Submitted URL: http://paychicagotickets.com/
Effective URL: https://paychicagotickets.com/
Submission Tags: falconsandbox
Submission: On January 19 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 5 countries across 13 domains to perform 60 HTTP transactions. The main IP is 159.65.118.56, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is paychicagotickets.com.
TLS certificate: Issued by R3 on January 7th 2022. Valid for: 3 months.
This is the only time paychicagotickets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 159.65.118.56 14061 (DIGITALOC...)
1 142.250.185.194 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 18.66.97.49 16509 (AMAZON-02)
2 54.157.4.65 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.74 16509 (AMAZON-02)
1 18.66.139.117 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.251.129.210 16509 (AMAZON-02)
1 18.66.112.110 ()
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.62.48.180 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
60 20
Apex Domain
Subdomains
Transfer
24 paychicagotickets.com
paychicagotickets.com
api.paychicagotickets.com
699 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
485 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
43 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 13
23 KB
4 clarity.ms
e.clarity.ms — Cisco Umbrella Rank: 2242
c.clarity.ms — Cisco Umbrella Rank: 917
24 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
c.bing.com — Cisco Umbrella Rank: 273
12 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644
script.hotjar.com — Cisco Umbrella Rank: 919
vars.hotjar.com — Cisco Umbrella Rank: 1012
in.hotjar.com — Cisco Umbrella Rank: 1810
65 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5557
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
445 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2414
255 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
30 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
60 13
Domain Requested by
22 paychicagotickets.com 1 redirects paychicagotickets.com
7 www.googletagmanager.com paychicagotickets.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com paychicagotickets.com
www.google.com
www.gstatic.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
paychicagotickets.com
3 www.google-analytics.com paychicagotickets.com
www.google-analytics.com
2 c.clarity.ms 1 redirects paychicagotickets.com
2 e.clarity.ms bat.bing.com
e.clarity.ms
2 api.paychicagotickets.com paychicagotickets.com
1 fonts.gstatic.com www.google.com
1 c.bing.com 1 redirects
1 www.google.de paychicagotickets.com
1 stats.g.doubleclick.net www.google-analytics.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com paychicagotickets.com
1 code.jquery.com paychicagotickets.com
1 www.googleadservices.com paychicagotickets.com
60 20
Subject Issuer Validity Valid
*.paychicagotickets.com
R3
2022-01-07 -
2022-04-07
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
api.paychicagotickets.com
R3
2021-12-29 -
2022-03-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.hotjar.io
Amazon
2021-08-17 -
2022-09-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2021-12-22 -
2022-06-22
6 months crt.sh
*.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
www.google.de
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01
2021-07-27 -
2022-07-27
a year crt.sh

This page contains 4 frames:

Primary Page: https://paychicagotickets.com/
Frame ID: DAEF056194FEDC83B84A3E1882392DFB
Requests: 51 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: D22E3B02E2A500D08AF7D0EE86A729DE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
Frame ID: 7943A8811B350405F114A87D01DDC25A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U
Frame ID: CC28BDA5D43BCAED6322CEB59B6AA5C9
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Pay Chicago Tickets - The Secure and Easy Way to Pay Chicago Fines

Page URL History Show full URLs

  1. http://paychicagotickets.com/ HTTP 301
    https://paychicagotickets.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

60
Requests

98 %
HTTPS

47 %
IPv6

13
Domains

20
Subdomains

20
IPs

5
Countries

1416 kB
Transfer

4387 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paychicagotickets.com/ HTTP 301
    https://paychicagotickets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=A730ED48AFB443BB8167332ACDF4537A&RedC=c.clarity.ms&MXFR=08FE6BBE9BFB6F5728A17A8F9FFB6109 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=A730ED48AFB443BB8167332ACDF4537A&MUID=363D20EA7B0363081BF131DB7AD1627D

