paychicagotickets.com Open in urlscan Pro
206.189.50.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paychicagotickets.com/
Effective URL:
https://paychicagotickets.com/
Submission Tags: falconsandbox
Submission: On January 17 via api (January 17th 2022, 11:09:36 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 12 domains to perform 53 HTTP transactions. The main IP is 206.189.50.60, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is paychicagotickets.com.
TLS certificate: Issued by R3 on January 7th 2022. Valid for: 3 months.

This is the only time paychicagotickets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	206.189.50.60 206.189.50.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	18.66.112.53 18.66.112.53	16509 (AMAZON-02) (AMAZON-02)
2	34.201.80.84 34.201.80.84	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	13.32.121.100 13.32.121.100	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.127 13.32.121.127	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	52.17.53.90 52.17.53.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
53	19

22 206.189.50.60 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

paychicagotickets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.201.80.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-80-84.compute-1.amazonaws.com

api.paychicagotickets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-127.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.53.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-53-90.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	paychicagotickets.com 1 redirects paychicagotickets.com api.paychicagotickets.com	696 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	485 KB
5	google.com www.google.com — Cisco Umbrella Rank: 13	23 KB
4	clarity.ms 1 redirects e.clarity.ms — Cisco Umbrella Rank: 2242 c.clarity.ms — Cisco Umbrella Rank: 917	23 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 385 c.bing.com — Cisco Umbrella Rank: 273	12 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 644 script.hotjar.com — Cisco Umbrella Rank: 919 vars.hotjar.com — Cisco Umbrella Rank: 1012 in.hotjar.com — Cisco Umbrella Rank: 1810	65 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	445 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	30 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
53	12

	Domain	Requested by
22	paychicagotickets.com	1 redirects paychicagotickets.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	www.google.com	paychicagotickets.com www.google.com www.gstatic.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com paychicagotickets.com
3	www.google-analytics.com	paychicagotickets.com www.google-analytics.com
2	c.clarity.ms	1 redirects paychicagotickets.com
2	e.clarity.ms	bat.bing.com e.clarity.ms
2	api.paychicagotickets.com	paychicagotickets.com
1	fonts.gstatic.com	www.google.com
1	c.bing.com	1 redirects
1	www.google.de	paychicagotickets.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.googletagmanager.com	paychicagotickets.com
1	static.hotjar.com	paychicagotickets.com
1	code.jquery.com	paychicagotickets.com
1	www.googleadservices.com	paychicagotickets.com
53	19

This site contains links to these domains. Also see Links.

Domain
www.appwinit.com
www.nytimes.com
abc7ny.com
nypost.com
www.bloomberg.com
pix11.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.paychicagotickets.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
api.paychicagotickets.com R3	`2021-12-29` - `2022-03-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://paychicagotickets.com/
Frame ID: 03242F275D8AF8A03D0D0623F7586847
Requests: 44 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 25FC9F3C68B15C190542370B088D4CDE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=taca9ex9xoai
Frame ID: A758210E2C3CC36C18DBD81DB47029C7
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U
Frame ID: 62989D36F6B3F3022B3E2E981CF9568E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay Chicago Tickets - The Secure and Easy Way to Pay Chicago Fines

Page URL History Show full URLs

http://paychicagotickets.com/ HTTP 301
https://paychicagotickets.com/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

53
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

19
Subdomains

19
IPs

5
Countries

1412 kB
Transfer

4387 kB
Size

19
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.appwinit.com/

Search URL Search Domain Scan URL

URL: http://www.nytimes.com/2015/07/19/nyregion/an-app-to-help-you-win-the-parking-ticket-war.html?_r=0

Search URL Search Domain Scan URL

URL: http://abc7ny.com/technology/have-a-parking-ticket-theres-an-app-to-help-you-fight-it/792844/

Search URL Search Domain Scan URL

URL: http://nypost.com/2015/06/14/this-app-will-fight-your-parking-ticket-so-you-dont-have-to/

Search URL Search Domain Scan URL

URL: http://www.bloomberg.com/news/articles/2015-12-03/apps-that-fight-your-parking-tickets

Search URL Search Domain Scan URL

URL: http://pix11.com/2015/06/15/new-app-helps-you-get-nyc-parking-tickets-dismissed/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thewinitapp/

