static.net	cmp.osano.com
1	www.googleoptimize.com	cmp.osano.com
1	d.adroll.com	cmp.osano.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	8666708.fls.doubleclick.net
1	js.adsrvr.org	cmp.osano.com
1	siteimproveanalytics.com	cmp.osano.com
1	cmp.osano.com	www.amctheatres.com
1	amc.film	1 redirects
123	34

This site contains no links.

Subject Issuer	Validity	Valid
www.amctheatres.com Entrust Certification Authority - L1K	`2023-03-27` - `2024-04-04`	a year	crt.sh
cmp.osano.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-30`	7 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-17` - `2023-05-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2023-05-05` - `2023-08-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-07` - `2023-12-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
events.launchdarkly.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-16`	7 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Frame ID: B43C5434A03F5A07B6717DAC7AD7F56A
Requests: 100 HTTP requests in this frame

Frame: https://8666708.fls.doubleclick.net/activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation
Frame ID: 6FE2617C290FDA0A6063AA94E7BF1C14
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation
Frame ID: 9FC00B21346735FFB38DDCAD3C007F28
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation
Frame ID: 98B25A854CBF146E30A31A8C4C305942
Requests: 1 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/controller/index.html
Frame ID: 8900FD56A152958E70BAE58A08DAEFA1
Requests: 6 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Frame ID: 6F04C4BAE018448D57D5B040E0743567
Requests: 2 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/widget/index.html
Frame ID: AB33F2CA10E7BB1EA2760B709BFF28BC
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e8ea4bf9-c0bc-49b3-a49c-b6475677ce44&u_scsid=14f37c94-b50f-451e-a136-1c78d0da4ff8&u_sclid=2bba2fd0-eb2f-4528-b434-076a285f3e97
Frame ID: 78A4D1F49F8E5B468719F20B7642185D
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfIALUUAAAAANFDCluzb-m1FLbBKkQwvsYbglIS&co=aHR0cHM6Ly93d3cuYW1jdGhlYXRyZXMuY29tOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=gv8dindloy64
Frame ID: 900CEA20A962A54ACCFFB4A90D99F89F
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=n9g6rfp&ref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&upid=gp2upt5&upv=1.1.0
Frame ID: 1CB36DA9278269ED1A300366E9879B3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://amc.film/3LKKnJE HTTP 301
https://www.amctheatres.com/order/confirmation/a6a5f894-78c2-46b4-9694-8c0beee31fe7 HTTP 301
https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

123
Requests

98 %
HTTPS

64 %
IPv6

25
Domains

34
Subdomains

33
IPs

4
Countries

3461 kB
Transfer

10033 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://amc.film/3LKKnJE HTTP 301
https://www.amctheatres.com/order/confirmation/a6a5f894-78c2-46b4-9694-8c0beee31fe7 HTTP 301
https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://8666708.fls.doubleclick.net/activityi;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation HTTP 302
https://8666708.fls.doubleclick.net/activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation

Request Chain 58

https://s.adroll.com/j/pre/CV77WC2OENGF5J3JPC3ZXW/RUHEGRL6TVGN3OZ3D24MKD/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

123 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request confirmation Show response
www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/
Redirect Chain

https://amc.film/3LKKnJE
https://www.amctheatres.com/order/confirmation/a6a5f894-78c2-46b4-9694-8c0beee31fe7
https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

266 KB
88 KB

870ms
870ms

Document
text/html

169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

31d922063db9142a028b947422c8426b7ef6f9bb566c70e119032a9f8b5a54d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 11 May 2023 13:57:47 GMT
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

Redirect headers

Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Thu, 11 May 2023 13:57:46 GMT
Keep-Alive: timeout=5
Location: /orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept, Accept-Encoding

GET
H2 200 osano.js Show response
cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/ 233 KB
60 KB 47ms
11ms Script
application/javascript 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ef4be2120d94c2f7f39f3c2e8f6f0740ab7f8bae8e8ef8c1607c88f473419308

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 04:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 32549
x-cache: Hit from cloudfront
content-length: 60382
x-xss-protection: mode=block
last-modified: Mon, 01 May 2023 15:33:49 GMT
server: CloudFront
etag: "b6003994169280424b1e9703a3c5e1e2"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: QFDBJXUwoaAE3PoDf8vEsDxHOOF0mvR2VEj-TJyuTCRqhqr3Aul_jQ==

GET
H2 200 main-0c80870f.css
amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/ 155 KB
20 KB 67ms
15ms Stylesheet
text/css 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

879e18ee127bfba480380135ce9dfa747c60041a6b657795256e7312331b658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Wed, 03 May 2023 18:45:52 GMT
server: Cloudinary
etag: W/"f1b6bca3a0db685f2c3bbce1049407b0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: cld-fastly;mitm=p;dur=2;cpu=1;start=2023-05-11T13:57:48.153Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 20421

GET
H2 200 content-1fbb5635.css
amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/ 353 KB
54 KB 60ms
8ms Stylesheet
text/css 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/content-1fbb5635.css

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d6ad932d55e5b17362c997effc9ec878e5dd1af665ad154a6450c1465a5cbef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Mon, 08 May 2023 17:09:25 GMT
server: Cloudinary
etag: W/"84e6f34bc3c68fbb5752d1fc566a783d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: cld-fastly;mitm=p;dur=2;cpu=1;start=2023-05-11T13:57:48.153Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 54775

GET
H2 200 background-images-a1546ab8.css
amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/ 30 KB
2 KB 59ms
7ms Stylesheet
text/css 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/background-images-a1546ab8.css

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9121aa2faef56819b96bd007af1bac0bc378361ee657675748846e114eea29e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
content-encoding: br
strict-transport-security: max-age=604800
last-modified: Wed, 03 May 2023 18:45:51 GMT
server: Cloudinary
etag: W/"f6ea6062c8fac39e13576143a31ff18b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: cld-fastly;mitm=p;dur=1;start=2023-05-11T13:57:48.153Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 1640

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 887 B
913 B 212ms
75ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LfIALUUAAAAANFDCluzb-m1FLbBKkQwvsYbglIS

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29d735d701c84fe13dad45ff2a649e6334a774d4ea629954509bf8e0cd0ebccb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 591
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 13:57:48 GMT

GET
BLOB 200
OK d799bd24-0e87-4555-aaae-0a87f4b521f0
https://www.amctheatres.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.amctheatres.com/d799bd24-0e87-4555-aaae-0a87f4b521f0
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 615 KB
129 KB 605ms
123ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52MRS6

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6cccd3d95d9d818550d0a5daf92992e48e08d23a9c3323b01d4ffb712c3c8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131615
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:48 GMT

GET
H2 200 hinted-Gordita-Bold.woff2
amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/general/fonts/ 60 KB
61 KB 32ms
7ms Font
application/octet-stream 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/general/fonts/hinted-Gordita-Bold.woff2

Requested by

Host: amc-theatres-res.cloudinary.com
URL: https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8eba13250ced9d66f3cf7e68f2cd38683c8245366d5d2f29dc85fc5c56b2b884

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
strict-transport-security: max-age=604800
last-modified: Wed, 30 Jan 2019 16:27:11 GMT
server: Cloudinary
etag: "e39d7b56b4a217b425958f12e27a5e5a"
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=31557600
content-disposition: attachment; filename="hinted-Gordita-Bold.woff2"
server-timing: cld-fastly;mitm=p;dur=1;start=2023-05-11T13:57:48.298Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 61628

GET
H2 200 hinted-Gordita-Regular.woff2
amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/general/fonts/ 58 KB
58 KB 39ms
15ms Font
application/octet-stream 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/general/fonts/hinted-Gordita-Regular.woff2

Requested by

Host: amc-theatres-res.cloudinary.com
URL: https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f4b2c7e08609d901507ed5eeda16478646a9307c5dd383782d7f5e97360a1c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:48 GMT
strict-transport-security: max-age=604800
last-modified: Wed, 30 Jan 2019 16:27:13 GMT
server: Cloudinary
etag: "39a22090208f4bec9cbd22b0cd01274b"
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=31557600
content-disposition: attachment; filename="hinted-Gordita-Regular.woff2"
server-timing: cld-fastly;mitm=p;dur=1;start=2023-05-11T13:57:48.299Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 59512

GET
H/1.1 200
OK client.982a85622cc35f42aa7c.js Show response
www.amctheatres.com/js/ 2 MB
751 KB 129ms
129ms Script
application/javascript 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/js/client.982a85622cc35f42aa7c.js

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

80f8f7c9cd4aaff4cd93c522df699cff99f78464f7f7da028a6495550553ffd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 13:57:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 23:39:46 GMT
ETag: "0cddcb39883d91:0"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 52ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 May 2023 13:57:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yxY++o7rX+FLDBDIpBfpkCCYpninC7gjw2bTogU2ei+C8AjphWoYJviCk+poJk7o1pzb1I3dqhUG4iQgMcITvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 62ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 11 May 2023 13:57:48 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D69D63EEC0C547A581CA73D6F297D432 Ref B: FRAEDGE1911 Ref C: 2023-05-11T13:57:49Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H2

200

activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa... Show response
8666708.fls.doubleclick.net/ Frame 6FE2
Redirect Chain

https://8666708.fls.doubleclick.net/activityi;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2...
https://8666708.fls.doubleclick.net/activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2...