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paychicagotickets.com/
Redirect Chain
  • http://paychicagotickets.com/
  • https://paychicagotickets.com/
3 KB
2 KB
Document
General
Full URL
https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
c942163fd818a62206920bd56def27dae1723c0305dad51713a70491a14fd773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Sun, 16 Jan 2022 15:14:36 GMT
etag
"ab511424fa269167c3e3cfd143271a81-ssl-df"
strict-transport-security
max-age=31536000
content-encoding
gzip
age
234337
vary
Accept-Encoding
x-nf-request-id
01FSRPR3718V8SN8BNW5TK7GR9
content-length
1564
server
Netlify

Redirect headers

cache-control
public, max-age=0, must-revalidate
content-length
45
content-type
text/plain
date
Mon, 17 Jan 2022 23:14:25 GMT
server
Netlify
location
https://paychicagotickets.com/
age
119148
x-nf-request-id
01FSRPR312QX05ZZZD0ZAKX5CW
conversion_async.js
www.googleadservices.com/pagead/
38 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14835
x-xss-protection
0
server
cafe
etag
2630088915750441828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 08:20:13 GMT
main.5d7322c7.chunk.css
paychicagotickets.com/static/css/
161 KB
27 KB
Stylesheet
General
Full URL
https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
ffc3c701d9ec62efc2f74592d02e77f17ccadc53fb3e4793c165db5004cc5aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR383DPYNA92JSTS9426H
date
Sat, 15 Jan 2022 05:35:46 GMT
content-encoding
gzip
server
Netlify
age
355467
etag
"7af597a8b365f75cee7b1ea42b5e4c7c-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
27387
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://paychicagotickets.com/
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:13 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1642580413.dop248.am5.t,1642580413.cds227.am5.hn,1642580413.cds260.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
2.961534f9.chunk.js
paychicagotickets.com/static/js/
2 MB
415 KB
Script
General
Full URL
https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
95e1bebc2d17ffd4389b8acfa029e4d7c67d126c53b062053cf20bc6bb6a789d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR38402PJZG56T5T86M8Z
date
Tue, 18 Jan 2022 22:46:06 GMT
content-encoding
br
server
Netlify
age
34447
etag
"ec14dd9bf0f37dfbc08db1ac18eb251f-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
424246
main.dee9a85a.chunk.js
paychicagotickets.com/static/js/
142 KB
43 KB
Script
General
Full URL
https://paychicagotickets.com/static/js/main.dee9a85a.chunk.js
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
6a72e5c941951ae2b62faabba6194014ff9b41cd038862e15482dffd782d6662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR384DKJ8S9SRZYSP5ZS0
date
Tue, 18 Jan 2022 22:46:06 GMT
content-encoding
br
server
Netlify
age
34447
etag
"4792ec8efcc652b6637ac56bdc63d3df-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43600
hotjar-974720.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-974720.js?sv=6
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
bd77383e7442d761f30715a1b605766eda93612233a76d6db58baf1ae0ba740f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/930c6eefaff5e1ff64982092bb1973d5
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1903
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-id
-4e0KjQdhBaBliel0by5C9G7Ts32DjRSrMNUePXrTokXM-tJs8pooQ==
/
api.paychicagotickets.com/socket.io/
103 B
449 B
XHR
General
Full URL
https://api.paychicagotickets.com/socket.io/?EIO=3&transport=polling&t=NvnR0w7
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.157.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-4-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
bd579eb52d6ce3d0bddb376b8903b0eef168e86507f63b618133aa44aa1aee9b