Search URL Search Domain Scan URL

URL: https://twitter.com/winit_app?lang=en

Search URL Search Domain Scan URL

URL: https://www.instagram.com/app_winit/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paychicagotickets.com/ HTTP 301
https://paychicagotickets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=7283D349F7B0472082EB34A9CD4B697E&RedC=c.clarity.ms&MXFR=3B91DE177D926103277BCF3879926F8F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=7283D349F7B0472082EB34A9CD4B697E&MUID=2B38FCA8EC3A652B10FDED87ED516441

53 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
paychicagotickets.com/
Redirect Chain

http://paychicagotickets.com/
https://paychicagotickets.com/

3 KB
2 KB

305ms
138ms

Document
text/html

206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

c942163fd818a62206920bd56def27dae1723c0305dad51713a70491a14fd773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 17 Jan 2022 23:09:30 GMT
etag: "ab511424fa269167c3e3cfd143271a81-ssl-df"
strict-transport-security: max-age=31536000
content-encoding: br
vary: Accept-Encoding
age: 0
x-nf-request-id: 01FSN4TZTQ3AJMTKPDJ1ZNJJNR
server: Netlify

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-length: 45
content-type: text/plain
date: Sat, 15 Jan 2022 00:37:17 GMT
server: Netlify
location: https://paychicagotickets.com/
age: 253933
x-nf-request-id: 01FSN4TZN70S05C303DYFKKW0M

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 160ms
52ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14835
x-xss-protection: 0
server: cafe
etag: 2630088915750441828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 23:09:31 GMT

GET
H2 200 main.5d7322c7.chunk.css
paychicagotickets.com/static/css/ 161 KB
24 KB 282ms
281ms Stylesheet
text/css 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

ffc3c701d9ec62efc2f74592d02e77f17ccadc53fb3e4793c165db5004cc5aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4TZZQWGBMS110KTNP0E69
date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: br
server: Netlify
age: 0
etag: "7af597a8b365f75cee7b1ea42b5e4c7c-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 73ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://paychicagotickets.com/
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1642460971.dop152.am5.t,1642460971.cds237.am5.hn,1642460971.cds260.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 2.961534f9.chunk.js Show response
paychicagotickets.com/static/js/ 2 MB
415 KB 47ms
46ms Script
application/javascript 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/js/2.961534f9.chunk.js

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

95e1bebc2d17ffd4389b8acfa029e4d7c67d126c53b062053cf20bc6bb6a789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4TZZQRM6YBSSWDZ1CQ5XJ
date: Thu, 13 Jan 2022 20:51:56 GMT
content-encoding: br
server: Netlify
age: 353855
etag: "ec14dd9bf0f37dfbc08db1ac18eb251f-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 424246

GET
H2 200 main.dee9a85a.chunk.js Show response
paychicagotickets.com/static/js/ 142 KB
43 KB 9ms
8ms Script
application/javascript 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/js/main.dee9a85a.chunk.js

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a72e5c941951ae2b62faabba6194014ff9b41cd038862e15482dffd782d6662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4TZZQFPD2W5BB8N6DXFG7
date: Thu, 13 Jan 2022 20:51:56 GMT
content-encoding: br
server: Netlify
age: 353854
etag: "4792ec8efcc652b6637ac56bdc63d3df-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43600

GET
H2 200 hotjar-974720.js Show response
static.hotjar.com/c/ 4 KB
2 KB 55ms
37ms Script
application/javascript 18.66.112.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-974720.js?sv=6

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-53.fra56.r.cloudfront.net

Software

Resource Hash

65a06f3329adde93cec73056b9b1c82659b7f6142b3df5b312f734d8f9872755

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P5
etag: W/f5cc6df49998f4eba364f6b43911c8c0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1901
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-id: kJCTi8gyy-zAHPNaMqY-gjdSP12YBB8AThWr8_DE1Ax-gbN8vbpGsg==

GET
H/1.1 200
OK / Show response
api.paychicagotickets.com/socket.io/ 103 B
449 B 342ms
103ms XHR
text/plain 34.201.80.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paychicagotickets.com/socket.io/?EIO=3&transport=polling&t=NvgJO9P
Requested by: Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.201.80.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-80-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 5393bb652b0e9dc7c6ee0583caccd66e7e428ce2930c0625390347d7ee7e701a

Request headers

Accept: */*
Referer: https://paychicagotickets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 23:09:31 GMT
Via: 1.1 vegur
Server: Cowboy
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://paychicagotickets.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 103

