chicagobearsvip.com Open in urlscan Pro
18.215.71.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chicagobearsvip.com/
Effective URL:
https://chicagobearsvip.com/
Submission: On September 13 via manual (September 13th 2022, 9:26:52 pm UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 22 domains to perform 91 HTTP transactions. The main IP is 18.215.71.91, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is chicagobearsvip.com.
TLS certificate: Issued by R3 on August 20th 2022. Valid for: 3 months.

This is the only time chicagobearsvip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	18.215.71.91 18.215.71.91	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	143.204.214.63 143.204.214.63	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.9 99.86.4.9	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.23.46 13.32.23.46	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:6200:4:2d:76c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.4.86 99.86.4.86	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3030::ac43:903b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.4.91 99.86.4.91	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	34.246.90.31 34.246.90.31	16509 (AMAZON-02) (AMAZON-02)
1	54.187.48.204 54.187.48.204	16509 (AMAZON-02) (AMAZON-02)
2 4	104.16.106.139 104.16.106.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1	52.30.207.7 52.30.207.7	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
91	35

11 18.215.71.91 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-71-91.compute-1.amazonaws.com

chicagobearsvip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 143.204.214.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-63.fra53.r.cloudfront.net

d3tw2v68rmxuj7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-46.fra56.r.cloudfront.net

d2xpg1khvwxlf1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6200:4:2d:76c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.quintevents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:903b (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.90.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-90-31.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.48.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-48-204.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.106.139 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.207.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-207-7.eu-west-1.compute.amazonaws.com

ws2.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

go.quintevents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cloudfront.net d3tw2v68rmxuj7.cloudfront.net d2xpg1khvwxlf1.cloudfront.net	847 KB
11	chicagobearsvip.com 1 redirects chicagobearsvip.com	43 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2812 q.stripe.com — Cisco Umbrella Rank: 23470 m.stripe.com — Cisco Umbrella Rank: 2345	86 KB
6	gstatic.com fonts.gstatic.com	77 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 maps.googleapis.com — Cisco Umbrella Rank: 646	184 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 871 script.hotjar.com — Cisco Umbrella Rank: 1152 vars.hotjar.com — Cisco Umbrella Rank: 1247 in.hotjar.com — Cisco Umbrella Rank: 2418 ws2.hotjar.com — Cisco Umbrella Rank: 82905	69 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
4	zopim.com 2 redirects v2.zopim.com — Cisco Umbrella Rank: 15301	245 KB
4	google.se www.google.se — Cisco Umbrella Rank: 16436	739 B
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 19	659 B
3	quintevents.com assets.quintevents.com go.quintevents.com	3 MB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	34 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1004 syndication.twitter.com — Cisco Umbrella Rank: 1252	133 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 8160	4 KB
2	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3092 ekr.zdassets.com — Cisco Umbrella Rank: 3670	8 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 3015	17 KB
1	weatherwidget.io weatherwidget.io — Cisco Umbrella Rank: 38474	1 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	27 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	48 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 493	8 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1190	8 KB
91	22

	Domain	Requested by
20	d3tw2v68rmxuj7.cloudfront.net	chicagobearsvip.com d3tw2v68rmxuj7.cloudfront.net
11	chicagobearsvip.com	1 redirects chicagobearsvip.com d3tw2v68rmxuj7.cloudfront.net script.hotjar.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	chicagobearsvip.com www.google-analytics.com
4	maps.googleapis.com	d3tw2v68rmxuj7.cloudfront.net maps.googleapis.com
4	v2.zopim.com	2 redirects chicagobearsvip.com
4	www.google.se	chicagobearsvip.com
4	www.google.com	2 redirects chicagobearsvip.com
3	q.stripe.com	chicagobearsvip.com
3	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
3	www.googleadservices.com	chicagobearsvip.com www.googletagmanager.com www.googleadservices.com
3	js.stripe.com	chicagobearsvip.com js.stripe.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	pi.pardot.com	chicagobearsvip.com pi.pardot.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	assets.quintevents.com	chicagobearsvip.com
2	fonts.googleapis.com	d3tw2v68rmxuj7.cloudfront.net
2	platform.twitter.com	chicagobearsvip.com platform.twitter.com
1	go.quintevents.com	pi.pardot.com
1	ekr.zdassets.com	v2.zopim.com
1	ws2.hotjar.com	script.hotjar.com
1	static.zdassets.com
1	m.stripe.com	m.stripe.network
1	in.hotjar.com	script.hotjar.com
1	syndication.twitter.com	platform.twitter.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	weatherwidget.io	d3tw2v68rmxuj7.cloudfront.net
1	connect.facebook.net	d3tw2v68rmxuj7.cloudfront.net
1	static.hotjar.com	d3tw2v68rmxuj7.cloudfront.net
1	www.googletagmanager.com	d3tw2v68rmxuj7.cloudfront.net
1	d2xpg1khvwxlf1.cloudfront.net	chicagobearsvip.com
1	cdn.jsdelivr.net
1	unpkg.com
91	34

This site contains no links.

Subject Issuer	Validity	Valid
chicagobearsvip.com R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
assets.quintevents.com Amazon	`2021-12-11` - `2023-01-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-23` - `2022-09-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
go.quintevents.com R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://chicagobearsvip.com/
Frame ID: F938DAFF744C3649536CEAF9529330DE
Requests: 79 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 16EBA4D422272ED8A653DE9C5AEACAB8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fchicagobearsvip.com
Frame ID: 27AEB6BDF5E94B2D2346CC70E1DDC9C5
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3948bfea1f3670985d1d546bf1f84a08.html
Frame ID: 61503632B65951836681AA2C491BD390
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0A00F43E0B4C1A0E95E4CBF36C40B20B
Requests: 4 HTTP requests in this frame

Frame: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Frame ID: DBF059A4C98CD571CC0EE3D70F51DD20
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 55F92351FE8ADD5DA844EF22C558139A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chicago Bears VIP Fan Packages | Chicago Bears VIP

Page URL History Show full URLs

http://chicagobearsvip.com/ HTTP 308
https://chicagobearsvip.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Zendesk Chat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

v2\.zopim\.com

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

91
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

34
Subdomains

35
IPs

5
Countries

5114 kB
Transfer

9486 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chicagobearsvip.com/ HTTP 308
https://chicagobearsvip.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&auid=1890330938.1663104405&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=lfUgY8OeDoPC1wab9ZrQBg&sscte=1&crd=&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0VMLgfdZt6VCDj78z-43tqmGhA9Bq0NlJE&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuYjVkOUZJd0ZOT0lGNUJwODcxX1pxT1AzSTh4bWRLSlZiM21hRjZTM3Z5bThJGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5UYTl6eFluSFBZcGtHQW1wckJla3liXzJLRVJLQVp0MFEwSW90SkFtMThjR1lHd0dTcmdJU2kx HTTP 302
https://www.google.com/pagead/1p-conversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&auid=1890330938.1663104405&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuYjVkOUZJd0ZOT0lGNUJwODcxX1pxT1AzSTh4bWRLSlZiM21hRjZTM3Z5bThJGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5UYTl6eFluSFBZcGtHQW1wckJla3liXzJLRVJLQVp0MFEwSW90SkFtMThjR1lHd0dTcmdJU2kx&is_vtc=1&ocp_id=lfUgY8OeDoPC1wab9ZrQBg&cid=CAQSKQCsnQUxGSplVKhahrDxOM-dX4YhSqZdV1hV2z6Wl-wD6MYAi3gyOj7E&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UtrC6O_t1Fgex-9LiPY1aXrb7JO_9M704&random=868548253&resp=GooglemKTybQhCsO HTTP 302
https://www.google.se/pagead/1p-conversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&auid=1890330938.1663104405&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuYjVkOUZJd0ZOT0lGNUJwODcxX1pxT1AzSTh4bWRLSlZiM21hRjZTM3Z5bThJGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5UYTl6eFluSFBZcGtHQW1wckJla3liXzJLRVJLQVp0MFEwSW90SkFtMThjR1lHd0dTcmdJU2kx&is_vtc=1&ocp_id=lfUgY8OeDoPC1wab9ZrQBg&cid=CAQSKQCsnQUxGSplVKhahrDxOM-dX4YhSqZdV1hV2z6Wl-wD6MYAi3gyOj7E&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UtrC6O_t1Fgex-9LiPY1aXrb7JO_9M704&random=868548253&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 63

https://v2.zopim.com/?27DSZRQXoBYdgTOv4KMWktls91EbAA2e HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005132557/?guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1005132557/?guid=ON&script=0&is_vtc=1&random=4171020078 HTTP 302
https://www.google.se/pagead/1p-user-list/1005132557/?guid=ON&script=0&is_vtc=1&random=4171020078&ipr=y