552 B
482 B

93ms
92ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8666708.fls.doubleclick.net/activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52MRS6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

980b8d4e4fa77f6e40c3f9f53a3e8e4f08bfc21f9edb5f70f3d06ee969b9d7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 13:57:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 13:57:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8666708.fls.doubleclick.net/activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 siteanalyze_81956.js Show response
siteimproveanalytics.com/js/ 48 B
750 B 61ms
21ms Script
application/javascript 2606:4700:e6::ac40:c518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_81956.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b143f4ce1988a0401c45043ac5a3d3f78c330e53b4b37cf5253e3095698272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2FB9R8R8QKVSX71
age: 5953
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66
x-amz-id-2: DNPtz/8QTao7Pb+EsNv1B/ZOECQKzAkLBBO3xt6vJ0HpdZr+7OLmEKEMtvlic89OT7MZiVNBwbo=
last-modified: Wed, 01 Mar 2023 23:14:35 GMT
server: cloudflare
etag: "0b391b463bc9120097e45239ca52884d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bjhp%2B1hapU%2BTsosOwopPTEBPmNkwXTecpuie4mJ%2B2gpNTdKBr0Pj9HB%2Fz0YaAQ%2FLvyrZtPavLcD0B7J9X4Kpkn6y8lSFrkkPf1Zw9UDYHtrCfXN5T%2BXhWo%2B9Uq9YDc05I7aR4agLeZsZ9nN9fLzo5Tva7BZe0gU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 7c5aeee70b741c2e-FRA

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 32ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 23:05:28 GMT
Content-Encoding: gzip
Via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 53542
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: hSb0QMohTis4VH8uiHAgSMFMJmf31ou5BM2mPJS-6AQ8k9blFWAPqw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-3412416

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7ef136acbf69acef5c4df2b6b01db804b2d77ab048aeda2577ad0e8456a8fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48114
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 180ms
107ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6SA33S8D8G7TBKFJLEG&lib=ttq
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2b05ae77e7d45fc80fe9ba58ee4ab3a99e335f95b41085ce1c7fcd8586b55149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id: 2262e4e1.9f3f07c
date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 98,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=13, inner; dur=3
content-length: 1165
pragma: no-cache
server: nginx
x-tt-logid: 20230511135749ABA53C28A5409B7482C9
x-cache-remote: TCP_MISS from a23-38-170-77.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.38.170.77
x-tt-trace-host: 0182666b72bd0f36c7404233a29f25a7931fc5174225251204abf35582f4af96e3103dd8218c7ea635bdabf81ed919652ae7ce9e3269daabe182b3c22bd3173cb378081fcd20d439be8902c8c5cd0b3e4b9493798fb98f069253abc45be22ddae4360d0e91ec6b3a51a87f8333f0a79b65
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 330379397113505 Show response
connect.facebook.net/signals/config/ 304 KB
88 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/330379397113505?v=2.9.104&r=stable

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fec1ca50c9e255301653171bf3ce1fe405cd3fb5dcf0ba8f84702a351357aaa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 May 2023 13:57:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90418
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: BDmdJe4vYFNeY71Qw8R+xzJPQuDvIPuKYTexqAT0aW9KWYJBYegTdCyuzBnGi5dPOJ5FSfaQT1t4t0X2W+S9pw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 36000196.js Show response
bat.bing.com/p/action/ 0
118 B 106ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/36000196.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 11 May 2023 13:57:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA0C9E50C1FB4854ADCA3960F8FBF942 Ref B: FRAEDGE1911 Ref C: 2023-05-11T13:57:49Z
x-cache: CONFIG_NOCACHE

GET
H3 200 257929328309833 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/257929328309833?v=2.9.104&r=stable

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efa1674e3b7214b2ac161b11a839fb3a04561a309e00a6208beb78e950b36b4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 May 2023 13:57:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88005
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MntDrc/FoO9a6bXunBUXG40fP21m3WGw9EbmqUcm57kIEO2drMIvkO2wZDyELD/ZfrhMN3olJJH0jrU628UZig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), gyroscope=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MWI2MzlmMWJmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 9ms
9ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id: 9f3f15c
date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131223FB3F7EA6BC8A285A294
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01cde3c65902b9dc52b71594c21402452799be38adb2b256308f59dce3c5149d23b9875fb56a32abad89399de11abeac104dbe009dc13a604dc36cae0aa9f7b5a000b738ba675287f4cafe57a34df77282604fd75bef22c85f9436d99a8ba454eb
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 67736

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-672287139

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3425f45fba0c6d74f413a27c2e7b1a4a489922a97c6675904b010cfbfb1f6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53062
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 13ms
13ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id: 9f3f1af
date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131220E893B1733349687FBCC
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01cde3c65902b9dc52b71594c21402452799be38adb2b256308f59dce3c5149d23829c480a32331e616593bdda6f5907e4c5a542a837a636fd319ec31f73a560aeaa5716b25a0b925a23ae33433c11f1f8c7a53552915d72d44fc64e133c25576b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 30676

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 140ms
140ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 31c843ed.9f3f1fe
date: Thu, 11 May 2023 13:57:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 127,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=38, inner; dur=23
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202305111357493544B6499342C1FE4572
x-cache-remote: TCP_MISS from a23-38-170-36.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.38.170.36
x-tt-trace-host: 0182666b72bd0f36c7404233a29f25a7931fc5174225251204abf35582f4af96e3e1aced79cffd8758c10fccb5d4f789a59a5675b9e1c002685762327ffd00d15672527ea720ddbc3cdeabb40a346463534d50f86881e44ba749c1c71fe6e40507159dd28d8fc561e0a6056b896538d807
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 53ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257929328309833&ev=AMCConfirmation&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&rl=&if=false&ts=1683813469550&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683813469548.906699407&it=1683813469297&coo=false&tm=2&rqm=GET

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 13:57:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 53ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=330379397113505&ev=AMCConfirmation&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&rl=&if=false&ts=1683813469552&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683813469548.906699407&it=1683813469297&coo=false&tm=2&rqm=GET

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 13:57:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78... Show response
adservice.google.com/ddm/fls/i/ Frame 9FC0 551 B
684 B 212ms
96ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation

Requested by

Host: 8666708.fls.doubleclick.net
URL: https://8666708.fls.doubleclick.net/activityi;dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b636230ddd9db5132c305b893bb882d15d933a8c41d3c44eb1924b8734199a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8666708.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 13:57:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 122ms
122ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-445192701