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 505
date: Mon, 17 Jan 2022 23:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 18 Jan 2022 01:01:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
43 KB 158ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NFHMLZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

948fb39ba1e1fc93b88fd109d0b660793e8cb9bc88dd27bcd388f68ecfbfbd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43808
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jan 2022 23:09:31 GMT

GET
H2 200 14c73713-e4df-4dba-933b-057feeac8dd1.d8ee249a.woff2
paychicagotickets.com/static/media/ 18 KB
19 KB 16ms
15ms Font
font/woff2 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/media/14c73713-e4df-4dba-933b-057feeac8dd1.d8ee249a.woff2

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0KMRZWS91S8KGJ52WAB
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353853
etag: "442d258da82b516cc660b913b738de3d-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 18920

GET
H2 200 64779e28-a3b8-4364-949c-771372a0a327.401e2177.woff2
paychicagotickets.com/static/media/ 20 KB
20 KB 30ms
29ms Font
font/woff2 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/media/64779e28-a3b8-4364-949c-771372a0a327.401e2177.woff2

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

acb6f0382c9d777f6c83d812636bb5e03e2a971a01e2032d9f4138edaaeb1a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0KNHTQRQS1VVPV8YTAJ
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353853
etag: "341d86d2c73421095693ca22090cc431-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 20072

GET
H2 200 Gotham-Book.eca1317e.otf
paychicagotickets.com/static/media/ 125 KB
38 KB 19ms
18ms Font
application/vnd.oasis.opendocument.formula-template 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/media/Gotham-Book.eca1317e.otf

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0KNTW84HWWF4F828VBC
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353853
etag: "56ca1e67d4747b6a1ae6e9971d4dbc76-ssl-df"
vary: Accept-Encoding
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 38662

GET
H2 200 2cd55546-ec00-4af9-aeca-4a3cd186da53.457e94a5.woff2
paychicagotickets.com/static/media/ 16 KB
16 KB 33ms
32ms Font
font/woff2 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/media/2cd55546-ec00-4af9-aeca-4a3cd186da53.457e94a5.woff2

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0KNBSS6K45ZQ4MH7C6F
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353853
etag: "65a33b79c36c0afd54cd2d712c5c868e-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 16560

GET
H2 200 627fbb5a-3bae-4cd9-b617-2f923e29d55e.24932ad0.woff2
paychicagotickets.com/static/media/ 18 KB
18 KB 15ms
14ms Font
font/woff2 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://paychicagotickets.com/static/media/627fbb5a-3bae-4cd9-b617-2f923e29d55e.24932ad0.woff2

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

0903aeb2dad08d6a15d2447448067acb07131ee126e365adbc387da60f494d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0KN2VC8FVEQV6T6H2Y5
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353853
etag: "56c2b0b89a7d13c6382307cf25025f32-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 18760

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
992 B 137ms
49ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

477259d23a78a6c93ad89d96bed6f9d997ea3add21ff480f6b3bfb88c810ef4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 1; mode=block
expires: Mon, 17 Jan 2022 23:09:31 GMT

GET
H2 200 winit.b15099e0.svg
paychicagotickets.com/static/media/ 10 KB
3 KB 31ms
30ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/winit.b15099e0.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3b8af710a148e3aee3c3f8810b54e70e4824363013285901ad4c891556f61d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MCBWFKAQC3KF3RJBAT
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353854
etag: "8e30f3861083092f5dd7cef38e5b10cd-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3430

GET
H2 200 chicagoSkyLine.6862835d.svg
paychicagotickets.com/static/media/ 20 KB
5 KB 25ms
24ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/chicagoSkyLine.6862835d.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

fbd026586096ab590a48499406a4d3909c7aa338e7a82e6adb5c86c73a319e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MCXTDFFRNWGJ93P4PB
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353854
etag: "edb6963cd8c1bbd8e6020c0b084b307d-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5123

GET
H2 200 creditCards.9e60c294.svg
paychicagotickets.com/static/media/ 5 KB
2 KB 28ms
27ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/creditCards.9e60c294.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

9ac4640cae7e11bc51b2044b068e8357c6630a18804482a425612763d8684569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MD65DSGJ9SS8GV2K56
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353854
etag: "388efed4f9ec3ed499df8e3e028b8d07-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1601

GET
H2 200 ticketGuardianComingSoon.58fa9bb9.svg
paychicagotickets.com/static/media/ 24 KB
7 KB 16ms
16ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/ticketGuardianComingSoon.58fa9bb9.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