Request Chain 83

https://v2.zopim.com/w?27DSZRQXoBYdgTOv4KMWktls91EbAA2e HTTP 302
https://v2.zopim.com/bin/v/widget_v2.334.js

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chicagobearsvip.com/
Redirect Chain

http://chicagobearsvip.com/
https://chicagobearsvip.com/

31 KB
33 KB

450ms
229ms

Document
text/html

18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

404877e004c967f6750cfa9c19e3c448e72670f42ad33dab14bfe74dee6d788f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-security-policy-report-only: default-src 'none'; connect-src 'self' https: wss://*.zopim.com; font-src data: https:; frame-src https://js.stripe.com https://m.stripe.network https://www.google.com https://www.youtube.com https://googleads.g.doubleclick.net https://bid.g.doubleclick.net; img-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https://d3tw2v68rmxuj7.cloudfront.net https://fonts.googleapis.com; report-uri /csp
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 21:26:44 GMT
etag: W/"404877e004c967f6750cfa9c19e3c448"
link: <https://unpkg.com/ionicons@4.5.5/dist/css/ionicons.min.css>; rel=preload; as=style; nopush,<https://cdn.jsdelivr.net/npm/masonry-layout@4.2.2/dist/masonry.pkgd.min.js>; rel=preload; as=script; crossorigin=anonymous; integrity=sha384-GNFwBvfVxBkLMJpYMOABq3c+d3KnQxudP/mGPkzpZSTYykLBNsZEnG2D9G/X/+7D; nopush,<//d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b44d0ec5f32c3426ef791e2525fccb58
x-runtime: 0.115971
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Tue, 13 Sep 2022 21:26:43 GMT
Location: https://chicagobearsvip.com

POST
H2 204 csp
chicagobearsvip.com/ 0
627 B 116ms
115ms Other
text/plain 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/csp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

x-runtime: 0.006586
date: Tue, 13 Sep 2022 21:26:44 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: ce587278bac3f70d4d8f495c64b96eed

GET
H2 200 ionicons.min.css
unpkg.com/ionicons@4.5.5/dist/css/ 45 KB
8 KB 96ms
45ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@4.5.5/dist/css/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057bb1905a283c2d6f0a097301ee734776f51ddcf903bffe422cbdbc02d98c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:44 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7130655
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"b5ff-wG629zAnPa3uHu4FfadQ8VWJb1I"
fly-request-id: 01G67VGRSWF5AVTPCFWJ1E1GQ3-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74a3f67fff908fdc-FRA

GET
H2 200 masonry.pkgd.min.js Show response
cdn.jsdelivr.net/npm/masonry-layout@4.2.2/dist/ 24 KB
8 KB 89ms
32ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/masonry-layout@4.2.2/dist/masonry.pkgd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicagobearsvip.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15249899
x-jsd-version: 4.2.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA, cache-hhn4062-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"5e27-0gJSz3bDvorzeoQV0TrTaMditNg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XTaibGZcSCft1OwzWrPrn4Z3CIvPTg17q2H6nacuyVxyQCxdQhwgSw4miUPdkuWSIQxYo5iBEzIAjilg1jQ2iztaEEwkCZVuXilnPRT2WVKhwT2d8uV47JIfoAYTS9Ct4e1IHrvcMfWRcl53Rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 74a3f67ffe639969-FRA

GET
H2 200 application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/ 396 KB
65 KB 111ms
34ms Stylesheet
text/css 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 482f02d9ae01f0f184e9be3f13a3fc9a4f586c612e55a51c1ca4fa42991f037c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:39:56 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 20:59:47 GMT
server: AmazonS3
age: 20808
etag: W/"dea6497f7aca8841463e8dca7abeea3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: jY_5.2N_XNUz_XFMppnO3BL4vrpdzPow
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
content-type: text/css
x-amz-cf-id: ZoXd4owMfsnh9Epm_FRd1i6cIcAnWXD9Upfiev-lA4XDs3GJ4A5qIQ==

GET
H2 200 runtime-bfee99a23f38eb40b28a.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 4 KB
2 KB 142ms
133ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/runtime-bfee99a23f38eb40b28a.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9043c25bfd3544dc69fb3dbc4f4487a00bfc7b2bf0500b05f43bd22ba69549ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: auAiox7j2QJMsqjlS51SNX4Cq0p7EBKO
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 13:47:28 GMT
server: AmazonS3
age: 77984
etag: W/"acd09ac6351a8552edb428bc436b9f8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 06:29:31 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: -Lf3gQbEVFluYazp8aEYXg4ADq86M1fft6Ubm1lm1-iRgGUNCKYJ3w==

GET
H2 200 77-61da4c7bb1b458e9a06b.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 278 KB
89 KB 43ms
42ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/77-61da4c7bb1b458e9a06b.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52a42ce79ea98736ceaba80f0c0641280fae3bccc57595940396d6ebb0fd6006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: GChNeOfd1Dvs_6uIIKMCvvaXD9r9KzKX
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 20:01:28 GMT
server: AmazonS3
age: 71282
etag: W/"e0a134e44de7480126d4790aa16d8002"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 03:31:14 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: vI5fl_E4wVvbZriRiqqoD5pqLySz0irvyL3minX1QBbz96lAYJFwYA==

GET
H2 200 7499-14e475b9043cd8d26fc5.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 541 KB
127 KB 40ms
26ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/7499-14e475b9043cd8d26fc5.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae98f856f111461eba200cdbbba5fd3a2f93479f86471e16bc3201012060ae4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: VGOqdu6ro_RhPILABNjUyL9hgTJh.6md
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 20:58:11 GMT
server: AmazonS3
age: 65217
etag: W/"a3f8a6ce5ec32eb1a6e4f81e1035e4f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 03:31:14 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WoDnnkOznyUL8tZh6mugvZ_dBkcA8FV_-87AujmPH8ICB8a0xTuepA==

GET
H2 200 148-48856937f8234b6fe7f5.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 197 KB
62 KB 68ms
54ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/148-48856937f8234b6fe7f5.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f444d454497d24ef12dbc4e28e4b9529ea76e874bbd492d043e7dbe56cd23f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: YaVibcaCGjwsaIbHFyM4xG3LzcPrRxvQ
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 20:01:28 GMT
server: AmazonS3
age: 67384
etag: W/"fea71d41d6675fc83e856f86bfbf1499"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 06:29:31 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: COYu5I-6MWf8MwmHYYSWX2a5r2lVRCNFr8wcnZh1Dgn_tb-WQJkJEQ==

GET
H2 200 3449-f6fd003d962a6cb76726.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 528 KB
160 KB 78ms
64ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/3449-f6fd003d962a6cb76726.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1173cba3649738201b01fb17a7852f54a85cc5a8412e63a00afdf04c8fb69b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: zrS71UC_VJ2RqUkmPCI1MWmPpptTqzSN
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 20:59:12 GMT
server: AmazonS3
age: 69749
etag: W/"3ff393c7c8a5ae9e13641ee8ad2ddc34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 03:31:14 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: OUWWjIm1Z_Ms24muwqz0FW7V5To8Z5McX3F4VFwKhNazBy7US-tVEg==