Request headers

Accept
*/*
Referer
https://paychicagotickets.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 08:20:14 GMT
Via
1.1 vegur
Server
Cowboy
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://paychicagotickets.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
103
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4748
date
Wed, 19 Jan 2022 07:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 19 Jan 2022 09:01:06 GMT
gtm.js
www.googletagmanager.com/
117 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5NFHMLZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00e4b95a367ef22e96768f1777ec07d83aa65eb4f1b46b31d867c6ad90d55ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 08:20:14 GMT
14c73713-e4df-4dba-933b-057feeac8dd1.d8ee249a.woff2
paychicagotickets.com/static/media/
18 KB
19 KB
Font
General
Full URL
https://paychicagotickets.com/static/media/14c73713-e4df-4dba-933b-057feeac8dd1.d8ee249a.woff2
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3NBBZAY1F3P86SN5X8S
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Netlify
age
0
etag
"442d258da82b516cc660b913b738de3d-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
18920
64779e28-a3b8-4364-949c-771372a0a327.401e2177.woff2
paychicagotickets.com/static/media/
20 KB
20 KB
Font
General
Full URL
https://paychicagotickets.com/static/media/64779e28-a3b8-4364-949c-771372a0a327.401e2177.woff2
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
acb6f0382c9d777f6c83d812636bb5e03e2a971a01e2032d9f4138edaaeb1a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3NCTVJYWKWBC65P6FMJ
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Netlify
age
0
etag
"341d86d2c73421095693ca22090cc431-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
20072
Gotham-Book.eca1317e.otf
paychicagotickets.com/static/media/
125 KB
38 KB
Font
General
Full URL
https://paychicagotickets.com/static/media/Gotham-Book.eca1317e.otf
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3NCHMBVJSH5SFSK8MAA
date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
br
server
Netlify
age
0
etag
"56ca1e67d4747b6a1ae6e9971d4dbc76-ssl-df"
vary
Accept-Encoding
content-type
application/vnd.oasis.opendocument.formula-template
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
2cd55546-ec00-4af9-aeca-4a3cd186da53.457e94a5.woff2
paychicagotickets.com/static/media/
16 KB
16 KB
Font
General
Full URL
https://paychicagotickets.com/static/media/2cd55546-ec00-4af9-aeca-4a3cd186da53.457e94a5.woff2
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3NDPKG3VJV0V4ZTH9GX
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Netlify
age
0
etag
"65a33b79c36c0afd54cd2d712c5c868e-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
16560
627fbb5a-3bae-4cd9-b617-2f923e29d55e.24932ad0.woff2
paychicagotickets.com/static/media/
18 KB
18 KB
Font
General
Full URL
https://paychicagotickets.com/static/media/627fbb5a-3bae-4cd9-b617-2f923e29d55e.24932ad0.woff2
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
0903aeb2dad08d6a15d2447448067acb07131ee126e365adbc387da60f494d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paychicagotickets.com/static/css/main.5d7322c7.chunk.css
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3NDB530XVBKPN75D3ZN
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Netlify
age
0
etag
"56c2b0b89a7d13c6382307cf25025f32-ssl"
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
18760
api.js
www.google.com/recaptcha/
909 B
992 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
477259d23a78a6c93ad89d96bed6f9d997ea3add21ff480f6b3bfb88c810ef4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Wed, 19 Jan 2022 08:20:14 GMT
winit.b15099e0.svg
paychicagotickets.com/static/media/
10 KB
3 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/winit.b15099e0.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
3b8af710a148e3aee3c3f8810b54e70e4824363013285901ad4c891556f61d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3NZ68VK69425NB9MY6X
date
Tue, 18 Jan 2022 22:46:07 GMT
content-encoding
br
server
Netlify
age
34447
etag
"8e30f3861083092f5dd7cef38e5b10cd-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3430