09a16bf6f2881700b3d0c083d51995c4956752bdbd87045b9ff5e8333bda52a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MDF30BNXJTAQ1T7AH4
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353854
etag: "ccdffbcc38479bc686a5d824950f5d78-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7250

GET
H2 200 winItComingSoon.b31fce12.svg
paychicagotickets.com/static/media/ 19 KB
6 KB 17ms
16ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/winItComingSoon.b31fce12.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a415fd958de027417632fb35a711ae89f9e45163a3a19d4bd22454ba0e4d5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MDWCYP6YS74458ES40
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353854
etag: "1fd6e74f28097bbc6bd5203e178c3411-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5964

GET
H2 200 nyt.dbb8874c.png
paychicagotickets.com/static/media/ 26 KB
26 KB 28ms
27ms Image
image/png 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/nyt.dbb8874c.png

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

80d52b0e6813eb6c48d8a3291b6bb7c9235bc3f3571d2826f846037ed8a6bab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MDY7VR3GM41VBW9VVV
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353854
etag: "274cada2ac5394a5635ca3a33166e6af-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 26311

GET
H2 200 abc7.d0252c10.png
paychicagotickets.com/static/media/ 11 KB
11 KB 17ms
17ms Image
image/png 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/abc7.d0252c10.png

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

d037f01b5208b2677b0720b19d9d2b68cc774a82b9843f6a026cc3e2f4e8c6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MEP4JZ8H5E6J3HEC7S
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353854
etag: "41049da8aa233df993ed56a2171a4258-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 11258

GET
H2 200 nyp.3d597d0a.png
paychicagotickets.com/static/media/ 23 KB
23 KB 19ms
19ms Image
image/png 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/nyp.3d597d0a.png

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

bedba28efeb10262ec16d77c960e1371d9a6d695cecf88a61eaa08f5bca8e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MEPQEJ5XJ928M5MQP2
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353854
etag: "3a8f8d3ac6090fa2e40cb8616098b1c5-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 23398

GET
H2 200 bloomberg.f18f1ef0.png
paychicagotickets.com/static/media/ 13 KB
14 KB 30ms
30ms Image
image/png 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/bloomberg.f18f1ef0.png

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

323ad1965a1293cdfe92dee322e7e0af8829b43fdb0ddd4f8e1befa55c10c2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0ME07YGCYCA9P8RSYJC
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353854
etag: "362e85b7ab96e33c909835013f0fd7ce-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 13789

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 767977585d084f610019a8278cab68d9164adb48d2e6b14fe98fb0f0421f6766

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 facebook.17ea4594.svg
paychicagotickets.com/static/media/ 914 B
1008 B 18ms
17ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/facebook.17ea4594.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

fc6197e8787c76536744303c79a1680df7c54bef890c281cb29ca45e1f80ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MFBACD4T63FBVECJYS
date: Thu, 13 Jan 2022 20:51:58 GMT
server: Netlify
age: 353853
etag: "89e4c0245e0749ed7f6b70ce034aae0f-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 914

GET
H2 200 twitter.0f0d1aeb.svg
paychicagotickets.com/static/media/ 2 KB
1 KB 94ms
94ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/twitter.0f0d1aeb.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

498c7d9be53036e1e3c8e18517bca066aa3fe6695ca3e485677838057f8ecb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MVT9VHHRKCEGVSE5AC
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353853
etag: "042faadcf0f6dace10df90549aad0369-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1177

GET
H2 200 instagram.961a55f3.svg
paychicagotickets.com/static/media/ 5 KB
2 KB 30ms
29ms Image
image/svg+xml 206.189.50.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paychicagotickets.com/static/media/instagram.961a55f3.svg

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.50.60 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

9e77ffa3b10d36f219d7c00918ad006247247086fb38e0290ffee197af1895ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FSN4V0MVPAX5KHSREHCWN85B
date: Thu, 13 Jan 2022 20:51:58 GMT
content-encoding: br
server: Netlify
age: 353853
etag: "f881fda46c6a848b121d77afc9b39765-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1882

GET
H2 200 modules.c89f04abde364444f21e.js Show response
script.hotjar.com/ 229 KB
61 KB 29ms
8ms Script
application/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c89f04abde364444f21e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-974720.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-100.fra60.r.cloudfront.net