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c9364735b82f0a12a58721fad5013d264ee93ceda2c5a013e2ff793b6396ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53076
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78... Show response
adservice.google.de/ddm/fls/i/ Frame 98B2 194 B
305 B 123ms
92ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COvQ2f217f4CFcSFsgod-AIKxw;src=8666708;type=landi0;cat=amc-a0;ord=1;num=6016674965032;gtm=45He3580;auiddc=1224766496.1683813469;~oref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 13:57:49 GMT
expires: Thu, 11 May 2023 13:57:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8666708&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0e51f61863f8a4a28f49a24062a8c486a08e26a0c7bd72c107da9c18d9a4aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48122
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/672287139/ 3 KB
1 KB 299ms
184ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/672287139/?random=1683813469820&cv=11&fst=1683813469820&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&hn=www.googleadservices.com&frm=0&us_privacy=1---&auid=1224766496.1683813469&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bcc96e8314bd536c6c5f240b7768ae96d179382dc66121937e80c4780d588b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/445192701/ 3 KB
2 KB 226ms
123ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/445192701/?random=1683813469833&cv=11&fst=1683813469833&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&hn=www.googleadservices.com&frm=0&us_privacy=1---&auid=1224766496.1683813469&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58804d4c2f39539997acf44707a5d39f141cbf1a5d9c1b7eae5fbd40bad13818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1218
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 88ms
88ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-693792145&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

647a935d53e8b6338f9e0c6170cba4294966d57e68d260ab03b74ee065460175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53024
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-726894554&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37a80b6aab66ade466cef72f0a4815fb68dafd938f993a9cf487aeef7b523aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52971
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726894554/ 3 KB
1 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726894554/?random=1683813469958&cv=11&fst=1683813469958&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&hn=www.googleadservices.com&frm=0&us_privacy=1---&auid=1224766496.1683813469&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aae36de602475c08314486b3126c9ab2239c39da76dcfc35b1f93df2b96fac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693792145/ 3 KB
1 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693792145/?random=1683813470054&cv=11&fst=1683813470054&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&hn=www.googleadservices.com&frm=0&us_privacy=1---&auid=1224766496.1683813469&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de6768caa2b0f061042dd5a64c6750d78351d630147b79206a61f99aa1b6602d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 5beee8f45b18c34b8b0e00bf
app.launchdarkly.com/sdk/goals/ Frame 0
0 31ms
8ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5beee8f45b18c34b8b0e00bf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://www.amctheatres.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 11 May 2023 13:57:50 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230073-FRA
x-timer: S1683813470.224956,VS0,VE1

GET
H2 200 5beee8f45b18c34b8b0e00bf Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 10ms
10ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5beee8f45b18c34b8b0e00bf

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:50 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230073-FRA
x-timer: S1683813470.233034,VS0,VE2
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK log Show response
www.amctheatres.com/api/ 0
390 B 127ms
126ms XHR
text/plain 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/api/log

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept: application/json
X-NewRelic-ID: UAEPUVRbGwAAV1hXBgUB
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
x-amc-request-id: 9e1f875f-fe45-4292-b1aa-9723a737beee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 11 May 2023 13:57:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Keep-Alive: timeout=5
Content-Length: 0

POST
H/1.1 200
OK log Show response
www.amctheatres.com/api/ 0
390 B 256ms
128ms XHR
text/plain 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/api/log

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept: application/json
X-NewRelic-ID: UAEPUVRbGwAAV1hXBgUB
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
x-amc-request-id: 9e1f875f-fe45-4292-b1aa-9723a737beee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 11 May 2023 13:57:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK common.0ce8d90a65e1af8d38f3.js Show response
www.amctheatres.com/js/ 750 KB
271 KB 617ms
371ms Script
application/javascript 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/js/common.0ce8d90a65e1af8d38f3.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

22c5dc18cb514067e0da1081cb5953f563c75bc4f88919bd53296bd3b8cd7e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 13:57:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 23:39:46 GMT
ETag: "0cddcb39883d91:0"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes

GET
H/1.1 200
OK checkout.8047e5222ae9201d529a.js Show response
www.amctheatres.com/js/ 111 KB
45 KB 618ms
371ms Script
application/javascript 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/js/checkout.8047e5222ae9201d529a.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

3a4c06550a5639c4154ae1d5fa2fa4deb7dae62a1c945e3f637921e73c414e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 13:57:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 23:39:46 GMT
ETag: "0cddcb39883d91:0"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes

GET
H/1.1 200
OK core.ea1be62d806e1471b5e7.js Show response
www.amctheatres.com/js/ 144 KB
47 KB 617ms
370ms Script
application/javascript 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/js/core.ea1be62d806e1471b5e7.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

3c8d80140eecbd2890d62c0dfe153e954ab024604fceced8973642ad653c7899

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 13:57:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 23:39:46 GMT
ETag: "0cddcb39883d91:0"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes

GET
H/1.1 200
OK icons.data.svg.css
www.amctheatres.com/static/icons/_generated/ 676 KB
285 KB 626ms
390ms Stylesheet
text/css 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/static/icons/_generated/icons.data.svg.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

555dc4eb41f81c5e4341503ea8ddcd5887c6cfe99816aeeca19d3a41f8514702

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 13:57:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 23:35:52 GMT
ETag: "03c63289883d91:0"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Accept-Ranges: bytes

GET
H2 200 /
www.google.com/pagead/1p-user-list/445192701/ 42 B
108 B 175ms
64ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/445192701/?random=1683813469833&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1033389494&rmt_tld=0&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/445192701/ 42 B
108 B 292ms
116ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/445192701/?random=1683813469833&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1033389494&rmt_tld=1&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/726894554/ 42 B
108 B 176ms
65ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726894554/?random=1683813469958&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=88008298&rmt_tld=0&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/726894554/ 42 B
108 B 291ms
116ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726894554/?random=1683813469958&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=88008298&rmt_tld=1&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/672287139/ 42 B
455 B 173ms
63ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/672287139/?random=1683813469820&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1862723520&rmt_tld=0&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/672287139/ 42 B
455 B 240ms
65ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/672287139/?random=1683813469820&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1862723520&rmt_tld=1&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693792145/ 42 B
108 B 62ms
61ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693792145/?random=1683813470054&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2911808916&rmt_tld=0&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693792145/ 42 B
108 B 118ms
117ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693792145/?random=1683813470054&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45be3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2911808916&rmt_tld=1&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 55ms
8ms Script
text/javascript 2600:9000:225e:4c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226c9a2c80c75e3c5d7d197c484adb7d63e6ea36270af348bc223be73e8cd059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Amz-Version-Id: 7FBoqqSL1b96.AgPH.JEYo4TSgYS0kb0
Content-Encoding: gzip
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Date: Thu, 11 May 2023 13:41:17 GMT
Age: 993
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 09 May 2023 21:27:29 GMT
Server: AmazonS3
Etag: W/"7866810a321f41ea101e7bcfaa572323"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: MD7y8I3SEYcieiGPeBe6LcRy2Q7XXE40xniqMxixmF-bFXvUxNFiKw==

GET
H2 204 0
bat.bing.com/action/ 0
285 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=36000196&tm=gtm002&Ver=2&mid=12967b61-25e0-4954-b93a-3315d2af7aae&sid=d1217c90f00311eda3bc53e7e97e8191&vid=d121b500f00311eda9036b74b7aa0edd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&r=&lt=3938&evt=pageLoad&sv=1&rn=967830

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 13:57:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40159E1BA6AC423E82A264C30823151A Ref B: FRAEDGE1911 Ref C: 2023-05-11T13:57:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257929328309833&ev=PageView&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&rl=&if=false&ts=1683813470453&cd[movieref]=undefined&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683813469548.906699407&it=1683813469297&coo=false&tm=1&rqm=GET

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 13:57:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=330379397113505&ev=PageView&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&rl=&if=false&ts=1683813470454&cd[movieref]=undefined&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683813469548.906699407&it=1683813469297&coo=false&tm=1&rqm=GET

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 13:57:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/CV77WC2OENGF5J3JPC3ZXW/ 38 B
795 B 8ms
8ms Script
application/javascript 2600:9000:225e:4c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/CV77WC2OENGF5J3JPC3ZXW/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ec3e94f9a7f0cbd8092c50637f6f9a116c573ea561c1f9d727062a0164e970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Amz-Version-Id: t6IVxqz44QRYVfntdHHWxrERStzcUrun
Date: Thu, 11 May 2023 03:29:42 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 37882
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 38
Last-Modified: Tue, 21 Mar 2023 16:33:43 GMT
Server: AmazonS3
Etag: "8a2734b7455ed1864633e7178494d36f"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: LnBB_xNG6nglVz1q3quvKPkagESthUFreFoypGWTiRrw71h4Xo4I4w==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/CV77WC2OENGF5J3JPC3ZXW/RUHEGRL6TVGN3OZ3D24MKD/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