GET
H2 200 5628-f5f8146cddc5fdb81f88.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 6 KB
3 KB 98ms
84ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/5628-f5f8146cddc5fdb81f88.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c68770bae9868bde0ac3706db1fabc3dba2e95f72470691666e7f641f6c634c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 23:47:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 14:13:22 GMT
server: AmazonS3
age: 77984
etag: W/"f12ca1fffd8acc481217d811629f6710"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: PjPXro1b1ZuZpXHf8BxP_7cR37axf5Z9
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: UJ71n3fXivivQh_WJYXe9418klKvsRXX4aj_EayizOSz_7RFDO2JXg==

GET
H2 200 3723-f9b7570112d5b2472245.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 8 KB
3 KB 81ms
68ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/3723-f9b7570112d5b2472245.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2b9a4f24e85f3c9c250f38c22ff15c06b0a68fc82cc97149cd4d7bfeb0ded34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 02:43:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 14:13:21 GMT
server: AmazonS3
age: 67384
etag: W/"e5b259d95726104956615ea4f48283da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 4DvNJZfeWc29u.bmL6_f9YGTyBk2Mj7r
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: _W8wj875pcZ7pngp-KS5r22hqV7NA_T8NkvZ1sxaX9GpvCahOLqgrA==

GET
H2 200 2002-cfdd7226174020506fe2.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 358 KB
80 KB 82ms
70ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/2002-cfdd7226174020506fe2.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fd2c268d03fe87c1d199b3ee9036529a3d91c16384642929d325225825907b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: EF1belCC8NwR65YxvXNCWyKk1Z3EuXDB
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 19:30:13 GMT
server: AmazonS3
age: 14189
etag: W/"19c9607fedb007b5cc7179fba0770f18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 18:04:49 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WkMyzL4D8xBvE1GhJG8uZA_LXcu6lqT9NHPLr0n7SAgGrt20uBbv7w==

GET
H2 200 5025-087cb948e6b08ba7a488.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 154 KB
37 KB 88ms
77ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/5025-087cb948e6b08ba7a488.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5eddafa51ca14b73736f2af20be021aa3771ec448b240ceca327fde2c685b361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: pqAsr_b3q5GP9D5Bz_1Lrz0xjgXF_DyD
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:07 GMT
server: AmazonS3
age: 54414
etag: W/"f2bbdfe8f58da11b2c0f610586c7281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 07:09:21 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8Z28n9PDShNk5WRqrVZn4-DZENnGNZ_Fi28uO8CuVLFxeWBjXMIaew==

GET
H2 200 3585-573e2d7ce49e104eb654.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 204 KB
49 KB 98ms
88ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/3585-573e2d7ce49e104eb654.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e3abfffd01da6ea40e940b4b3c686334f1f9ed87bc1cf7d8ef1b11b82cc011c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 04:53:17 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 18:13:07 GMT
server: AmazonS3
age: 59608
etag: W/"d407704f3493c6e2c7a3f80da106b723"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: noJcVVhIFc7E_85PRhUBalPuHQPHQrKa
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: m3AFaRwEmMU8TkXAQ7C_TugZDzDu-LhH3ZQVd9toLPmMJJHXgWpUyQ==

GET
H2 200 4833-e9d8802f39e6d2dbd940.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 85 KB
19 KB 95ms
85ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/4833-e9d8802f39e6d2dbd940.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0756efcde1c4ff6064b93f97c0a0d6cb4fd3fd4add7c47beaa3be0b97f6e3515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: SdhDMC1jzmjLcpIU7cbtulWB3Q7IIGrI
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:39:18 GMT
server: AmazonS3
age: 9730
etag: W/"8f3211343fdad7adc5ad1c081dbcc779"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Tue, 13 Sep 2022 18:54:04 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Xnf8UYolCvVJzgUEJJhy5tgcMzyUh741Wg1cdESEuGZzpAmou5PCHw==

GET
H2 200 bears-cd91ccbad583f959b192.js Show response
d3tw2v68rmxuj7.cloudfront.net/packs/js/ 14 KB
5 KB 101ms
92ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/bears-cd91ccbad583f959b192.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1db3c96f30501d220f49243c6f9150e295d3d50833bb417f4cff7324827fc940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 22:08:08 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 17:50:18 GMT
server: AmazonS3
age: 83917
etag: W/"c4f31dfaffaddcdb80a0fea5f4263a50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 4B9AGuo9kM0hLV5vHuTVeZV1LmbHOqXp
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: ZdVdziKe4XHjk7iy1DNr8bb3jfDWjsopsnI6yJ4UsnZDhBlIMtQEHA==

GET
H2 200 / Show response
js.stripe.com/v3/ 335 KB
82 KB 395ms
23ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bc1cfc2e7f4192da91adfcd2c7abd75e818705409eeb1ed6dee14b42a834616d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Tue, 13 Sep 2022 21:26:39 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 19:41:07 GMT
server: Cloudfront
etag: W/"a6d97c2a91392eea29c658836b33a88e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: AvWKwy3PcffSZkgp-Z8T0dg6uA1oklMXvgiFxen6dxu3IF4zOaJaZA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 94ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 21:26:44 GMT
Content-Encoding: gzip
Age: 208
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (frb/67E0)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1484
date: Tue, 13 Sep 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 13 Sep 2022 23:02:00 GMT

POST
H2 204 csp
chicagobearsvip.com/ 0
635 B 192ms
191ms Other
text/plain 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/csp

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

x-runtime: 0.008233
date: Tue, 13 Sep 2022 21:26:44 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: 2e29c362439ba65658a4c5eb6781f866

GET
H/1.1 200
OK 36949-bears_c_r_rgb-b694ebe399a8168bb6c46346cc458dc6.png
d2xpg1khvwxlf1.cloudfront.net/production/images/original/ 20 KB
20 KB 94ms
34ms Image
image/png 13.32.23.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2xpg1khvwxlf1.cloudfront.net/production/images/original/36949-bears_c_r_rgb-b694ebe399a8168bb6c46346cc458dc6.png
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-46.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 266df641a776f02a44ef0dfbb934811e1bdafb1c7085432301d5f28348efff1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 21:17:39 GMT
Via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
Last-Modified: Tue, 11 May 2021 14:53:53 GMT
Server: AmazonS3
Age: 546
ETag: "b694ebe399a8168bb6c46346cc458dc6"
X-Cache: Hit from cloudfront
x-amz-version-id: D0DbDBKy7J2XDCPj7Gt.3PYu5ZePcCg.
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 20093
X-Amz-Cf-Id: onnsymeQm7zOXDbLaib4CYBnk275llp3vmUZDAejDMKAHx0VAveNRw==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 205ms
153ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17396
x-xss-protection: 0
server: cafe
etag: 16286937264090633215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 21:26:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 81ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3tw2v68rmxuj7.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 21:12:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 21:26:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 21:26:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 89ms
38ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5be844ed22a508d9e9e84f0ebb51a9e42960826b9e2918e9163efb88d33d2629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3tw2v68rmxuj7.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:23:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 21:26:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 21:26:44 GMT

GET
H2 200 bears-logo-5cb23b6a5f36425ecbadf8fd7211868fe05c0ac3a274f196fd9f59de014342eb.svg
d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/ 18 KB
6 KB 432ms
432ms Image
image/svg+xml 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/bears-logo-5cb23b6a5f36425ecbadf8fd7211868fe05c0ac3a274f196fd9f59de014342eb.svg
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cb23b6a5f36425ecbadf8fd7211868fe05c0ac3a274f196fd9f59de014342eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 15:09:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"2158c75530a8135d4c5eb8958d259e44"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: KfUtBwGcInFIoETMdfvUe.QMM_BIqgew
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
content-type: image/svg+xml
x-amz-cf-id: QkIZLyVGu5f4r_HVLNqEXNVaFPG2jGsb__aXMNlE0e1SFSkTrc76bA==

GET
H2 200 nav_icons-bc7d98d50886361ac7109ed632bfdad5530eaba67ea59c394d17b6877120e255.woff
d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/icons/ 3 KB
3 KB 461ms
421ms Font
binary/octet-stream 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/icons/nav_icons-bc7d98d50886361ac7109ed632bfdad5530eaba67ea59c394d17b6877120e255.woff
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc7d98d50886361ac7109ed632bfdad5530eaba67ea59c394d17b6877120e255