Software

Resource Hash

fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 17:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19705
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61580
access-control-allow-origin: *
last-modified: Mon, 17 Jan 2022 17:40:09 GMT
etag: "aaca953bf181ec7c714da08b16c0fdbb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: wU-61GO5jEcyIzMRX0UvFwHO4IrrQMuBZmXvaQ_5QazL76jc2VfD1A==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 25FC 2 KB
1 KB 28ms
8ms Document
text/html 13.32.121.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-974720.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-127.fra60.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZoEDbfCXgIf_JwyfAZXp_NdlhxJ6wJAvzTIt1lLu4R89pt6kBGbj9w==
age: 6080652

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 45ms
44ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1994834203&t=pageview&_s=1&dl=https%3A%2F%2Fpaychicagotickets.com%2Fsearch&dp=%2FHome&ul=en-us&de=UTF-8&dt=Pay%20Chicago%20Tickets%20-%20The%20Secure%20and%20Easy%20Way%20to%20Pay%20Chicago%20Fines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2136343167&gjid=1313838223&cid=959340080.1642460972&tid=UA-68367419-3&_gid=1103559087.1642460972&_r=1&_slc=1&z=521680917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paychicagotickets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paychicagotickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 37ms
37ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1994834203&t=event&_s=2&dl=https%3A%2F%2Fpaychicagotickets.com%2Fsearch&ul=en-us&de=UTF-8&dt=Pay%20Chicago%20Tickets%20-%20The%20Secure%20and%20Easy%20Way%20to%20Pay%20Chicago%20Fines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Navigation&ea=Viewed%20Home%20Page&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=959340080.1642460972&tid=UA-68367419-3&_gid=1103559087.1642460972&z=757664487

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 14:31:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31105
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 354 KB
140 KB 127ms
36ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paychicagotickets.com/
Origin: https://paychicagotickets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 21:49:57 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/974720/ 146 B
321 B 99ms
32ms XHR
application/json 52.17.53.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/974720/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c89f04abde364444f21e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.53.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-53-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer: https://paychicagotickets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 59ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68367419-3&cid=959340080.1642460972&jid=2136343167&gjid=1313838223&_gid=1103559087.1642460972&_u=IEBAAEAAAAAAAC~&z=188896373

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paychicagotickets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 Jan 2022 23:09:31 GMT
content-type: text/plain
access-control-allow-origin: https://paychicagotickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 50ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NFHMLZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00C419A1648D45AEB05687A79A029118 Ref B: FRAEDGE1409 Ref C: 2022-01-17T23:09:31Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 126ms
76ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68367419-3&cid=959340080.1642460972&jid=2136343167&_u=IEBAAEAAAAAAAC~&z=1220615707

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 137ms
49ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68367419-3&cid=959340080.1642460972&jid=2136343167&_u=IEBAAEAAAAAAAC~&z=1220615707

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134597735.js Show response
bat.bing.com/p/action/ 686 B
741 B 220ms
220ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/134597735.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 98304f06a3503e467fa36472167a1e5d6309bd22a7514b8449fb312357ad7f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:31 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D58C8F4D6014820A26409B2DFFD5CBD Ref B: FRAEDGE1409 Ref C: 2022-01-17T23:09:31Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 590

GET
H2 204 0
bat.bing.com/action/ 0
150 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=134597735&tm=gtm002&Ver=2&mid=20c087ba-5796-4890-ad26-548c5d29ff33&sid=8761f42077ea11ecaf74b19ab315d380&vid=876202a077ea11ec9e0797b0aa7944ec&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pay%20Chicago%20Tickets%20-%20The%20Secure%20and%20Easy%20Way%20to%20Pay%20Chicago%20Fines&kw=pay,chicago,parking,traffic,tickets,secure,easy,winit&p=https%3A%2F%2Fpaychicagotickets.com%2Fsearch&r=&lt=1035&evt=pageLoad&msclkid=N&sv=1&rn=869597
Requested by: Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9321A1D4C3EF4997A75FE3C26A571B20 Ref B: FRAEDGE1409 Ref C: 2022-01-17T23:09:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.paychicagotickets.com/socket.io/ 3 B
347 B 505ms
505ms XHR
text/plain 34.201.80.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paychicagotickets.com/socket.io/?EIO=3&transport=polling&t=NvgJOEp&sid=u5fo4fqcCD-tqjsCAAuA
Requested by: Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.201.80.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-80-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://paychicagotickets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 23:09:32 GMT
Via: 1.1 vegur
Server: Cowboy
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://paychicagotickets.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A758 40 KB
21 KB 60ms
60ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=taca9ex9xoai