8ms
8ms

Script
application/javascript

2600:9000:225e:4c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: HTTP/1.1
Server: 2600:9000:225e:4c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Thu, 11 May 2023 05:51:30 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 29181
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _LF0vIJEX1l2E6BkN3M_EHj2-fC8fgRkjj8pGrq87HuOUWPJmlivlA==

Redirect headers

Date: Thu, 11 May 2023 09:43:36 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age: 15254
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZH3clDdchy-a4MGsDanh5yTiSl2QkhnGUj8tkXw2mx0LT7Pan6VqHA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/CV77WC2OENGF5J3JPC3ZXW/RUHEGRL6TVGN3OZ3D24MKD/ 0
809 B 15ms
8ms Script
text/javascript 2600:9000:225e:4c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/CV77WC2OENGF5J3JPC3ZXW/RUHEGRL6TVGN3OZ3D24MKD/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Amz-Version-Id: jeunwkfH9ahUyMwfGbiXHfKkz_Ciettq
Date: Thu, 11 May 2023 13:16:04 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 2507
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Tue, 09 May 2023 11:53:30 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 6OsWF_I9LiOt7-bIvSKsKlzwkzgholR0-dTYmYU8O_rcZ-9zklHNnA==

GET
H2 200 CV77WC2OENGF5J3JPC3ZXW Show response
d.adroll.com/consent/check/ 463 B
556 B 94ms
28ms Script
application/javascript 2a05:d018:cc3:fe04:6c94:5904:71bc:8e95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/CV77WC2OENGF5J3JPC3ZXW?pv=42931677540.213455&arrfrr=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&_s=bf965e0daca6441c118aa35713372f89&_b=2
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:6c94:5904:71bc:8e95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: a59871002f25c1d72ec8f34ffc314c2742e3334bca061bf43e3f780b5a89ff05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:50 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257929328309833&ev=Microdata&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&rl=&if=false&ts=1683813471222&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.1.1683813469548.906699407&it=1683813469297&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 13:57:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=330379397113505&ev=Microdata&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&rl=&if=false&ts=1683813471224&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.1.1683813469548.906699407&it=1683813469297&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 13:57:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
DATA 200
OK truncated
/ 466 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88cc3833195c5bf0fbd47d4be2ad9d62ddf76644a8639a347e49421f93993cec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 snippet.js Show response
apps.rokt.com/wsdk/integrations/ 72 KB
18 KB 63ms
8ms Script
application/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/snippet.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d8363e6e12032c6ed02cd97c00e8d95890f29b6caee993200f44ca0945fbf928

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: JM89D51VMR943W24
x-amz-server-side-encryption: AES256
content-length: 17277
x-amz-id-2: 022tujNFNgHM1tmSb/MWK8+LAPVxXiDJ5JRUWqIccIK/uCor7v6ayVeVy9RwEldMV2H7sX6CyM8=
last-modified: Mon, 01 May 2023 00:57:39 GMT
server: AmazonS3
etag: "d5a47ea676595d730ebb5fc7288594f9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 hinted-Gordita-Black.woff2
amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/general/fonts/ 61 KB
62 KB 9ms
8ms Font
application/octet-stream 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/general/fonts/hinted-Gordita-Black.woff2

Requested by

Host: amc-theatres-res.cloudinary.com
URL: https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2298abc40cd42a8fc9df905e98bb5f1331c0672df3c77a3c7c05dbc1b672389d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://amc-theatres-res.cloudinary.com/raw/upload/amc-cdn/static/css/main-0c80870f.css
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
strict-transport-security: max-age=604800
last-modified: Wed, 30 Jan 2019 16:27:10 GMT
server: Cloudinary
etag: "50a2579a8a1526d8e7615f034388b9a5"
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=31557600
content-disposition: attachment; filename="hinted-Gordita-Black.woff2"
server-timing: cld-fastly;mitm=p;dur=1;start=2023-05-11T13:57:52.155Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 62956

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 116 KB
46 KB 173ms
67ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WHZQMVW

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2fff2262f896f97180568ee7a1cc4aa6e7bedbba54a3ea3df9b807baa499825e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46390
x-xss-protection: 0
last-modified: Thu, 11 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 13:57:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 155ms
56ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 May 2023 12:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 11 May 2023 14:35:39 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/800592284/ 2 KB
1 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/800592284/?random=1683813472169&cv=11&fst=1683813472169&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&hn=www.googleadservices.com&frm=0&us_privacy=1---&auid=1224766496.1683813469&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5d94592b830a002d8aac3cba04b9fae6f4fa8ae47766860404f112916cddbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1205
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3FBVCHD93B&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af08761fec15b1ebb56c5f8bb96508bfc8ed6ff393d47050b244578fed1c8dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 May 2023 13:57:52 GMT

POST
H/1.1 200
OK log Show response
www.amctheatres.com/api/ 0
390 B 128ms
127ms XHR
text/plain 169.224.240.210
AMCINET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amctheatres.com/api/log

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.224.240.210 Holden, United States, ASN14509 (AMCINET, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept: application/json
X-NewRelic-ID: UAEPUVRbGwAAV1hXBgUB
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
x-amc-request-id: 471f0884-029b-4d0a-9c93-4bb6bae6f523
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 11 May 2023 13:57:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Keep-Alive: timeout=5
Content-Length: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ 408 KB
164 KB 173ms
53ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167425
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 May 2024 18:24:30 GMT

GET
BLOB 200
OK 8182d0be-5c0d-49fb-ab5f-b1190a1c9598
https://www.amctheatres.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.amctheatres.com/8182d0be-5c0d-49fb-ab5f-b1190a1c9598
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/controller/ Frame 8900 1 KB
1 KB 30ms
7ms Document
text/html 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/controller/index.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d03ee089f73b6c8490c2851d23f8ce943e5d317236a67b69b62402728a78e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 513
content-type: text/html; charset=utf-8
date: Thu, 11 May 2023 13:57:52 GMT
etag: "9a77a036ed438add22ab3e057baf3ec7"
last-modified: Mon, 01 May 2023 00:57:37 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: WQMQiu4kl2jHMerU5Yaibe47t0Cnn4VXVutkFzmhJgfn0GJwXcw0xEFRellTumK92i9gECWExX4=
x-amz-request-id: JS48FMJ62FNBPP67
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/plugin-runtime/ Frame 6F04 708 B
889 B 30ms
9ms Document
text/html 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugin-runtime/index.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db36657a1d74de18ea6cb94a3b6da2fded5d74873abad03b372706ecb9e022f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 290
content-type: text/html; charset=utf-8
date: Thu, 11 May 2023 13:57:52 GMT
etag: "143eb9d214cb804aae6e10f19c52d1d0"
last-modified: Mon, 01 May 2023 00:57:45 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: j8T+QJmuqM/TJ2XV3SIUJV4BMKNDmjedqppmTXoWV4kuj7pDcVZwrSt2L/vpwQBNb0zkq5LMvYU=
x-amz-request-id: JM8FZDQ1NNANMDJD
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/plugins/widget/ Frame AB33 730 B
915 B 29ms
10ms Document
text/html 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugins/widget/index.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c7684031180ab55756a6caf7db59942c8a8bba5b9b63709fc0c0e98cd627040