chicagoSkyLine.6862835d.svg
paychicagotickets.com/static/media/
20 KB
5 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/chicagoSkyLine.6862835d.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
fbd026586096ab590a48499406a4d3909c7aa338e7a82e6adb5c86c73a319e0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P1Q2YF6SS4H2PR6TDG
date
Tue, 18 Jan 2022 22:46:08 GMT
content-encoding
br
server
Netlify
age
34446
etag
"edb6963cd8c1bbd8e6020c0b084b307d-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5123
creditCards.9e60c294.svg
paychicagotickets.com/static/media/
5 KB
2 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/creditCards.9e60c294.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
9ac4640cae7e11bc51b2044b068e8357c6630a18804482a425612763d8684569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P1A4AH69G1BJTBH5WG
date
Tue, 18 Jan 2022 22:46:08 GMT
content-encoding
br
server
Netlify
age
34446
etag
"388efed4f9ec3ed499df8e3e028b8d07-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1601
ticketGuardianComingSoon.58fa9bb9.svg
paychicagotickets.com/static/media/
24 KB
7 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/ticketGuardianComingSoon.58fa9bb9.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
09a16bf6f2881700b3d0c083d51995c4956752bdbd87045b9ff5e8333bda52a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P14K5XVZGDXJC53QXK
date
Tue, 18 Jan 2022 22:46:08 GMT
content-encoding
br
server
Netlify
age
34446
etag
"ccdffbcc38479bc686a5d824950f5d78-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
7250
winItComingSoon.b31fce12.svg
paychicagotickets.com/static/media/
19 KB
6 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/winItComingSoon.b31fce12.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
6a415fd958de027417632fb35a711ae89f9e45163a3a19d4bd22454ba0e4d5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P1K37RDE9J1PBCQSAJ
date
Tue, 18 Jan 2022 22:46:08 GMT
content-encoding
br
server
Netlify
age
34446
etag
"1fd6e74f28097bbc6bd5203e178c3411-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5964
nyt.dbb8874c.png
paychicagotickets.com/static/media/
26 KB
26 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/nyt.dbb8874c.png
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
80d52b0e6813eb6c48d8a3291b6bb7c9235bc3f3571d2826f846037ed8a6bab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P15AHS7ZFA1JBQP0HR
date
Tue, 18 Jan 2022 22:46:08 GMT
server
Netlify
age
34446
etag
"274cada2ac5394a5635ca3a33166e6af-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
26311
abc7.d0252c10.png
paychicagotickets.com/static/media/
11 KB
11 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/abc7.d0252c10.png
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
d037f01b5208b2677b0720b19d9d2b68cc774a82b9843f6a026cc3e2f4e8c6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P2Z23G6S9DC224Z5WQ
date
Tue, 18 Jan 2022 22:46:08 GMT
server
Netlify
age
34446
etag
"41049da8aa233df993ed56a2171a4258-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
11258
nyp.3d597d0a.png
paychicagotickets.com/static/media/
23 KB
23 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/nyp.3d597d0a.png
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
bedba28efeb10262ec16d77c960e1371d9a6d695cecf88a61eaa08f5bca8e3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P2SFKEQE9SY3RX1T4P
date
Tue, 18 Jan 2022 22:46:08 GMT
server
Netlify
age
34446
etag
"3a8f8d3ac6090fa2e40cb8616098b1c5-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
23398
bloomberg.f18f1ef0.png
paychicagotickets.com/static/media/
13 KB
14 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/bloomberg.f18f1ef0.png
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
323ad1965a1293cdfe92dee322e7e0af8829b43fdb0ddd4f8e1befa55c10c2ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P2K8V7FRAWZZWR0WYR
date
Tue, 18 Jan 2022 22:46:08 GMT
server
Netlify
age
34446
etag
"362e85b7ab96e33c909835013f0fd7ce-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
13789
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
767977585d084f610019a8278cab68d9164adb48d2e6b14fe98fb0f0421f6766