Requested by

Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e6ac03299e0988dab74af93ecb1f9aed9242ad7f7116e769291b66776ea0edf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C9aZaYEd0NJimpEJj3toPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 Jan 2022 23:09:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-C9aZaYEd0NJimpEJj3toPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21060
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame A758 51 KB
24 KB 83ms
37ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=taca9ex9xoai

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 16:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 16:59:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame A758 354 KB
140 KB 98ms
53ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 21:49:57 GMT

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.31/ 52 KB
23 KB 344ms
107ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134597735.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:32 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 22925
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=7283D349F7B0472082EB34A9CD4B697E&RedC=c.clarity.ms&MXFR=3B91DE177D926103277BCF3879926F8F
https://c.clarity.ms/c.gif?CtsSyncId=7283D349F7B0472082EB34A9CD4B697E&MUID=2B38FCA8EC3A652B10FDED87ED516441

42 B
367 B

27ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=7283D349F7B0472082EB34A9CD4B697E&MUID=2B38FCA8EC3A652B10FDED87ED516441
Requested by: Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:32 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 17 Jan 2022 23:09:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F17909D877794B1D8BDCBD0FF4AB725E Ref B: FRAEDGE1409 Ref C: 2022-01-17T23:09:32Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=7283D349F7B0472082EB34A9CD4B697E&MUID=2B38FCA8EC3A652B10FDED87ED516441
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame A758 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A758 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A758 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 504242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 19 Jan 2022 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A758 15 KB
16 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 540171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A758 102 B
133 B 48ms
47ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=taca9ex9xoai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 17 Jan 2022 23:09:32 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 6298 7 KB
1 KB 55ms
55ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