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 315
content-type: text/html; charset=utf-8
date: Thu, 11 May 2023 13:57:52 GMT
etag: "9dcb2b6ab81fc09df5989834e1b35fb3"
last-modified: Wed, 10 May 2023 19:01:21 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: vLZcwIqo45vhHhlV7yu1z6vWQkgSKXan74bXKZ9aKaXmeuHImjJwxgj+zdvJiXhWz699ZFlJOgU=
x-amz-request-id: 0J1HD7AZJV868RNB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 scevent.min.js Show response
sc-static.net/ 31 KB
14 KB 62ms
25ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13611
x-amz-cf-id: uxC3348YxQaUAYbvSht1kwq90vA84L6bGS1Jn2jgQip4x6iO4WOfgg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 70ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3FBVCHD93B&gtm=45je3580&_p=797404450&_gaz=1&cid=1657060915.1683813472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683813472&sct=1&seg=0&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=order_confirmation&ep.page=%2Forders&ep.visitor_login_state=LoggedOut&ep.cart_id=&ep.showtime_date=2023-05-11&ep.checkout_type=concessions&ep.channelmix_session_id=BqaYDVrF6mwOIO3v&up.visitor_stubs_level=Anonymous
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FBVCHD93B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amctheatres.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3FBVCHD93B&cid=1657060915.1683813472&gtm=45je3580&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FBVCHD93B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amctheatres.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 161ms
160ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3FBVCHD93B&cid=1657060915.1683813472&gtm=45je3580&aip=1&z=142852235

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 global-reporter.js Show response
apps.rokt.com/wsdk/reporter/ Frame 8900 7 KB
3 KB 11ms
10ms Script
application/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/reporter/global-reporter.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/controller/index.html
Origin: https://apps.rokt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: JZHKE9FVBW7RSQ86
content-length: 2840
x-amz-id-2: jSqsEssxiGBLfxPm50XZ/qwvnk/njZog+90tK8QRVakCBGUHZvNp64kR3hmxuoI2kZgio94ZxsQ=
last-modified: Sun, 08 Aug 2021 23:10:23 GMT
server: AmazonS3
etag: "1d663c18a8f56b3de25954a30bd3e8c0"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=1200, must-revalidate, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.f99ce60ee5132af8a9d3.js Show response
apps.rokt.com/wsdk/controller/ Frame 8900 62 KB
15 KB 12ms
12ms Script
application/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/controller/index.f99ce60ee5132af8a9d3.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad3c48be38034ba18cdadee96af5fbb3efcfadecfdf978f41d654d73c0518f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/controller/index.html
Origin: https://apps.rokt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: JM83PRM9HPS75KD0
x-amz-server-side-encryption: AES256
content-length: 15250
x-amz-id-2: t/5LvZ2oWNkDKDObEFqvJLW0AZQrN9Fvxn7WQrUVIexwl2rgoRnuHodqr58KB6yBgS5EZYXl2g4=
last-modified: Mon, 01 May 2023 00:57:35 GMT
server: AmazonS3
etag: "47f59004a0c696c81154565c1cd3ae68"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.a41e436b29bbd19486cc.js Show response
apps.rokt.com/wsdk/plugin-runtime/ Frame 6F04 70 KB
18 KB 20ms
19ms Script
application/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugin-runtime/index.a41e436b29bbd19486cc.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugin-runtime/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be3e7928c8dff774b173ed3b7059a3be57cf0d16b0cfce5e205d350a21b9c286

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Origin: https://apps.rokt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 0X3QXYZ506HECG9P
x-amz-server-side-encryption: AES256
content-length: 18352
x-amz-id-2: Szia6qYyV05StxVfBd3k7OEzwdCaoZkib9rFB0ZVfBKcqOYJ71l2hEHsCAjBWraM8lRJiXrRFRw=
last-modified: Mon, 01 May 2023 00:57:43 GMT
server: AmazonS3
etag: "6436c2860f69a0672669c2b8251b40dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.9c4a38a4a58329261abb.js Show response
apps.rokt.com/wsdk/plugins/widget/modern/ Frame AB33 946 KB
192 KB 10ms
10ms Script
application/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugins/widget/modern/index.9c4a38a4a58329261abb.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/widget/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cbef72c56699b013ea851375cc446a85ee5b8e3cdaf7a67034d3254e55013807

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apps.rokt.com/wsdk/plugins/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 0J1X0N5BCS0VTM50
x-amz-server-side-encryption: AES256
content-length: 195371
x-amz-id-2: RPyok/+4CoCRsOS/Z0uodzObhORadLUZBfYuDrJLyeM2qSMwcZOK6pgO14pC6mUqhOW2fDyjraI=
last-modified: Wed, 10 May 2023 19:01:18 GMT
server: AmazonS3
etag: "1ac0a811e08472f1a1a586db2876a480"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 /
www.google.com/pagead/1p-user-list/800592284/ 42 B
64 B 67ms
66ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/800592284/?random=1683813472169&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&fmt=3&is_vtc=1&random=2716734951&rmt_tld=0&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/800592284/ 42 B
108 B 118ms
117ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/800592284/?random=1683813472169&cv=11&fst=1683810000000&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&frm=0&fmt=3&is_vtc=1&random=2716734951&rmt_tld=1&ipr=y

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 78A4 0
201 B 77ms
25ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=e8ea4bf9-c0bc-49b3-a49c-b6475677ce44&u_scsid=14f37c94-b50f-451e-a136-1c78d0da4ff8&u_sclid=2bba2fd0-eb2f-4528-b434-076a285f3e97

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 11 May 2023 13:57:52 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 3

GET
H2 200 e8ea4bf9-c0bc-49b3-a49c-b6475677ce44.js Show response
tr.snapchat.com/config/com/ 149 B
449 B 74ms
22ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/e8ea4bf9-c0bc-49b3-a49c-b6475677ce44.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

8977162b19b3fadb3732c975e54ac36305d5f0b9e0972fb2b15d0b9e81c0b55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Origin: https://www.amctheatres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.amctheatres.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 p
tr.snapchat.com/ 68 B
307 B 78ms
28ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=e8ea4bf9-c0bc-49b3-a49c-b6475677ce44&ev=PAGE_VIEW&u_hem=FFF74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b&intg=gtm&pl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&bt=1d53c387&if=false&m_dcl=3937&m_fcps=1981&m_pi=3936&m_pl=0&m_pv=v2&m_rd=6081&m_sl=6072&rf=&trackId=3ef7f2be-fd07-47b4-b12a-8815294e8447&ts=1683813472379&u_c1=489b2851-0de1-4ff9-93d6-4e54477bca22&u_sclid=2bba2fd0-eb2f-4528-b434-076a285f3e97&u_scsid=14f37c94-b50f-451e-a136-1c78d0da4ff8&v=2.0.0

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 session Show response
apps.rokt.com/v1/ Frame 8900 0
930 B 36ms
36ms Fetch 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/v1/session

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.f99ce60ee5132af8a9d3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apps.rokt.com/wsdk/controller/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
date: Thu, 11 May 2023 13:57:52 GMT
x-content-type-options: nosniff
x-rate-limit-limit: 1m
x-rate-limit-remaining: 49
strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy-report-only: upgrade-insecure-requests; default-src https:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: istio-envoy
etag: 3938728c-997d-4ef9-892f-3005a608af4b
access-control-expose-headers: ETag
x-rate-limit-reset: 2023-05-11T13:58:52.4068657Z
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, nofollow, noimageindex
expires: Thu, 11 May 2023 13:57:52 GMT

POST
H2 200 placements Show response
apps.rokt.com/v2/ Frame 8900 208 B
1 KB 107ms
107ms Fetch
application/json 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/v2/placements

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.f99ce60ee5132af8a9d3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

3e5fbb307ee737afbf7a77db1a6df1fce822e3093e9461ce4f0219a3e35624cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

rokt-third-party-cookie: 4683eb4e-9c38-43f0-85e8-87f32d158c53
rokt-etag: 3938728c-997d-4ef9-892f-3005a608af4b
rokt-tag-id: 257_7613e3f7061b458d86dea47a9c7a6b61
rokt-first-party-cookie: 77df2837-e30e-4b8d-8124-9e9687f6b853
accept-language: de-DE,de;q=0.9
rokt-page-url: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
rokt-third-party-local-storage: 5dfeb5d1-21e6-4ab3-88b0-eee495697ebf
Content-Type: application/json
rokt-first-party-local-storage: db08c830-579e-4c50-8cfd-66f3396e674f
Referer: https://apps.rokt.com/wsdk/controller/index.html
rokt-enable-recognition: true
rokt-page-identifier: order-confirmation