Request headers

Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2984
last-modified: Thu, 02 Dec 2021 15:09:40 GMT
server: AmazonS3
etag: "3696a20e0a764c275d2f119cc27734d2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: wPrBKB1ohCuyKNpz6AmDItuqrhorFTIc
access-control-allow-origin: *
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: x8XlR2jCqeMSoUO0YRK0zmG06Juic8FqpJwFxs1wu0cGqlAEPuZmFQ==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 98ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:45:28 GMT
x-content-type-options: nosniff
age: 45676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:45:28 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 525622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:26:22 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 88ms
48ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:15:44 GMT
x-content-type-options: nosniff
age: 522660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 20:15:44 GMT

GET
H2 200 72_DPI_WEB-Chicago-Bears-VIP-02.jpg
assets.quintevents.com/m/3470fc893a921701/ 243 KB
244 KB 307ms
209ms Image
image/jpeg 2600:9000:2057:6200:4:2d:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.quintevents.com/m/3470fc893a921701/72_DPI_WEB-Chicago-Bears-VIP-02.jpg

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6200:4:2d:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7021a534dc40bd6871b19efa206a01a2abcb8e054a279a2b62dc5195fa99e282

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: inline;filename="72_DPI_WEB-_D415626.jpg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: 35a6970f-0bba-26f6-15ca-5632bba2da98
cache-control: public, max-age=172800
accept-ranges: bytes
x-amz-cf-id: iatlGzu5qui5ivYc4L_xr_rmon7Za0IqD9Wczv8qWQ8daxnEiZLquw==

GET
H2 200 Shumi-9b4e8229b9f257db0726f6fea6f2f495ebdb981a5c72a2b93729beb1daaa933d.otf
d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/ 20 KB
20 KB 458ms
446ms Font
binary/octet-stream 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/Shumi-9b4e8229b9f257db0726f6fea6f2f495ebdb981a5c72a2b93729beb1daaa933d.otf
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b4e8229b9f257db0726f6fea6f2f495ebdb981a5c72a2b93729beb1daaa933d

Request headers

Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 20240
last-modified: Thu, 02 Dec 2021 15:09:37 GMT
server: AmazonS3
etag: "3cf90a6ba3c1ef374cb551f797053d09"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Jn4qWcfOYExa0Z3iXxCgVcpo7I84Yw8N
access-control-allow-origin: *
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: whRJPIakl_rAeo-E4d-tG6vcqXltvSV_fhpqQYXnu2OFFMSf8CMNVw==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 80ms
54ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 525622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 85ms
59ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:01:27 GMT
x-content-type-options: nosniff
age: 523517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 20:01:27 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 54ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 45662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:45:42 GMT

GET
H2 200 72_DPI_WEB-Bears-VIP-2022-Soldier-Field-Bear-Down-Flag.jpg
assets.quintevents.com/m/40e09fdd2e87d331/ 3 MB
3 MB 310ms
237ms Image
image/jpeg 2600:9000:2057:6200:4:2d:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.quintevents.com/m/40e09fdd2e87d331/72_DPI_WEB-Bears-VIP-2022-Soldier-Field-Bear-Down-Flag.jpg

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6200:4:2d:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d83d4c85a2b7e09cf72615eabd61e3cee8ce779837e0fecac8dd411477fca459

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: inline;filename="72_DPI_WEB-MicrosoftTeams-image (8).jpg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: e9d9ed05-ff59-d815-9a32-4a1f82fed55a
cache-control: public, max-age=172800
accept-ranges: bytes
x-amz-cf-id: ocAmAZPuzbXanXTX2R98qJbnN0dGLU5zTcMCGAtcN6JIWLhnJnNMSQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005132557/ 2 KB
2 KB 80ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005132557/?random=1663104404872&cv=9&fst=1663104404872&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cf7b9709d87abd3adae6d526a6771308ac022b26db47c2498b776767fac7593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1019
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
48 KB 79ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNH37GX

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/2002-cfdd7226174020506fe2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7c6e58362b0964c71e85263befad6aa3c9194a100794622cb2e0b13bcb3338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48523
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 21:26:45 GMT

GET
H2 200 hotjar-596121.js Show response
static.hotjar.com/c/ 4 KB
2 KB 100ms
56ms Script
application/javascript 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-596121.js?sv=5

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/5025-087cb948e6b08ba7a488.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-86.fra6.r.cloudfront.net

Software

Resource Hash

a68ba83afde53185cc4241053102b62102d298bcaad70a4b0bce6bb62599043d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
etag: W/8d55fc366fbd54422ecb9871726eef21
strict-transport-security: max-age=604800; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: oYfbDOTpSc7KNDkojQMDTrA3ZAssOc64d8mwM587khKP2nYZ1fHuOw==
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/5025-087cb948e6b08ba7a488.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: crxv8BnbXV8FKUGrtEzBykEJIy9TNLXeIuoqPNz3d/wclh9Rk09+C3dHyPk7oqMV/dnJ7aZkkVPP4nt8s9vLXQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 13 Sep 2022 21:26:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
1 KB 86ms
28ms Script
application/javascript 2606:4700:3030::ac43:903b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/5025-087cb948e6b08ba7a488.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
server: cloudflare
age: 2093
etag: W/"5d9d0124-a4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ja4c2VJP5VCm6wky7rYsYBCz3cqoa6WwlJTY%2BPhFeZpOOVj4sYVYeIlvStPyJ%2FSmvH5R5292N%2FCH5I3yCKW%2Fr%2Fj5xRZanA%2BMtOvhB6eA4MdTI3N7qFeOOmG7mYFk9GAW0MtR3asX%2FJhGN2PtKKp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a3f68388a09156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.google.com/pagead/1p-user-list/1005132557/ 42 B
548 B 83ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005132557/?random=1663104404872&cv=9&fst=1663102800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&fmt=3&is_vtc=1&random=2015227992&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/1005132557/ 42 B
548 B 82ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/1005132557/?random=1663104404872&cv=9&fst=1663102800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&fmt=3&is_vtc=1&random=2015227992&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.448392d04fd1e15c100a.js Show response
script.hotjar.com/ 251 KB
65 KB 385ms
149ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596121.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

Resource Hash

f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 556118
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65486
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "dda0289b22368ab84a40f8dab68ddb9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: I_PG-GyQ37wD_MOxZIuljWfrPv1Kbf--yDWpOZaTUpriGGeRIo7MFA==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 123ms
122ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNH37GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 21:26:45 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 16EB 2 KB
1 KB 398ms
143ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596121.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-26.fra53.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://chicagobearsvip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 562178
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id: RX-SVc1oh48pGqGh75IIXEXfkNW0S7SCluX5tbmgWTSinrWSO2ZEAg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 204 csp
chicagobearsvip.com/ 0
623 B 127ms
126ms Other
text/plain 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/csp

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

x-runtime: 0.016054
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: f01d5b7fcd00bb1d4fd4be0d63dd07f6

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/332384444/ 2 KB
1 KB 33ms
33ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/332384444/?random=1663104405216&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&auid=1890330938.1663104405&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a27f52be0c559f2f0beb08c24181dab53c494171270b412f6dba77b47917a9f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame 27AE 320 KB
104 KB 21ms
21ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fchicagobearsvip.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://chicagobearsvip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1125806
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Sep 2022 21:26:45 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 m-outer-3948bfea1f3670985d1d546bf1f84a08.html Show response
js.stripe.com/v3/ Frame 6150 186 B
1 KB 20ms
20ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3948bfea1f3670985d1d546bf1f84a08.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

44c3d6d14ba1735a3d56d874a4044f65e4cf833b73b82dbdfe9a0f7ab3a7d861

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicagobearsvip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 262
cache-control: max-age=31536000
content-length: 186
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 21:22:24 GMT
etag: "3948bfea1f3670985d1d546bf1f84a08"
last-modified: Tue, 13 Sep 2022 19:20:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-id: j29lkkwPUgorT7d6ttOK94pNQOoLvyuAWYDPwK2lklXWe0zUUB_RRg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 204 csp
chicagobearsvip.com/ 0
635 B 114ms
114ms Other
text/plain 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/csp