727daa08da65146c711a49f80e4c59d168b45ad360d323d0f6886ce54ea2537b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hBjgKZlcllCxkpuazu3yoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paychicagotickets.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 Jan 2022 23:09:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-hBjgKZlcllCxkpuazu3yoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 6298 51 KB
24 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 16:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 16:59:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 6298 354 KB
140 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 21:49:57 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
73 B 190ms
189ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://paychicagotickets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://paychicagotickets.com
date: Mon, 17 Jan 2022 23:09:32 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paychicagotickets.com/	1970-01-20 17:45:32	Name: _ga Value: GA1.2.959340080.1642460972
.paychicagotickets.com/	1970-01-20 00:15:47	Name: _gid Value: GA1.2.1103559087.1642460972
.paychicagotickets.com/	1970-01-20 00:14:21	Name: _gat Value: 1
.paychicagotickets.com/	1970-01-20 08:59:56	Name: _hjSessionUser_974720 Value: eyJpZCI6IjZlNzI4ZmVlLTY4MzItNWEzMy1hZDM4LTZjZDFkZjkxNjAzNiIsImNyZWF0ZWQiOjE2NDI0NjA5NzE3MzEsImV4aXN0aW5nIjpmYWxzZX0=
.paychicagotickets.com/	1970-01-20 00:14:22	Name: _hjFirstSeen Value: 1
paychicagotickets.com/	1970-01-20 00:14:21	Name: _hjIncludedInSessionSample Value: 0
.paychicagotickets.com/	1970-01-20 00:14:22	Name: _hjSession_974720 Value: eyJpZCI6IjE2Zjg4ODgwLTZjMTctNDA5ZS05Y2Q0LWQzYTE4ZThkMTkwMiIsImNyZWF0ZWQiOjE2NDI0NjA5NzE3OTYsImluU2FtcGxlIjpmYWxzZX0=
paychicagotickets.com/	1970-01-20 00:14:21	Name: _hjIncludedInPageviewSample Value: 1
.paychicagotickets.com/	1970-01-20 00:14:22	Name: _hjAbsoluteSessionInProgress Value: 0
.bing.com/	1970-01-20 09:35:56	Name: MUID Value: 2B38FCA8EC3A652B10FDED87ED516441
.paychicagotickets.com/	1970-01-20 00:15:47	Name: _uetsid Value: 8761f42077ea11ecaf74b19ab315d380
.paychicagotickets.com/	1970-01-20 09:35:56	Name: _uetvid Value: 876202a077ea11ec9e0797b0aa7944ec
api.paychicagotickets.com/	1969-12-31 23:59:59	Name: io Value: u5fo4fqcCD-tqjsCAAuA
.c.bing.com/	1970-01-20 09:35:56	Name: SRM_B Value: 2B38FCA8EC3A652B10FDED87ED516441
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:35:56	Name: MUID Value: 2B38FCA8EC3A652B10FDED87ED516441
.c.clarity.ms/	1970-01-20 00:14:21	Name: ANONCHK Value: 0
.paychicagotickets.com/	1970-01-20 08:59:56	Name: _clck Value: 1bcvgz5\|1\|ey7\|0
.paychicagotickets.com/	1970-01-20 00:15:47	Name: _clsk Value: 1g1abyp\|1642460972859\|1\|1\|e.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.paychicagotickets.com
bat.bing.com
c.bing.com
c.clarity.ms
code.jquery.com
e.clarity.ms
fonts.gstatic.com
in.hotjar.com
paychicagotickets.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.32.121.100
13.32.121.127
172.217.16.130
18.66.112.53
20.62.48.180
2001:4de0:ac18::1:a:2a
206.189.50.60
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:810::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9d
34.201.80.84
52.142.114.2
52.17.53.90
0903aeb2dad08d6a15d2447448067acb07131ee126e365adbc387da60f494d75
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09a16bf6f2881700b3d0c083d51995c4956752bdbd87045b9ff5e8333bda52a1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
323ad1965a1293cdfe92dee322e7e0af8829b43fdb0ddd4f8e1befa55c10c2ae
3b8af710a148e3aee3c3f8810b54e70e4824363013285901ad4c891556f61d49
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
477259d23a78a6c93ad89d96bed6f9d997ea3add21ff480f6b3bfb88c810ef4e
498c7d9be53036e1e3c8e18517bca066aa3fe6695ca3e485677838057f8ecb06
5393bb652b0e9dc7c6ee0583caccd66e7e428ce2930c0625390347d7ee7e701a
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
5e6ac03299e0988dab74af93ecb1f9aed9242ad7f7116e769291b66776ea0edf
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
65a06f3329adde93cec73056b9b1c82659b7f6142b3df5b312f734d8f9872755
6a415fd958de027417632fb35a711ae89f9e45163a3a19d4bd22454ba0e4d5c6
6a72e5c941951ae2b62faabba6194014ff9b41cd038862e15482dffd782d6662
727daa08da65146c711a49f80e4c59d168b45ad360d323d0f6886ce54ea2537b
767977585d084f610019a8278cab68d9164adb48d2e6b14fe98fb0f0421f6766
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
80d52b0e6813eb6c48d8a3291b6bb7c9235bc3f3571d2826f846037ed8a6bab4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
948fb39ba1e1fc93b88fd109d0b660793e8cb9bc88dd27bcd388f68ecfbfbd28
95e1bebc2d17ffd4389b8acfa029e4d7c67d126c53b062053cf20bc6bb6a789d
98304f06a3503e467fa36472167a1e5d6309bd22a7514b8449fb312357ad7f7f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac4640cae7e11bc51b2044b068e8357c6630a18804482a425612763d8684569
9e77ffa3b10d36f219d7c00918ad006247247086fb38e0290ffee197af1895ed
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
acb6f0382c9d777f6c83d812636bb5e03e2a971a01e2032d9f4138edaaeb1a71
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
bedba28efeb10262ec16d77c960e1371d9a6d695cecf88a61eaa08f5bca8e3f9
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c942163fd818a62206920bd56def27dae1723c0305dad51713a70491a14fd773
d037f01b5208b2677b0720b19d9d2b68cc774a82b9843f6a026cc3e2f4e8c6ea
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fbd026586096ab590a48499406a4d3909c7aa338e7a82e6adb5c86c73a319e0e
fc6197e8787c76536744303c79a1680df7c54bef890c281cb29ca45e1f80ffe1
fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9
ffc3c701d9ec62efc2f74592d02e77f17ccadc53fb3e4793c165db5004cc5aa6

paychicagotickets.com Open in urlscan Pro 206.189.50.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

50 %IPv6

12 Domains

19 Subdomains

19 IPs

5 Countries

1412 kBTransfer

4387 kBSize

19 Cookies

9 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paychicagotickets.com Open in urlscan Pro
206.189.50.60 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

19
Subdomains

19
IPs

5
Countries

1412 kB
Transfer

4387 kB
Size

19
Cookies

53 HTTP transactions
3 data transactions