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
facebook.17ea4594.svg
paychicagotickets.com/static/media/
914 B
1007 B
Image
General
Full URL
https://paychicagotickets.com/static/media/facebook.17ea4594.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
fc6197e8787c76536744303c79a1680df7c54bef890c281cb29ca45e1f80ffe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P3RM76DPFK3AYP8XSQ
date
Tue, 18 Jan 2022 22:46:08 GMT
server
Netlify
age
34446
etag
"89e4c0245e0749ed7f6b70ce034aae0f-ssl"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
914
twitter.0f0d1aeb.svg
paychicagotickets.com/static/media/
2 KB
1 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/twitter.0f0d1aeb.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
498c7d9be53036e1e3c8e18517bca066aa3fe6695ca3e485677838057f8ecb06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P6AGCDT25M94RCR4CH
date
Tue, 18 Jan 2022 22:46:08 GMT
content-encoding
br
server
Netlify
age
34446
etag
"042faadcf0f6dace10df90549aad0369-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1177
instagram.961a55f3.svg
paychicagotickets.com/static/media/
5 KB
2 KB
Image
General
Full URL
https://paychicagotickets.com/static/media/instagram.961a55f3.svg
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.118.56 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
9e77ffa3b10d36f219d7c00918ad006247247086fb38e0290ffee197af1895ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSRPR3P70XSXCRJ1J4C75144
date
Tue, 18 Jan 2022 22:46:08 GMT
content-encoding
br
server
Netlify
age
34446
etag
"f881fda46c6a848b121d77afc9b39765-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1882
modules.c89f04abde364444f21e.js
script.hotjar.com/
229 KB
61 KB
Script
General
Full URL
https://script.hotjar.com/modules.c89f04abde364444f21e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-974720.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 17:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
139148
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61580
access-control-allow-origin
*
last-modified
Mon, 17 Jan 2022 17:40:09 GMT
etag
"aaca953bf181ec7c714da08b16c0fdbb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
w7vBHaLMoSkziQ9QGNObZXSlfwVgYMygctS2av0FdJkx2QoY0dqbNg==
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame D22E
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-974720.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-117.fra60.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
hsSkpykyTOy_UCAnarzNeFlduVXvNDFJQP5tdoQmUr0YjxQ-3uJowA==
age
6200095
collect
www.google-analytics.com/j/
4 B
150 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1884837143&t=pageview&_s=1&dl=https%3A%2F%2Fpaychicagotickets.com%2Fsearch&dp=%2FHome&ul=en-us&de=UTF-8&dt=Pay%20Chicago%20Tickets%20-%20The%20Secure%20and%20Easy%20Way%20to%20Pay%20Chicago%20Fines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1530249906&gjid=1458498042&cid=101209774.1642580414&tid=UA-68367419-3&_gid=2055000585.1642580414&_r=1&_slc=1&z=1394324799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paychicagotickets.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paychicagotickets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1884837143&t=event&_s=2&dl=https%3A%2F%2Fpaychicagotickets.com%2Fsearch&ul=en-us&de=UTF-8&dt=Pay%20Chicago%20Tickets%20-%20The%20Secure%20and%20Easy%20Way%20to%20Pay%20Chicago%20Fines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Navigation&ea=Viewed%20Home%20Page&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=101209774.1642580414&tid=UA-68367419-3&_gid=2055000585.1642580414&z=1185037495
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 17:40:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52762
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/
354 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paychicagotickets.com/
Origin
https://paychicagotickets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:36 GMT
visit-data
in.hotjar.com/api/v2/client/sites/974720/
146 B
321 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/974720/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c89f04abde364444f21e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.129.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-129-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