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

x-runtime: 0.005103
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: 8b1b37371cdd6cd9145a9cc74e1ea743

GET
H3

200

/
www.google.se/pagead/1p-conversion/332384444/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.se/pagead/1p-conversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

82ms
38ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-conversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&auid=1890330938.1663104405&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuYjVkOUZJd0ZOT0lGNUJwODcxX1pxT1AzSTh4bWRLSlZiM21hRjZTM3Z5bThJGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5UYTl6eFluSFBZcGtHQW1wckJla3liXzJLRVJLQVp0MFEwSW90SkFtMThjR1lHd0dTcmdJU2kx&is_vtc=1&ocp_id=lfUgY8OeDoPC1wab9ZrQBg&cid=CAQSKQCsnQUxGSplVKhahrDxOM-dX4YhSqZdV1hV2z6Wl-wD6MYAi3gyOj7E&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UtrC6O_t1Fgex-9LiPY1aXrb7JO_9M704&random=868548253&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-conversion/332384444/?random=936995348&cv=9&fst=1663104405216&num=1&value=0&label=EpYCCMj1yO8CELyRv54B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchicagobearsvip.com%2F&tiba=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&auid=1890330938.1663104405&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5TQW1RWVFxSVg2cGJlenZyX1ZBUkltQUp5a1NuYjVkOUZJd0ZOT0lGNUJwODcxX1pxT1AzSTh4bWRLSlZiM21hRjZTM3Z5bThJGlhDaEFJOE5TQW1RWVF4ZG05X1pMMzBzVnBFaTRBaWhFQm5UYTl6eFluSFBZcGtHQW1wckJla3liXzJLRVJLQVp0MFEwSW90SkFtMThjR1lHd0dTcmdJU2kx&is_vtc=1&ocp_id=lfUgY8OeDoPC1wab9ZrQBg&cid=CAQSKQCsnQUxGSplVKhahrDxOM-dX4YhSqZdV1hV2z6Wl-wD6MYAi3gyOj7E&eitems=ChEI8NSAmQYQzcWB8MqS-oaUARIdAE6RJ0UtrC6O_t1Fgex-9LiPY1aXrb7JO_9M704&random=868548253&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 6150 0
571 B 572ms
189ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6150 0
570 B 574ms
190ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-3ea497b6a3111f01256de2fa71364046.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6150 526 B
1020 B 20ms
20ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-3ea497b6a3111f01256de2fa71364046.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3948bfea1f3670985d1d546bf1f84a08.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3948bfea1f3670985d1d546bf1f84a08.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Tue, 13 Sep 2022 21:26:28 GMT
content-length: 526
last-modified: Tue, 13 Sep 2022 19:20:49 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: CYXP8n8t7J9M-77s8OAN2Y54IseJthf-3Dzb301SfsA4yJidwNbCMg==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 27AE 724 B
597 B 175ms
127ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8eb1648bde6aae7774b69f324922ad8562b020c3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fchicagobearsvip.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

658963e97a4f53a58ec63b900758063245a5507f026a070f8096bda6128ee703

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 21:26:45 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7d847f8a1e1f8221bcfe6bb7f7bc89e5b8ddb5154836ae43caf5134d2ebdaf74
content-length: 315

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0A00 930 B
1 KB 190ms
21ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-3ea497b6a3111f01256de2fa71364046.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 268
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 21:26:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 239
x-content-type-options: nosniff
x-request-id: e0fb3cca-c10c-4be1-a555-420de6c9ef00
x-served-by: cache-hhn4082-HHN
x-timer: S1663104405.495079,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 0A00 0
344 B 349ms
191ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0A00 86 KB
16 KB 22ms
21ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-cache: HIT
content-length: 16031
x-request-id: 8014a10c-637d-442b-94e1-d6574543d4e7
x-served-by: cache-hhn4082-HHN
server: Fastly
x-timer: S1663104406.528634,VS0,VE0
date: Tue, 13 Sep 2022 21:26:45 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 18

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/596121/ 148 B
322 B 132ms
46ms XHR
application/json 34.246.90.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/596121/visit-data?sv=5
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.90.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-90-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 6 Show response
m.stripe.com/ Frame 0A00 156 B
522 B 632ms
190ms XHR
application/json 54.187.48.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.48.204 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-48-204.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4b576a4c4e141cda4b99676beaa036c1b823854d0b4cc0384d212d193aea33d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 72ms
29ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=698570159&t=pageview&_s=1&dl=https%3A%2F%2Fchicagobearsvip.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAC~&jid=502775044&gjid=1206721639&cid=1827862169.1663104405&tid=UA-196443805-1&_gid=4982534.1663104405&_r=1&_slc=1&cd1=1827862169.1663104405&z=2044428112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicagobearsvip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 70ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=698570159&t=pageview&_s=1&dl=https%3A%2F%2Fchicagobearsvip.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAC~&jid=740146909&gjid=969093846&cid=1827862169.1663104405&tid=UA-96277800-1&_gid=4982534.1663104405&_r=1&_slc=1&cd1=1827862169.1663104405&z=691805348

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicagobearsvip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont-ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07.woff
d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/font-awesome/fonts/ 96 KB
96 KB 422ms
422ms Font
binary/octet-stream 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/font-awesome/fonts/fontawesome-webfont-ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07.woff?v=4.7.0
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: DDan8XTy1o4vSo_sukYLgkxMs8N4tJ4h
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
etag: "fee66e712a8a08eef5805a46892932ad"
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 98024
last-modified: Thu, 02 Dec 2021 15:09:40 GMT
server: AmazonS3
date: Tue, 13 Sep 2022 21:26:47 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 7FkznDaEbC8wrzaepM_uB_miadDbSGin_117r4Zh7Zq1f5vLCM7iSg==

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?27DSZRQXoBYdgTOv4KMWktls91EbAA2e
https://static.zdassets.com/ekr/asset_composer.js

23 KB
7 KB

95ms
36ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: KCM77DDQVGEDQ38T
x-amz-id-2: XftthlYlyLzycWuL0vAgrfZ3A0o6DKWAJ/d4P6ydSt49qAWVT8QsJEKarr/XA7hqtwOFCUZ8DOY=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFvEiv5RUeAdeZE7%2BHAxYs1Os7c7%2BHgpeqeBHoWzgF9DVoFVFm7DVUlk6l3riu1F4qwzGmHKf1PMxikKwdL%2B9W%2BJfgMU5dl3ihwF6c7CcGLgoWeTaWJd1aTEvNX49%2FhfRAiurAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
cf-ray: 74a3f68889996933-FRA

Redirect headers

location: https://static.zdassets.com/ekr/asset_composer.js
date: Tue, 13 Sep 2022 21:26:45 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 74a3f687df91bbda-FRA
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 dropdown.json Show response
chicagobearsvip.com/api/info_requests/ 1 KB
2 KB 126ms
126ms Fetch
application/json 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/api/info_requests/dropdown.json?locale=en

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/5025-087cb948e6b08ba7a488.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

ad149de84c77715c6c737f46bb232e367db8b618d8b662147d4b336d8c4e2066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-runtime: 0.016251
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
etag: W/"ad149de84c77715c6c737f46bb232e36"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: 7d04cfd9cb2f2f3a32319aa3c35670fa

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 169 KB
56 KB 96ms
45ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBfYwODaEYLElMzH09T2pIzJKMo95l8P1E&callback=initMap&libraries=places

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/3585-573e2d7ce49e104eb654.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e9702d1aa940cc52bf51d90215f3495adbd0b87aa3217974e6c14939ac73848a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=15
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56597
x-xss-protection: 0
expires: Tue, 13 Sep 2022 21:56:45 GMT

GET
H2 200 currencies.json Show response
chicagobearsvip.com/api/ 70 B
834 B 152ms
152ms Fetch
application/json 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/api/currencies.json

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/2002-cfdd7226174020506fe2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

b6fdf7c15d80fd903d046d153fb3254e7161c088a550a2312c8b876666d3546a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
X-CSRF-TOKEN: ZiiZFKKqQiQwayDPTTPNknNRDqMKIwmZbq4YWDbdTROb1SB1xGWXMvDiijcw83ayUaLlqkzEpapAfXQMTL_prA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.040954
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
etag: W/"b6fdf7c15d80fd903d046d153fb3254e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: 92ec666d2176fc42717940e54d205ecf