Response headers

content-security-policy: upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
content-encoding: gzip
x-content-type-options: nosniff
x-rate-limit-limit: 3m
x-rate-limit-remaining: 4
date: Thu, 11 May 2023 13:57:52 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy-report-only: upgrade-insecure-requests; default-src https:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
content-length: 182
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: istio-envoy
access-control-max-age: 15
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://apps.rokt.com
rokt-account-id: 257
access-control-expose-headers: rokt-account-id,rokt-session-id
x-rate-limit-reset: 2023-05-11T14:00:52.4890246Z
access-control-allow-credentials: true
rokt-session-id: afff00e6-2116-4f9c-9aec-193af48c5a29
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noimageindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, rokt-first-party-cookie, rokt-first-party-local-storage, rokt-session-id, rokt-legacy-session-id, rokt-tag-id, rokt-api-key
expires: Thu, 11 May 2023 13:57:52 GMT

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 900C 50 KB
28 KB 82ms
81ms Document
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfIALUUAAAAANFDCluzb-m1FLbBKkQwvsYbglIS&co=aHR0cHM6Ly93d3cuYW1jdGhlYXRyZXMuY29tOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=gv8dindloy64

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

44cfe80705f344fe0fc1ef8b1d3c0bdb9ead3dcc8be1dac727ff8f7dbdd138f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DL1EIqr5LbzLlajbc7WzFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27717
content-security-policy: script-src 'report-sample' 'nonce-DL1EIqr5LbzLlajbc7WzFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 13:57:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 900C 55 KB
24 KB 167ms
53ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfIALUUAAAAANFDCluzb-m1FLbBKkQwvsYbglIS&co=aHR0cHM6Ly93d3cuYW1jdGhlYXRyZXMuY29tOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=gv8dindloy64

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 12:43:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 900C 408 KB
164 KB 165ms
52ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167425
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 May 2024 18:24:30 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
149 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-24750557-1&cid=1657060915.1683813472&jid=624926685&gjid=880586046&_gid=35182158.1683813473&_u=aCDAiEABRAAAAEgAIAC~&z=1214765490

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 11 May 2023 13:57:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amctheatres.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 51ms
50ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=797404450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&dp=%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABRAAAAAgAI~&jid=624926685&gjid=880586046&cid=1657060915.1683813472&tid=UA-24750557-1&_gid=35182158.1683813473&gtm=45He3580n7152MRS6&cd1=Anonymous&cd7=landing_page&cd23=Anonymous&cd30=1683813472165.izhlic8&cd37=13%3A57%202023%2F05%2F11&cd38=thursday%20%7C%20weekday&cd40=BqaYDVrF6mwOIO3v&cd51=none&z=1584008813

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 00:14:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 900C 2 KB
2 KB 51ms
51ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 399918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 13 May 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 900C 15 KB
16 KB 160ms
51ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 397758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 900C 15 KB
15 KB 172ms
64ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 418208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 900C 102 B
134 B 59ms
59ms Other
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfIALUUAAAAANFDCluzb-m1FLbBKkQwvsYbglIS&co=aHR0cHM6Ly93d3cuYW1jdGhlYXRyZXMuY29tOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=gv8dindloy64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2023 13:57:53 GMT

OPTIONS
H2 204 5beee8f45b18c34b8b0e00bf
events.launchdarkly.com/events/diagnostic/ Frame 0
0 320ms
109ms Preflight 3.88.238.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5beee8f45b18c34b8b0e00bf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.88.238.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-88-238-34.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://www.amctheatres.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=31536000

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 33ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2HV6J6QHFFESHJRR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.561561,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2788

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 28ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YC9JCZQM6STQJG
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.561654,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1420

POST
H2 202 5beee8f45b18c34b8b0e00bf Show response
events.launchdarkly.com/events/diagnostic/ 0
345 B 104ms
103ms XHR
application/json 3.88.238.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5beee8f45b18c34b8b0e00bf

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.88.238.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-88-238-34.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 1CB3 0
183 B 99ms
31ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=n9g6rfp&ref=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&upid=gp2upt5&upv=1.1.0
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 11 May 2023 13:57:53 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ 921 B
617 B 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.574343,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1389

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y6DMYX2M755T46
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: 12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.584386,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1369

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y1F68V5R4G1R1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.586398,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1366

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y867HS6MYT7985
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.588690,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1380

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YF3D3MNZZ7XXTH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: 0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.591816,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1368

GET
H2 200 jserrors-aggregate.017d6ea4-1.232.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y3P9H1YVPCYW5A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2704
x-amz-id-2: fOJjkf623X4+LNu7HUnbPEqkESbCVUXfegtTcDGCJTSYPYnZIMHyyD/3Rdyml/9Mp1DAV3/tTMA=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.593676,VS0,VE0
etag: "3eccc20152284ae6154ef68728b49a85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1025

GET
H2 200 ajax-aggregate.666f66ea-1.232.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 7ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YAMGSAT4509J8D
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2159
x-amz-id-2: +/vlhDJIBkrB07I08TN2xKY9QCT+tReD92GfPWcSfMLZ777mczQvriIxrhC3OuLLFI+tLbuC4X0=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.595960,VS0,VE0
etag: "6f55903bceeb36daf6c5579103364266"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1016

GET
H2 200 session_trace-aggregate.c0ef217a-1.232.0.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 7ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YBT10PFQDKE050
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3302
x-amz-id-2: F/iivEdVcfTjYq8AJFOWGRk4GEFQq3Y9nQ2WJaA8DbfFJtDlso2/z2dRKKVQr/qXereUel72lF0=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.597639,VS0,VE0
etag: "8658ef92a475808fc6ed23b10731217d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1030

GET
H2 200 page_action-aggregate.64dc4751-1.232.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y9SYP2S871NYYN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 985
x-amz-id-2: wXfzGJOuvfsWptsVhCX8TS9ZOOpumIcusC5MtXYWezjm85aH+z+a4UhZtORNDBtZ1lQIvruadOE=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.600963,VS0,VE0
etag: "19f8af5dbc48da5cec8a15e4e37572a2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1017

GET
H2 200 spa-aggregate.342172b1-1.232.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding: gzip
via: 1.1 varnish
date: Thu, 11 May 2023 13:57:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YAJ6WYP1J8ME4A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6574
x-amz-id-2: VgAy+MrhxuFl5jVpUDdrAu+k2F0/keKUs9t2baLmPjDCGwinsdlSaDKFL2sbJxn1je0+kg2OvCU=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683813474.603011,VS0,VE0
etag: "cd8a824b2ab07e7b696cf7565028153b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 787

GET
H/1.1 200
OK a7d0d0c6e1 Show response
bam.nr-data.net/1/ 49 B
532 B 339ms
258ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/a7d0d0c6e1?a=30395146&v=1.232.0&to=MlZSNkoHW0EAVU1RDgsccxdLElpfTllLXAQXQB9YTAleVw8ZWlcPA1pCD1kSXF0P&rst=7315&ck=0&s=34346ac4e54f0806&ref=https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation&ap=491.586405&be=1788&fe=5465&dc=2150&tt=b5034114d703217e&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1683813466298,%22n%22:0,%22f%22:917,%22dn%22:917,%22dne%22:917,%22c%22:917,%22s%22:917,%22ce%22:917,%22rq%22:919,%22rp%22:1788,%22rpe%22:2155,%22di%22:3936,%22ds%22:3937,%22de%22:3938,%22dc%22:7236,%22l%22:7236,%22le%22:7253%7D,%22navigation%22:%7B%7D%7D&fp=1965&fcp=1981&jsonp=NREUM.setToken
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzqG7ATYZleR48Vy/ef36ec68-970d-4e53-aa43-34084e553484/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 13:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7c5aef0299f82c36-FRA

POST
H/1.1 200
OK a7d0d0c6e1 Show response
bam.nr-data.net/events/1/ 24 B
407 B 240ms
240ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/a7d0d0c6e1?a=30395146&v=1.232.0&to=MlZSNkoHW0EAVU1RDgsccxdLElpfTllLXAQXQB9YTAleVw8ZWlcPA1pCD1kSXF0P&rst=7692&ck=0&s=34346ac4e54f0806&ref=https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 May 2023 13:57:54 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.amctheatres.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7c5aef046c762c36-FRA
Content-Length: 24