https://paychicagotickets.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
974720
vc.hotjar.io/sessions/
0
255 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/974720?s=0.25&r=0.14916171257779554
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c89f04abde364444f21e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN (),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
AtU9pAUbzxwIUaFJS5U78snfD5xpC5pwrEAeAec7HOdA5gv5Na3uow==
collect
stats.g.doubleclick.net/j/
4 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68367419-3&cid=101209774.1642580414&jid=1530249906&gjid=1458498042&_gid=2055000585.1642580414&_u=IEBAAEAAAAAAAC~&z=1123338654
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paychicagotickets.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 Jan 2022 08:20:14 GMT
content-type
text/plain
access-control-allow-origin
https://paychicagotickets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/
36 KB
11 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NFHMLZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D515A98C3304E2BB05890C68B876B65 Ref B: FRAEDGE1321 Ref C: 2022-01-19T08:20:14Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-5NFHMLZ&cv=5&v=3&t=t&pid=415293883&rv=1c0&es=1&e=gtm.init_consent&eid=1&tc=1&z=0
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-5NFHMLZ&cv=5&v=3&t=t&pid=415293883&rv=1c0&es=1&e=gtm.init&eid=2&tc=1&z=0
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-5NFHMLZ&cv=5&v=3&t=t&pid=415293883&rv=1c0&es=1&e=gtm.js&eid=3&tc=1&tr=1baut&ti=2baut&z=0
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-5NFHMLZ&cv=5&v=3&t=t&pid=415293883&rv=1c0&es=1&e=*&eid=4&tc=1&z=0
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68367419-3&cid=101209774.1642580414&jid=1530249906&_u=IEBAAEAAAAAAAC~&z=1085727401
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68367419-3&cid=101209774.1642580414&jid=1530249906&_u=IEBAAEAAAAAAAC~&z=1085727401
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
134597735.js
bat.bing.com/p/action/
686 B
741 B
Script
General
Full URL
https://bat.bing.com/p/action/134597735.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98304f06a3503e467fa36472167a1e5d6309bd22a7514b8449fb312357ad7f7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F6349635164B460898F991AAFC8E58BA Ref B: FRAEDGE1321 Ref C: 2022-01-19T08:20:14Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
590
0
bat.bing.com/action/
0
150 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=134597735&tm=gtm002&Ver=2&mid=177e1f6c-ceb7-4d74-b272-fdecd69c4d78&sid=a0aaacd0790011ec92ea5f3fab9fe2e6&vid=a0aad600790011eca9460b171405f95f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pay%20Chicago%20Tickets%20-%20The%20Secure%20and%20Easy%20Way%20to%20Pay%20Chicago%20Fines&kw=pay,chicago,parking,traffic,tickets,secure,easy,winit&p=https%3A%2F%2Fpaychicagotickets.com%2Fsearch&r=&lt=706&evt=pageLoad&msclkid=N&sv=1&rn=818506
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FD811C5766E64083BC88F05DD5FBCEE1 Ref B: FRAEDGE1321 Ref C: 2022-01-19T08:20:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-5NFHMLZ&cv=5&v=3&t=t&pid=415293883&rv=1c0&es=1&e=gtm.dom&eid=5&tc=1&z=0
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7943
41 KB
21 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b7b0d9f90d4a0e7eadbb00274a82d6ad0f78032f6a8127338453118dd5f28959
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S6FCAbYP6SWqtAhAkWSeyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 19 Jan 2022 08:20:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-S6FCAbYP6SWqtAhAkWSeyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21341
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
api.paychicagotickets.com/socket.io/
3 B
347 B
XHR
General
Full URL
https://api.paychicagotickets.com/socket.io/?EIO=3&transport=polling&t=NvnR12K&sid=W1UXOZvs4KhTBAlBADQw
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/static/js/2.961534f9.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.157.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-4-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept
*/*
Referer
https://paychicagotickets.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 08:20:15 GMT
Via
1.1 vegur
Server
Cowboy
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://paychicagotickets.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3
styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 7943
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:48:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 7943
354 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:36 GMT
clarity.js
e.clarity.ms/s/0.6.31/
52 KB
23 KB
Script
General
Full URL
https://e.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/134597735.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
br
etag
"1d7ffcbff747e00"
last-modified
Sun, 02 Jan 2022 11:29:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=A730ED48AFB443BB8167332ACDF4537A&RedC=c.clarity.ms&MXFR=08FE6BBE9BFB6F5728A17A8F9FFB6109
  • https://c.clarity.ms/c.gif?CtsSyncId=A730ED48AFB443BB8167332ACDF4537A&MUID=363D20EA7B0363081BF131DB7AD1627D
42 B
366 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=A730ED48AFB443BB8167332ACDF4537A&MUID=363D20EA7B0363081BF131DB7AD1627D
Requested by
Host: paychicagotickets.com
URL: https://paychicagotickets.com/search
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8C6BEBA47E384B7C8A9485AEA9614D43 Ref B: FRAEDGE1321 Ref C: 2022-01-19T08:20:14Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=A730ED48AFB443BB8167332ACDF4537A&MUID=363D20EA7B0363081BF131DB7AD1627D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
truncated
/ Frame 7943
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7943
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7943
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:03:19 GMT
x-content-type-options
nosniff
age
436615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 21 Jan 2022 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7943
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:18:05 GMT
x-content-type-options
nosniff
age
75729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 11:18:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7943
102 B
133 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U&co=aHR0cHM6Ly9wYXljaGljYWdvdGlja2V0cy5jb206NDQz&hl=de&type=image&v=TDBxTlSsKAUm3tSIa0fwIqNu&theme=light&size=normal&badge=bottomright&cb=b2vwsv5f4s2o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Wed, 19 Jan 2022 08:20:14 GMT
bframe
www.google.com/recaptcha/api2/ Frame CC28
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b04ac71d516b3d6d432e3d5dc1c78acbc4369c8e0d865736d5fcb6683d2e0d8b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B712H1weLnpWkR50VCKMdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 19 Jan 2022 08:20:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-B712H1weLnpWkR50VCKMdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame CC28
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:48:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame CC28
354 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LdpXMsUAAAAAJ17ck38v4xqOMkS8p4AMod9aE6U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:36 GMT
collect
e.clarity.ms/
0
96 B
XHR
General
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paychicagotickets.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://paychicagotickets.com
date
Wed, 19 Jan 2022 08:20:15 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-5NFHMLZ&cv=5&v=3&t=t&pid=415293883&rv=1c0&es=1&e=gtm.load&eid=6&u=C&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paychicagotickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 08:20:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| GooglemKTybQhCsO function| google_trackConversion function| hj object| _hjSettings function| $ function| jQuery object| webpackJsonppay.winit.app object| regeneratorRuntime object| __SECRET_EMOTION__ string| GoogleAnalyticsObject function| ga object| dataLayer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| UET function| UET_init function| UET_push object| ueto_e6cc8b5fb4 object| uetq object| recaptcha object| closure_lm_532799 function| clarity