GET
H2 200 currencies.json Show response
chicagobearsvip.com/api/ 70 B
825 B 226ms
226ms Fetch
application/json 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/api/currencies.json

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/2002-cfdd7226174020506fe2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

b6fdf7c15d80fd903d046d153fb3254e7161c088a550a2312c8b876666d3546a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
X-CSRF-TOKEN: ZiiZFKKqQiQwayDPTTPNknNRDqMKIwmZbq4YWDbdTROb1SB1xGWXMvDiijcw83ayUaLlqkzEpapAfXQMTL_prA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.077017
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
etag: W/"b6fdf7c15d80fd903d046d153fb3254e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: 8cd75eb1cbb71dd9e13c90eb74fd3f90

GET
H2 200 cart.json Show response
chicagobearsvip.com/en/ 2 KB
4 KB 174ms
173ms Fetch
application/json 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/en/cart.json

Requested by

Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/packs/js/2002-cfdd7226174020506fe2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

01ed72d530c26ee34a2385d01a4d411255031e5775017e1c52b00ceb235d08b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
X-CSRF-TOKEN: ZiiZFKKqQiQwayDPTTPNknNRDqMKIwmZbq4YWDbdTROb1SB1xGWXMvDiijcw83ayUaLlqkzEpapAfXQMTL_prA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.062947
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
etag: W/"01ed72d530c26ee34a2385d01a4d4112"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy-report-only: default-src 'none'; connect-src 'self' https: wss://*.zopim.com; font-src data: https:; frame-src https://js.stripe.com https://m.stripe.network https://www.google.com https://www.youtube.com https://googleads.g.doubleclick.net https://bid.g.doubleclick.net; img-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https://d3tw2v68rmxuj7.cloudfront.net https://fonts.googleapis.com; report-uri /csp
x-xss-protection: 0
x-request-id: 093cc36e92be8d63e701c6d87c27b817

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=698570159&t=timing&_s=2&dl=https%3A%2F%2Fchicagobearsvip.com%2F&ul=en-us&de=UTF-8&dt=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load&_u=aGDAAEABAAAAAC~&jid=&gjid=&cid=1827862169.1663104405&tid=UA-196443805-1&_gid=4982534.1663104405&z=1740164004

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 19:18:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7693
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 19:18:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7693
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.se/pagead/1p-user-list/1005132557/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005132557/?guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1005132557/?guid=ON&script=0&is_vtc=1&random=4171020078
https://www.google.se/pagead/1p-user-list/1005132557/?guid=ON&script=0&is_vtc=1&random=4171020078&ipr=y

42 B
64 B

34ms
33ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/1005132557/?guid=ON&script=0&is_vtc=1&random=4171020078&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-user-list/1005132557/?guid=ON&script=0&is_vtc=1&random=4171020078&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 332ms
105ms Script
application/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 21:26:46 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Tue, 13 Sep 2022 05:18:48 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Thu, 12 Sep 2024 21:26:46 GMT

POST
H2 204 csp
chicagobearsvip.com/ 0
627 B 114ms
114ms Other
text/plain 18.215.71.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagobearsvip.com/csp

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.215.71.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-71-91.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

x-runtime: 0.005039
date: Tue, 13 Sep 2022 21:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 0
x-request-id: f6bd374d6e5ed471cf8a58022db2c0a5

POST
H2 200 content Show response
ws2.hotjar.com/api/v2/sites/596121/recordings/ 66 B
258 B 233ms
48ms XHR
application/json 52.30.207.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws2.hotjar.com/api/v2/sites/596121/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.207.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-207-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d211ce1c1b8c086d9d5b1eaa81356ed124e69701f6d0cb0f459098a95d36ecb4

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-196443805-1&cid=1827862169.1663104405&jid=502775044&gjid=1206721639&_gid=4982534.1663104405&_u=aGDAAEAAAAAAAC~&z=1010799564

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Sep 2022 21:26:45 GMT
content-type: text/plain
access-control-allow-origin: https://chicagobearsvip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 85ms
29ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-96277800-1&cid=1827862169.1663104405&jid=740146909&gjid=969093846&_gid=4982534.1663104405&_u=aGDAAEABAAAAAC~&z=460083997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicagobearsvip.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Sep 2022 21:26:45 GMT
content-type: text/plain
access-control-allow-origin: https://chicagobearsvip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-196443805-1&cid=1827862169.1663104405&jid=502775044&_u=aGDAAEAAAAAAAC~&z=2126528521

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.se/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-196443805-1&cid=1827862169.1663104405&jid=502775044&_u=aGDAAEAAAAAAAC~&z=2126528521

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 21:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 72ms
32ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfYwODaEYLElMzH09T2pIzJKMo95l8P1E&callback=initMap&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://chicagobearsvip.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 27DSZRQXoBYdgTOv4KMWktls91EbAA2e Show response
ekr.zdassets.com/compose/zopim_chat/ 193 B
1003 B 259ms
209ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/27DSZRQXoBYdgTOv4KMWktls91EbAA2e

Requested by

Host: v2.zopim.com
URL: https://v2.zopim.com/?27DSZRQXoBYdgTOv4KMWktls91EbAA2e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00bcc3debaf7cca3d4dcf4c1f9a4f2caf899f5e0ea91629181a26b894dd1289b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 74a3f6893c1b68fd-FRA
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: a58988f4e1bb0b25b3f6875708854a0d, a58988f4e1bb0b25b3f6875708854a0d
x-runtime: 0.003937
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"00bcc3debaf7cca3d4dcf4c1f9a4f2ca"
x-zendesk-zorg: yes
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPI2xBbRShMZF44Id5Rpyo2jtSV27UP875GfRsRqvnN9oYCFGfNb%2FMVJYqpJF06Uezq%2BMrOzvMDtM%2FrCmOZ4HjGBs%2FxXG2ielY%2BncuTAwnrKMrMiyuy6g9Q7HGfY8MKFKqk%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 541ms
541ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=163031&account_id=825903&title=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&url=https%3A%2F%2Fchicagobearsvip.com%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

b132c6b62a715f2b8615081e7f58bacd3d47af18d1b5b35df877ad1730878d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 13 Sep 2022 21:26:46 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Connection: keep-alive
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Content-Length: 538
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 403 fontawesome-webfont.woff2
d3tw2v68rmxuj7.cloudfront.net/fonts/ 0
0 413ms
413ms Font
application/xml 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:45 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Error from cloudfront
x-amz-cf-id: iIbB26w7z0PHtl3jG-G7erElL2ORhdzvK-FQ0gVGSwcvqqvBeCjIuw==

GET
H2

200

widget_v2.334.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?27DSZRQXoBYdgTOv4KMWktls91EbAA2e
https://v2.zopim.com/bin/v/widget_v2.334.js

1 MB
244 KB

29ms
29ms

Script
application/javascript

104.16.106.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.334.js
Protocol: H2
Server: 104.16.106.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fd53c6a8ac1f66c4166ec099766a4cff3eb93f3ab1a4d51e60cbdcc1a86ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Jul 2022 03:35:19 GMT
server: cloudflare
age: 50171
etag: W/"62e0b277-10301f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000
cf-ray: 74a3f68abc27bbda-FRA
expires: Fri, 10 Sep 2032 21:26:46 GMT

Redirect headers

date: Tue, 13 Sep 2022 21:26:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "62e9bace-0"
content-type: application/octet-stream
location: https://v2.zopim.com/bin/v/widget_v2.334.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 74a3f68a8be3bbda-FRA
content-length: 0
expires: Wed, 14 Sep 2022 01:26:46 GMT

GET
H2 200 avatar_simple_visitor.png
v2.zopim.com/widget/images/ Frame DBF0 638 B
834 B 29ms
28ms Image
image/png 104.16.106.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Requested by: Host: chicagobearsvip.com
URL: https://chicagobearsvip.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.106.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 50166
etag: "58b8006b-782"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
cf-polished: origSize=1922
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
accept-ranges: bytes
cf-ray: 74a3f68d4811bbda-FRA
content-length: 638
expires: Tue, 20 Sep 2022 21:26:46 GMT