POST
H2 200 log Show response
apps.rokt.com/v1/ Frame 8900 0
1 KB 45ms
45ms Fetch 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/v1/log

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.f99ce60ee5132af8a9d3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

rokt-tag-id: 257_7613e3f7061b458d86dea47a9c7a6b61
accept-language: de-DE,de;q=0.9
rokt-page-url: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
rokt-account-id: 257
Content-Type: application/json
Referer: https://apps.rokt.com/wsdk/controller/index.html
rokt-session-id: afff00e6-2116-4f9c-9aec-193af48c5a29
rokt-page-identifier: order-confirmation

Response headers

content-security-policy: upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
date: Thu, 11 May 2023 13:57:55 GMT
x-content-type-options: nosniff
x-rate-limit-limit: 1m
x-rate-limit-remaining: 49
strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy-report-only: upgrade-insecure-requests; default-src https:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: istio-envoy
access-control-max-age: 15
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
rokt-account-id: 257
access-control-allow-origin: https://apps.rokt.com
access-control-expose-headers: rokt-account-id,rokt-session-id
x-rate-limit-reset: 2023-05-11T13:58:55.4894957Z
access-control-allow-credentials: true
rokt-session-id: afff00e6-2116-4f9c-9aec-193af48c5a29
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, nofollow, noimageindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, rokt-first-party-cookie, rokt-first-party-local-storage, rokt-session-id, rokt-legacy-session-id, rokt-tag-id, rokt-api-key
expires: Thu, 11 May 2023 13:57:55 GMT

OPTIONS
H2 204 5beee8f45b18c34b8b0e00bf
events.launchdarkly.com/events/bulk/ Frame 0
0 102ms
102ms Preflight 3.88.238.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5beee8f45b18c34b8b0e00bf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.88.238.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-88-238-34.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://www.amctheatres.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 11 May 2023 13:57:55 GMT
strict-transport-security: max-age=31536000

POST
H2 202 5beee8f45b18c34b8b0e00bf Show response
events.launchdarkly.com/events/bulk/ 0
345 B 145ms
145ms XHR
application/json 3.88.238.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5beee8f45b18c34b8b0e00bf

Requested by

Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.88.238.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-88-238-34.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
X-LaunchDarkly-Payload-ID: d448eab0-f003-11ed-a7db-cb61d22b3943
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 May 2023 13:57:55 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3FBVCHD93B&gtm=45je3580&_p=797404450&cid=1657060915.1683813472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683813472&sct=1&seg=0&dl=https%3A%2F%2Fwww.amctheatres.com%2Forders%2Fa6a5f894-78c2-46b4-9694-8c0beee31fe7%2Fconfirmation&dt=&en=scroll&ep.page_type=order_confirmation&ep.page=%2Forders&ep.visitor_login_state=LoggedOut&ep.cart_id=&ep.showtime_date=2023-05-11&ep.checkout_type=concessions&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FBVCHD93B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 13:57:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amctheatres.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK a7d0d0c6e1 Show response
bam.nr-data.net/events/1/ 24 B
407 B 138ms
138ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/a7d0d0c6e1?a=30395146&v=1.232.0&to=MlZSNkoHW0EAVU1RDgsccxdLElpfTllLXAQXQB9YTAleVw8ZWlcPA1pCD1kSXF0P&rst=17660&ck=0&s=34346ac4e54f0806&ref=https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 May 2023 13:58:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.amctheatres.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7c5aef42bf582c36-FRA
Content-Length: 24

POST
H/1.1 200
OK a7d0d0c6e1 Show response
bam.nr-data.net/jserrors/1/ 24 B
407 B 266ms
252ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/jserrors/1/a7d0d0c6e1?a=30395146&v=1.232.0&to=MlZSNkoHW0EAVU1RDgsccxdLElpfTllLXAQXQB9YTAleVw8ZWlcPA1pCD1kSXF0P&rst=17660&ck=0&s=34346ac4e54f0806&ref=https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 May 2023 13:58:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.amctheatres.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7c5aef42dbf73a96-FRA
Content-Length: 24