19 Cookies

Domain/Path Name / Value
.paychicagotickets.com/ Name: _ga
Value: GA1.2.101209774.1642580414
.paychicagotickets.com/ Name: _gid
Value: GA1.2.2055000585.1642580414
.paychicagotickets.com/ Name: _gat
Value: 1
.paychicagotickets.com/ Name: _hjSessionUser_974720
Value: eyJpZCI6IjgzZThhYjk0LTJlZjYtNTBkOS1iZGQ4LTIzN2VkMDYyMmMxOCIsImNyZWF0ZWQiOjE2NDI1ODA0MTQyMjUsImV4aXN0aW5nIjpmYWxzZX0=
.paychicagotickets.com/ Name: _hjFirstSeen
Value: 1
paychicagotickets.com/ Name: _hjIncludedInSessionSample
Value: 0
.paychicagotickets.com/ Name: _hjSession_974720
Value: eyJpZCI6ImU2OTc2YzE4LTg2YjUtNDBhNS1iY2NkLTY2ODc3OWMzMGMzYyIsImNyZWF0ZWQiOjE2NDI1ODA0MTQyODksImluU2FtcGxlIjpmYWxzZX0=
paychicagotickets.com/ Name: _hjIncludedInPageviewSample
Value: 1
.paychicagotickets.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.bing.com/ Name: MUID
Value: 363D20EA7B0363081BF131DB7AD1627D
.paychicagotickets.com/ Name: _uetsid
Value: a0aaacd0790011ec92ea5f3fab9fe2e6
.paychicagotickets.com/ Name: _uetvid
Value: a0aad600790011eca9460b171405f95f
api.paychicagotickets.com/ Name: io
Value: W1UXOZvs4KhTBAlBADQw
.c.bing.com/ Name: SRM_B
Value: 363D20EA7B0363081BF131DB7AD1627D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 363D20EA7B0363081BF131DB7AD1627D
.c.clarity.ms/ Name: ANONCHK
Value: 0
.paychicagotickets.com/ Name: _clck
Value: bmmvmv|1|ey9|0
.paychicagotickets.com/ Name: _clsk
Value: 1rfz4j1|1642580415431|1|1|e.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.paychicagotickets.com
bat.bing.com
c.bing.com
c.clarity.ms
code.jquery.com
e.clarity.ms
fonts.gstatic.com
in.hotjar.com
paychicagotickets.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.185.194
159.65.118.56
18.66.112.110
18.66.139.117
18.66.97.49
20.62.48.180
2001:4de0:ac18::1:a:1b
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9b
34.251.129.210
52.142.114.2
52.222.236.74
54.157.4.65
00e4b95a367ef22e96768f1777ec07d83aa65eb4f1b46b31d867c6ad90d55ee1
0903aeb2dad08d6a15d2447448067acb07131ee126e365adbc387da60f494d75
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09a16bf6f2881700b3d0c083d51995c4956752bdbd87045b9ff5e8333bda52a1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
323ad1965a1293cdfe92dee322e7e0af8829b43fdb0ddd4f8e1befa55c10c2ae
3b8af710a148e3aee3c3f8810b54e70e4824363013285901ad4c891556f61d49
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
477259d23a78a6c93ad89d96bed6f9d997ea3add21ff480f6b3bfb88c810ef4e
498c7d9be53036e1e3c8e18517bca066aa3fe6695ca3e485677838057f8ecb06
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6a415fd958de027417632fb35a711ae89f9e45163a3a19d4bd22454ba0e4d5c6
6a72e5c941951ae2b62faabba6194014ff9b41cd038862e15482dffd782d6662
767977585d084f610019a8278cab68d9164adb48d2e6b14fe98fb0f0421f6766
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
80d52b0e6813eb6c48d8a3291b6bb7c9235bc3f3571d2826f846037ed8a6bab4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
95e1bebc2d17ffd4389b8acfa029e4d7c67d126c53b062053cf20bc6bb6a789d
98304f06a3503e467fa36472167a1e5d6309bd22a7514b8449fb312357ad7f7f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac4640cae7e11bc51b2044b068e8357c6630a18804482a425612763d8684569
9e77ffa3b10d36f219d7c00918ad006247247086fb38e0290ffee197af1895ed
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
acb6f0382c9d777f6c83d812636bb5e03e2a971a01e2032d9f4138edaaeb1a71
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04ac71d516b3d6d432e3d5dc1c78acbc4369c8e0d865736d5fcb6683d2e0d8b
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b7b0d9f90d4a0e7eadbb00274a82d6ad0f78032f6a8127338453118dd5f28959
bd579eb52d6ce3d0bddb376b8903b0eef168e86507f63b618133aa44aa1aee9b
bd77383e7442d761f30715a1b605766eda93612233a76d6db58baf1ae0ba740f
bedba28efeb10262ec16d77c960e1371d9a6d695cecf88a61eaa08f5bca8e3f9
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c942163fd818a62206920bd56def27dae1723c0305dad51713a70491a14fd773
d037f01b5208b2677b0720b19d9d2b68cc774a82b9843f6a026cc3e2f4e8c6ea
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fbd026586096ab590a48499406a4d3909c7aa338e7a82e6adb5c86c73a319e0e
fc6197e8787c76536744303c79a1680df7c54bef890c281cb29ca45e1f80ffe1
fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9
ffc3c701d9ec62efc2f74592d02e77f17ccadc53fb3e4793c165db5004cc5aa6