GET
DATA 200
OK truncated
/ Frame 55F9 13 KB
13 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Referer
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 403 fontawesome-webfont.woff
d3tw2v68rmxuj7.cloudfront.net/fonts/ 0
0 418ms
417ms Font
application/xml 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:46 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Error from cloudfront
x-amz-cf-id: Oh8QxM8n1vOKNgOwWQim7V3XJ6jVki38ZAYavNbdm2b_OM-CTtJnZQ==

GET
H/1.1 200
OK analytics Show response
go.quintevents.com/ 50 B
1 KB 482ms
231ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.quintevents.com/analytics?conly=true&visitor_id=303502939&visitor_id_sign=67f24be694d03dd96938a112a0bacc9730f31f7ef5d2b4dfe902035d898847b38a81faa2e74d4892434de87fe7aa08867c98d62a&pi_opt_in=&campaign_id=163031&account_id=825903&title=Chicago%20Bears%20VIP%20Fan%20Packages%20|%20Chicago%20Bears%20VIP&url=https://chicagobearsvip.com/&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=163031&account_id=825903&title=Chicago%20Bears%20VIP%20Fan%20Packages%20%7C%20Chicago%20Bears%20VIP&url=https%3A%2F%2Fchicagobearsvip.com%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 13 Sep 2022 21:26:47 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 403 fontawesome-webfont.ttf
d3tw2v68rmxuj7.cloudfront.net/fonts/ 0
0 413ms
405ms Font
application/xml 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tw2v68rmxuj7.cloudfront.net/fonts/fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: d3tw2v68rmxuj7.cloudfront.net
URL: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://d3tw2v68rmxuj7.cloudfront.net/qng/v1-1/bears/application-1ef16ad40cebeb729477a1cdf07fef62175c3007e66eb160c67440acf6e5c957.css
Origin: https://chicagobearsvip.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 21:26:47 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Error from cloudfront
x-amz-cf-id: 085etsBhAeD7mbXXEE9C0rQgG2iQwLYqtbeNMvpM4I0GOVPR_MXOvw==

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/ 246 KB
68 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfYwODaEYLElMzH09T2pIzJKMo95l8P1E&callback=initMap&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7ef14413178cad8bc813c70ec67fb03ca397d872912a14cef7982d1f0e53f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69253
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 21:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 18:17:06 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/ 158 KB
58 KB 65ms
25ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfYwODaEYLElMzH09T2pIzJKMo95l8P1E&callback=initMap&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22df11c17fe7fd004d8c7ee1299f535098297f521c01b901fc2f69f2885f794f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicagobearsvip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59595
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 21:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 18:17:06 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
chicagobearsvip.com/	1970-01-20 05:58:28	Name: ahoy_visitor Value: 4a4d2b42-db36-4738-ab68-3ecb183db103
chicagobearsvip.com/	1970-01-20 05:58:31	Name: ahoy_visit Value: 8bceb7d3-701e-41f8-9a07-61d67c6b691f
.chicagobearsvip.com/	1970-01-20 08:08:00	Name: _gcl_au Value: 1.1.1890330938.1663104405
.chicagobearsvip.com/	1970-01-20 15:34:24	Name: _ga Value: GA1.2.1827862169.1663104405
.chicagobearsvip.com/	1970-01-20 05:59:50	Name: _gid Value: GA1.2.4982534.1663104405
.doubleclick.net/	1970-01-20 15:20:00	Name: IDE Value: AHWqTUkvA-1W_xnVrf2LiYXvkyNIFJpFnUxklx7iwjumwzi5gsaTEO0aCtBY0hVE
.chicagobearsvip.com/	1970-01-20 14:44:00	Name: _hjSessionUser_596121 Value: eyJpZCI6IjY1ZGI0NzI2LTlmZmUtNWU3MC1iNjBkLTA2ZjZkNDkyNzE4NSIsImNyZWF0ZWQiOjE2NjMxMDQ0MDU0OTcsImV4aXN0aW5nIjpmYWxzZX0=
.chicagobearsvip.com/	1970-01-20 05:58:26	Name: _hjFirstSeen Value: 1
chicagobearsvip.com/	1970-01-20 05:58:24	Name: _hjIncludedInSessionSample Value: 1
.chicagobearsvip.com/	1970-01-20 05:58:26	Name: _hjSession_596121 Value: eyJpZCI6ImRhYWFmNzgwLWFmMjItNDFhZC1hZGE1LTRhOTgzOWRiMGU5NCIsImNyZWF0ZWQiOjE2NjMxMDQ0MDU1MjEsImluU2FtcGxlIjp0cnVlfQ==
chicagobearsvip.com/	1970-01-20 05:58:24	Name: _hjIncludedInPageviewSample Value: 1
.chicagobearsvip.com/	1970-01-20 05:58:26	Name: _hjAbsoluteSessionInProgress Value: 0
.chicagobearsvip.com/	1970-01-20 05:58:24	Name: _gat Value: 1
.chicagobearsvip.com/	1970-01-20 05:58:24	Name: _gat_clientTracker Value: 1
chicagobearsvip.com/	1969-12-31 23:59:59	Name: _qng_session Value: 4pNhldtvF58SDD6PcrQ6GCsXsv74y5NHnrswnwSMs%2FWBAXRkf3%2BGZNIxVLDzaIqLgPL4mTV076a%2BfHzrHsf0SfYokUCkl%2BWrOlSyObmfDu4sUmms%2F44ykYfNEylFwpzd0TBzo3NUNkY6bsa2UzWfWUdbRMc9B4TL6LvTxhKEf8Cds9NOgyX8lVOkrfn%2BKPpecoZJBrpt8hXfMig8lj3ObKdIHfgM5eeXZ6B15A%3D%3D--HuQOGBsQ9GepICZ7--bJimmo0BgqStwspc8pq16w%3D%3D
m.stripe.com/	1970-01-20 15:34:24	Name: m Value: 6cfa87a2-2801-405e-a32e-bf45eaf7af9b16f264
.chicagobearsvip.com/	1970-01-20 14:44:00	Name: __stripe_mid Value: af5f9adb-ae45-4f51-9e04-b01a5931e41535adbf
.chicagobearsvip.com/	1970-01-20 05:58:26	Name: __stripe_sid Value: c210814d-a221-4f54-a0be-b758ed5f9c81408abd
widget-mediator.zopim.com/	1970-01-20 06:08:29	Name: AWSALBCORS Value: F15XH6lg2UyTeW8sMt03yOzsyCkeBb203Bo9KKmIEJbZCBLoirGjgKI90Gv7giNOpadhfw7A+/nLDUqruhe9c+3Bh1MgYuZaOQzu1ZjOwiDOvif/TO/V1jxSjZwz
.chicagobearsvip.com/	1970-01-20 14:44:00	Name: __zlcmid Value: 1BwlDzI4FAMjTmv
.pardot.com/	1970-01-20 15:34:24	Name: visitor_id824903 Value: 303502939
.pardot.com/	1970-01-20 15:34:24	Name: visitor_id824903-hash Value: 67f24be694d03dd96938a112a0bacc9730f31f7ef5d2b4dfe902035d898847b38a81faa2e74d4892434de87fe7aa08867c98d62a
pi.pardot.com/	1970-01-20 05:58:26	Name: lpv824903 Value: aHR0cHM6Ly9jaGljYWdvYmVhcnN2aXAuY29tLw%3D%3D
chicagobearsvip.com/	1970-01-20 15:34:24	Name: visitor_id824903 Value: 303502939
chicagobearsvip.com/	1970-01-20 15:34:24	Name: visitor_id824903-hash Value: 67f24be694d03dd96938a112a0bacc9730f31f7ef5d2b4dfe902035d898847b38a81faa2e74d4892434de87fe7aa08867c98d62a
go.quintevents.com/	1970-01-20 15:34:24	Name: visitor_id824903 Value: 303502939
go.quintevents.com/	1970-01-20 15:34:24	Name: visitor_id824903-hash Value: 67f24be694d03dd96938a112a0bacc9730f31f7ef5d2b4dfe902035d898847b38a81faa2e74d4892434de87fe7aa08867c98d62a