POST
H/1.1 200
OK a7d0d0c6e1 Show response
bam.nr-data.net/events/1/ 24 B
407 B 273ms
245ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/a7d0d0c6e1?a=30395146&v=1.232.0&to=MlZSNkoHW0EAVU1RDgsccxdLElpfTllLXAQXQB9YTAleVw8ZWlcPA1pCD1kSXF0P&rst=17661&ck=0&s=34346ac4e54f0806&ref=https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Requested by: Host: www.amctheatres.com
URL: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.amctheatres.com/orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 May 2023 13:58:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.amctheatres.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7c5aef42eb2b920b-FRA
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 11:44:59	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.amc.film/	1970-01-20 16:02:45	Name: _bit Value: n4bdVK-77bd9453bf742d9c9f-00p
.amctheatres.com/	1970-01-20 12:26:45	Name: connect.sid Value: s%3AeYhMojEkbE0vOoDMh2BH2J_9RTw2Dx2O.p552t%2B%2Fcy1Kt0xiLP3VBPBzca%2FRr45fbY3%2FQeA1A3DI
www.amctheatres.com/	1969-12-31 23:59:59	Name: TS016dea95 Value: 01a483b97105b6005640457f18bd4f12bf23d36c9ccdfc8bb2bb9fffbc3147fc0eebd2b71c467c9ccd8b02bcf898af81b3d0db8f56
.amctheatres.com/	1969-12-31 23:59:59	Name: TS01c7b029 Value: 01a483b97105b6005640457f18bd4f12bf23d36c9ccdfc8bb2bb9fffbc3147fc0eebd2b71c467c9ccd8b02bcf898af81b3d0db8f56
.amctheatres.com/	1970-01-20 13:53:09	Name: _gcl_au Value: 1.1.1224766496.1683813469
.amctheatres.com/	1969-12-31 23:59:59	Name: pageCookie Value: /orders/a6a5f894-78c2-46b4-9694-8c0beee31fe7/confirmation
.tiktok.com/	1970-01-20 21:05:09	Name: _ttp Value: 2PeNDjiFk1jiyxur162zR0DONXc
.amctheatres.com/	1970-01-20 21:05:09	Name: _tt_enable_cookie Value: 1
.amctheatres.com/	1970-01-20 21:05:09	Name: _ttp Value: pzFGwvwPqx-wuoNKdGqqdavq2XH
.amctheatres.com/	1970-01-20 13:53:09	Name: _fbp Value: fb.1.1683813469548.906699407
.doubleclick.net/	1970-01-20 21:05:09	Name: IDE Value: AHWqTUmOZOM1K4jrfxZwHxWhmTbZmYMc4X7InIsvUYRa_VCVXdM4fGtN_iZ8qZgU
.amctheatres.com/	1970-01-20 11:44:59	Name: _uetsid Value: d1217c90f00311eda3bc53e7e97e8191
.amctheatres.com/	1970-01-20 21:05:09	Name: _uetvid Value: d121b500f00311eda9036b74b7aa0edd
.bing.com/	1970-01-20 21:05:09	Name: MUID Value: 03A4F00795D0666B2380E30994D06750
.amctheatres.com/	1970-01-20 21:19:33	Name: _ga_3FBVCHD93B Value: GS1.1.1683813472.1.0.1683813472.60.0.0
www.amctheatres.com/	1969-12-31 23:59:59	Name: TS1a913d0a027 Value: 088687fb01ab20009adef294b0dab622f61794dbb75fa8b23be871d14e8a46365a83ceada9716e2508a69ea0d7113000c8bd6edaf6be2ef97458d482fbb6dfd14b1d7d4248a115640fe6a1420e144edad7ccb0b4e3b1a3fd31930a0c13a069c7
.amctheatres.com/	1970-01-20 21:13:20	Name: _scid Value: 489b2851-0de1-4ff9-93d6-4e54477bca22
.amctheatres.com/	1970-01-20 21:13:20	Name: _scid_r Value: 489b2851-0de1-4ff9-93d6-4e54477bca22
apps.rokt.com/	1969-12-31 23:59:59	Name: akaalb_Instance-1 Value: ~op=Prod_API:Prod-API-EU-West-1\|Prod_WSDK_S3:Prod-SDK-S3\|~rv=87~m=Prod-API-EU-West-1:0\|Prod-SDK-S3:0\|~os=141f223fa3e939d66e4926adb7c49b34~id=2953d9dd9a6fcf35f74701efef70a407
.snapchat.com/	1970-01-20 21:05:09	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3GwQ0AIAgDwIlIxDbYdYToFAyvrzvy3EBuE4tG3PrLsK2PeOBUt4cgB9fs8QBl/owdMgAAAA==
www.amctheatres.com/	1970-01-20 20:29:09	Name: RoktRecogniser Value: 77df2837-e30e-4b8d-8124-9e9687f6b853
apps.rokt.com/	1970-01-20 20:29:09	Name: RoktRecogniser Value: 4683eb4e-9c38-43f0-85e8-87f32d158c53
.amctheatres.com/	1970-01-20 21:19:33	Name: _ga Value: GA1.2.1657060915.1683813472
.amctheatres.com/	1970-01-20 11:44:59	Name: _gid Value: GA1.2.35182158.1683813473
.amctheatres.com/	1970-01-20 11:43:33	Name: _dc_gtm_UA-24750557-1 Value: 1
.amctheatres.com/	1969-12-31 23:59:59	Name: alreadyLanded Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8666708.fls.doubleclick.net
adservice.google.com
adservice.google.de
amc-theatres-res.cloudinary.com
amc.film
analytics.tiktok.com
app.launchdarkly.com
apps.rokt.com
bam.nr-data.net
bat.bing.com
cmp.osano.com
connect.facebook.net
d.adroll.com
events.launchdarkly.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
region1.analytics.google.com
s.adroll.com
sc-static.net
siteimproveanalytics.com
stats.g.doubleclick.net
tr.snapchat.com
www.amctheatres.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
108.138.15.119
142.250.186.134
143.204.207.250
151.101.194.217
151.101.2.137
162.247.241.14
169.224.240.210
2001:4860:4802:34::36
23.36.163.232
2600:9000:211e:b000:3:b7e:8940:93a1
2600:9000:225e:4c00:6:9280:1080:93a1
2606:4700:e6::ac40:c518
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c0a::9a
2a02:26f0:3500:11::215:14dc
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::393
2a05:d018:cc3:fe04:6c94:5904:71bc:8e95
3.88.238.34
35.190.43.134
35.71.131.137
67.199.248.13
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0bcc96e8314bd536c6c5f240b7768ae96d179382dc66121937e80c4780d588b8
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fec1ca50c9e255301653171bf3ce1fe405cd3fb5dcf0ba8f84702a351357aaa
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7684031180ab55756a6caf7db59942c8a8bba5b9b63709fc0c0e98cd627040
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
226c9a2c80c75e3c5d7d197c484adb7d63e6ea36270af348bc223be73e8cd059
2298abc40cd42a8fc9df905e98bb5f1331c0672df3c77a3c7c05dbc1b672389d
22c5dc18cb514067e0da1081cb5953f563c75bc4f88919bd53296bd3b8cd7e25
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
29d735d701c84fe13dad45ff2a649e6334a774d4ea629954509bf8e0cd0ebccb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b05ae77e7d45fc80fe9ba58ee4ab3a99e335f95b41085ce1c7fcd8586b55149
2fff2262f896f97180568ee7a1cc4aa6e7bedbba54a3ea3df9b807baa499825e
31d922063db9142a028b947422c8426b7ef6f9bb566c70e119032a9f8b5a54d1
37a80b6aab66ade466cef72f0a4815fb68dafd938f993a9cf487aeef7b523aa1
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9
3a4c06550a5639c4154ae1d5fa2fa4deb7dae62a1c945e3f637921e73c414e17
3c8d80140eecbd2890d62c0dfe153e954ab024604fceced8973642ad653c7899
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5fbb307ee737afbf7a77db1a6df1fce822e3093e9461ce4f0219a3e35624cc
3f5d94592b830a002d8aac3cba04b9fae6f4fa8ae47766860404f112916cddbc
41b636230ddd9db5132c305b893bb882d15d933a8c41d3c44eb1924b8734199a
44cfe80705f344fe0fc1ef8b1d3c0bdb9ead3dcc8be1dac727ff8f7dbdd138f5
4d03ee089f73b6c8490c2851d23f8ce943e5d317236a67b69b62402728a78e26
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
555dc4eb41f81c5e4341503ea8ddcd5887c6cfe99816aeeca19d3a41f8514702
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
58804d4c2f39539997acf44707a5d39f141cbf1a5d9c1b7eae5fbd40bad13818
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
647a935d53e8b6338f9e0c6170cba4294966d57e68d260ab03b74ee065460175
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
80f8f7c9cd4aaff4cd93c522df699cff99f78464f7f7da028a6495550553ffd6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879e18ee127bfba480380135ce9dfa747c60041a6b657795256e7312331b658c
88b143f4ce1988a0401c45043ac5a3d3f78c330e53b4b37cf5253e3095698272
88cc3833195c5bf0fbd47d4be2ad9d62ddf76644a8639a347e49421f93993cec
8977162b19b3fadb3732c975e54ac36305d5f0b9e0972fb2b15d0b9e81c0b55b
8c9364735b82f0a12a58721fad5013d264ee93ceda2c5a013e2ff793b6396ea0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8eba13250ced9d66f3cf7e68f2cd38683c8245366d5d2f29dc85fc5c56b2b884
9121aa2faef56819b96bd007af1bac0bc378361ee657675748846e114eea29e5
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
980b8d4e4fa77f6e40c3f9f53a3e8e4f08bfc21f9edb5f70f3d06ee969b9d7d1
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
a0e51f61863f8a4a28f49a24062a8c486a08e26a0c7bd72c107da9c18d9a4aa8
a3425f45fba0c6d74f413a27c2e7b1a4a489922a97c6675904b010cfbfb1f6d5
a59871002f25c1d72ec8f34ffc314c2742e3334bca061bf43e3f780b5a89ff05
aae36de602475c08314486b3126c9ab2239c39da76dcfc35b1f93df2b96fac99
ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b
ad3c48be38034ba18cdadee96af5fbb3efcfadecfdf978f41d654d73c0518f7b
af08761fec15b1ebb56c5f8bb96508bfc8ed6ff393d47050b244578fed1c8dfc
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
be3e7928c8dff774b173ed3b7059a3be57cf0d16b0cfce5e205d350a21b9c286
c1ec3e94f9a7f0cbd8092c50637f6f9a116c573ea561c1f9d727062a0164e970
c7ef136acbf69acef5c4df2b6b01db804b2d77ab048aeda2577ad0e8456a8fce
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
cbef72c56699b013ea851375cc446a85ee5b8e3cdaf7a67034d3254e55013807
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d6ad932d55e5b17362c997effc9ec878e5dd1af665ad154a6450c1465a5cbef1
d8363e6e12032c6ed02cd97c00e8d95890f29b6caee993200f44ca0945fbf928
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db36657a1d74de18ea6cb94a3b6da2fded5d74873abad03b372706ecb9e022f6
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
de6768caa2b0f061042dd5a64c6750d78351d630147b79206a61f99aa1b6602d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4be2120d94c2f7f39f3c2e8f6f0740ab7f8bae8e8ef8c1607c88f473419308
efa1674e3b7214b2ac161b11a839fb3a04561a309e00a6208beb78e950b36b4e
f4b2c7e08609d901507ed5eeda16478646a9307c5dd383782d7f5e97360a1c61
f6cccd3d95d9d818550d0a5daf92992e48e08d23a9c3323b01d4ffb712c3c8ad

www.amctheatres.com Open in urlscan Pro 169.224.240.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

64 %IPv6

25 Domains

34 Subdomains

33 IPs

4 Countries

3461 kBTransfer

10033 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.amctheatres.com Open in urlscan Pro
169.224.240.210 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

64 %
IPv6

25
Domains

34
Subdomains

33
IPs

4
Countries

3461 kB
Transfer

10033 kB
Size

27
Cookies

123 HTTP transactions
2 data transactions