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://chicagobearsvip.com/ Message: [Report Only] Refused to load the stylesheet 'https://unpkg.com/ionicons@4.5.5/dist/css/ionicons.min.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' https://d3tw2v68rmxuj7.cloudfront.net https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://chicagobearsvip.com/(Line 11) Message: [Report Only] Refused to load the stylesheet 'https://unpkg.com/ionicons@4.5.5/dist/css/ionicons.min.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' https://d3tw2v68rmxuj7.cloudfront.net https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://static.hotjar.com/ Message: [Report Only] Refused to frame 'https://vars.hotjar.com/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://m.stripe.network https://www.google.com https://www.youtube.com https://googleads.g.doubleclick.net https://bid.g.doubleclick.net".
security	error	URL: https://platform.twitter.com/ Message: [Report Only] Refused to frame 'https://platform.twitter.com/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://m.stripe.network https://www.google.com https://www.youtube.com https://googleads.g.doubleclick.net https://bid.g.doubleclick.net".
security	error	URL: https://platform.twitter.com/ Message: [Report Only] Refused to frame 'https://platform.twitter.com/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://m.stripe.network https://www.google.com https://www.youtube.com https://googleads.g.doubleclick.net https://bid.g.doubleclick.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	URL: https://static.hotjar.com/ Message: [Report Only] Refused to frame 'https://vars.hotjar.com/' because it violates the following Content Security Policy directive: "frame-src https://js.stripe.com https://m.stripe.network https://www.google.com https://www.youtube.com https://googleads.g.doubleclick.net https://bid.g.doubleclick.net".
security	error	URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js(Line 1) Message: [Report Only] Refused to connect to 'wss://ws2.hotjar.com/api/v2/client/ws' because it violates the following Content Security Policy directive: "connect-src 'self' https: wss://*.zopim.com".
network	error	URL: https://d3tw2v68rmxuj7.cloudfront.net/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3tw2v68rmxuj7.cloudfront.net/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3tw2v68rmxuj7.cloudfront.net/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.quintevents.com
cdn.jsdelivr.net
chicagobearsvip.com
connect.facebook.net
d2xpg1khvwxlf1.cloudfront.net
d3tw2v68rmxuj7.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
go.quintevents.com
googleads.g.doubleclick.net
in.hotjar.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
pi.pardot.com
platform.twitter.com
q.stripe.com
script.hotjar.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
v2.zopim.com
vars.hotjar.com
weatherwidget.io
ws2.hotjar.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googletagmanager.com
104.16.106.139
104.18.70.113
104.18.72.113
104.244.42.8
13.32.23.46
142.250.184.226
143.204.214.63
143.204.215.26
151.101.192.176
18.208.125.13
18.215.71.91
2600:9000:2057:6200:4:2d:76c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3030::ac43:903b
2606:4700::6810:5714
2606:4700::6810:7caf
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
3.92.120.28
34.246.90.31
52.30.207.7
54.187.119.242
54.187.48.204
99.86.4.86
99.86.4.9
99.86.4.91
00bcc3debaf7cca3d4dcf4c1f9a4f2caf899f5e0ea91629181a26b894dd1289b
01ed72d530c26ee34a2385d01a4d411255031e5775017e1c52b00ceb235d08b1
057bb1905a283c2d6f0a097301ee734776f51ddcf903bffe422cbdbc02d98c23
0756efcde1c4ff6064b93f97c0a0d6cb4fd3fd4add7c47beaa3be0b97f6e3515
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0fd2c268d03fe87c1d199b3ee9036529a3d91c16384642929d325225825907b0
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
1db3c96f30501d220f49243c6f9150e295d3d50833bb417f4cff7324827fc940
22df11c17fe7fd004d8c7ee1299f535098297f521c01b901fc2f69f2885f794f
266df641a776f02a44ef0dfbb934811e1bdafb1c7085432301d5f28348efff1c
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
404877e004c967f6750cfa9c19e3c448e72670f42ad33dab14bfe74dee6d788f
44c3d6d14ba1735a3d56d874a4044f65e4cf833b73b82dbdfe9a0f7ab3a7d861
482f02d9ae01f0f184e9be3f13a3fc9a4f586c612e55a51c1ca4fa42991f037c
4b576a4c4e141cda4b99676beaa036c1b823854d0b4cc0384d212d193aea33d3
52a42ce79ea98736ceaba80f0c0641280fae3bccc57595940396d6ebb0fd6006
54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1
570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5be844ed22a508d9e9e84f0ebb51a9e42960826b9e2918e9163efb88d33d2629
5cb23b6a5f36425ecbadf8fd7211868fe05c0ac3a274f196fd9f59de014342eb
5eddafa51ca14b73736f2af20be021aa3771ec448b240ceca327fde2c685b361
658963e97a4f53a58ec63b900758063245a5507f026a070f8096bda6128ee703
6a7ef14413178cad8bc813c70ec67fb03ca397d872912a14cef7982d1f0e53f4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3abfffd01da6ea40e940b4b3c686334f1f9ed87bc1cf7d8ef1b11b82cc011c
7021a534dc40bd6871b19efa206a01a2abcb8e054a279a2b62dc5195fa99e282
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fd53c6a8ac1f66c4166ec099766a4cff3eb93f3ab1a4d51e60cbdcc1a86ff4
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8cf7b9709d87abd3adae6d526a6771308ac022b26db47c2498b776767fac7593
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
9043c25bfd3544dc69fb3dbc4f4487a00bfc7b2bf0500b05f43bd22ba69549ff
9b4e8229b9f257db0726f6fea6f2f495ebdb981a5c72a2b93729beb1daaa933d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27f52be0c559f2f0beb08c24181dab53c494171270b412f6dba77b47917a9f4
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a68ba83afde53185cc4241053102b62102d298bcaad70a4b0bce6bb62599043d
a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347
ad149de84c77715c6c737f46bb232e367db8b618d8b662147d4b336d8c4e2066
ae98f856f111461eba200cdbbba5fd3a2f93479f86471e16bc3201012060ae4f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b132c6b62a715f2b8615081e7f58bacd3d47af18d1b5b35df877ad1730878d18
b2b9a4f24e85f3c9c250f38c22ff15c06b0a68fc82cc97149cd4d7bfeb0ded34
b6fdf7c15d80fd903d046d153fb3254e7161c088a550a2312c8b876666d3546a
b7c6e58362b0964c71e85263befad6aa3c9194a100794622cb2e0b13bcb3338d
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc1cfc2e7f4192da91adfcd2c7abd75e818705409eeb1ed6dee14b42a834616d
bc7d98d50886361ac7109ed632bfdad5530eaba67ea59c394d17b6877120e255
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c68770bae9868bde0ac3706db1fabc3dba2e95f72470691666e7f641f6c634c9
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d211ce1c1b8c086d9d5b1eaa81356ed124e69701f6d0cb0f459098a95d36ecb4
d83d4c85a2b7e09cf72615eabd61e3cee8ce779837e0fecac8dd411477fca459
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
e9702d1aa940cc52bf51d90215f3495adbd0b87aa3217974e6c14939ac73848a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1173cba3649738201b01fb17a7852f54a85cc5a8412e63a00afdf04c8fb69b8
f444d454497d24ef12dbc4e28e4b9529ea76e874bbd492d043e7dbe56cd23f43
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

chicagobearsvip.com Open in urlscan Pro 18.215.71.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

96 %HTTPS

44 %IPv6

22 Domains

34 Subdomains

35 IPs

5 Countries

5114 kBTransfer

9486 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chicagobearsvip.com Open in urlscan Pro
18.215.71.91 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

34
Subdomains

35
IPs

5
Countries

5114 kB
Transfer

9486 kB
Size

27
Cookies

91 HTTP transactions
1 data transactions