icash.illinoistreasurer.gov
13.32.121.124

Go To Rescan
Add Verdict Report

Submitted URL:
https://0sgvv.mjt.lu/lnk/AU0AAF4fdtMAAcsC4K4AAANZzG4AAAAAE0MAABiaABoyPABi9b5tAg_yYmx7RRqsj0_KeFN0JQAZF3Q/7/5w-6Tj8zjl...
Effective URL:
https://icash.illinoistreasurer.gov/app/claim-search
Submission: On August 15 via manual (August 15th 2022, 2:23:20 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 19 domains to perform 72 HTTP transactions. The main IP is 13.32.121.124, located in United States and belongs to AMAZON-02, US. The main domain is icash.illinoistreasurer.gov. The Cisco Umbrella rank of the primary domain is 856162.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 28th 2022. Valid for: a year.

This is the only time icash.illinoistreasurer.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.241.186.140 35.241.186.140	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	13.32.121.124 13.32.121.124	16509 (AMAZON-02) (AMAZON-02)
1	40.121.32.232 40.121.32.232	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 4	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 12	54.220.48.180 54.220.48.180	16509 (AMAZON-02) (AMAZON-02)
1	35.156.107.216 35.156.107.216	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	52.203.120.236 52.203.120.236	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
72	24

1 35.241.186.140 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 140.186.241.35.bc.googleusercontent.com

0sgvv.mjt.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.32.121.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-124.fra60.r.cloudfront.net

icash.illinoistreasurer.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.121.32.232 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

scripts.dirad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

8579259.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5baa (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.220.48.180 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.107.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-107-216.eu-central-1.compute.amazonaws.com

1409.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.120.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-120-236.compute-1.amazonaws.com

apps.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	illinoistreasurer.gov icash.illinoistreasurer.gov — Cisco Umbrella Rank: 856162	642 KB
12	crwdcntrl.net 6 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 834	3 KB
9	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	49 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	540 KB
6	doubleclick.net 2 redirects 8579259.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5596 adservice.google.de — Cisco Umbrella Rank: 8117	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361 www.linkedin.com — Cisco Umbrella Rank: 491 px4.ads.linkedin.com — Cisco Umbrella Rank: 5619	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	197 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 674 syndication.twitter.com — Cisco Umbrella Rank: 864	133 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
1	mypurecloud.com apps.mypurecloud.com — Cisco Umbrella Rank: 8310	56 KB
1	siteimproveanalytics.io 1409.global.siteimproveanalytics.io — Cisco Umbrella Rank: 642726	620 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 734	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3528	10 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	83 KB
1	dirad.com scripts.dirad.com	18 KB
1	mjt.lu 1 redirects 0sgvv.mjt.lu	129 B
72	19

	Domain	Requested by
20	icash.illinoistreasurer.gov	icash.illinoistreasurer.gov
12	bcp.crwdcntrl.net	6 redirects icash.illinoistreasurer.gov
7	www.google.com	icash.illinoistreasurer.gov www.gstatic.com www.google.com
6	www.gstatic.com	www.google.com www.gstatic.com
4	8579259.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com icash.illinoistreasurer.gov
4	connect.facebook.net	icash.illinoistreasurer.gov connect.facebook.net
2	fonts.gstatic.com	www.google.com
2	www.facebook.com	icash.illinoistreasurer.gov
2	adservice.google.de	adservice.google.com
2	adservice.google.com	8579259.fls.doubleclick.net
2	www.google.de	icash.illinoistreasurer.gov
2	px.ads.linkedin.com	2 redirects
2	platform.twitter.com	icash.illinoistreasurer.gov platform.twitter.com
1	apps.mypurecloud.com	scripts.dirad.com
1	px4.ads.linkedin.com	icash.illinoistreasurer.gov
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	icash.illinoistreasurer.gov
1	googleads.g.doubleclick.net	www.googleadservices.com
1	syndication.twitter.com	platform.twitter.com
1	1409.global.siteimproveanalytics.io	icash.illinoistreasurer.gov
1	snap.licdn.com	icash.illinoistreasurer.gov
1	www.googleadservices.com	www.googletagmanager.com
1	siteimproveanalytics.com	icash.illinoistreasurer.gov
1	www.googletagmanager.com	icash.illinoistreasurer.gov
1	scripts.dirad.com	icash.illinoistreasurer.gov
1	0sgvv.mjt.lu	1 redirects
72	27

This site contains links to these domains. Also see Links.

Domain
findmyfunds.com
illinoistreasurer.gov

Subject Issuer	Validity	Valid
www.icash.illinoistreasurer.gov Entrust Certification Authority - L1K	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.dirad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2022-11-07`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-24` - `2022-08-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
mypurecloud.com Amazon	`2021-10-21` - `2022-11-18`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://icash.illinoistreasurer.gov/app/claim-search
Frame ID: 4A55537B7D29B5A7D8662F38383FB0A0
Requests: 53 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html?origin=https%3A%2F%2Ficash.illinoistreasurer.gov
Frame ID: D2191E0C717FD21E1BDCC6D52CB5B3FA
Requests: 2 HTTP requests in this frame

Frame: https://8579259.fls.doubleclick.net/activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
Frame ID: 08842DC2F949ADC3E3EAF119D5475A2F
Requests: 1 HTTP requests in this frame

Frame: https://8579259.fls.doubleclick.net/activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
Frame ID: 6F97CC630D3420A27945DD2B37F59EED
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
Frame ID: 42C602D744DE5462C9FCB6C4FC0839D5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
Frame ID: 58DD9827B0D52F011B712B8AA039C43B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
Frame ID: B578C7B49CF466F6EA4AD30B84D03B8A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
Frame ID: 85BFE04433FECC0E92E5FB663C64D3C5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3&co=aHR0cHM6Ly9pY2FzaC5pbGxpbm9pc3RyZWFzdXJlci5nb3Y6NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=s29gio77m4se
Frame ID: 300C5857C7BA635221C2ACDB6A7CEEC0
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3
Frame ID: AECBCB29C54FCEABE86D069305BDDA2D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://0sgvv.mjt.lu/lnk/AU0AAF4fdtMAAcsC4K4AAANZzG4AAAAAE0MAABiaABoyPABi9b5tAg_yYmx7RRqsj0_KeFN0... HTTP 302
https://icash.illinoistreasurer.gov/app/claim-search Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

90 %
HTTPS

62 %
IPv6

19
Domains

27
Subdomains

24
IPs

5
Countries

1773 kB
Transfer

5103 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://findmyfunds.com/
Title: FindMyFunds.com

Search URL Search Domain Scan URL

URL: http://illinoistreasurer.gov/Privacy_Policy
Title: Privacy Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://0sgvv.mjt.lu/lnk/AU0AAF4fdtMAAcsC4K4AAANZzG4AAAAAE0MAABiaABoyPABi9b5tAg_yYmx7RRqsj0_KeFN0JQAZF3Q/7/5w-6Tj8zjlDa7i_MNswOug/aHR0cHM6Ly9pY2FzaC5pbGxpbm9pc3RyZWFzdXJlci5nb3YvYXBwL2NsYWltLXNlYXJjaA HTTP 302
https://icash.illinoistreasurer.gov/app/claim-search Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://8579259.fls.doubleclick.net/activityi;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search HTTP 302
https://8579259.fls.doubleclick.net/activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Request Chain 17

https://8579259.fls.doubleclick.net/activityi;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search HTTP 302
https://8579259.fls.doubleclick.net/activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Request Chain 21

https://bcp.crwdcntrl.net/5/c=931/b=53091621 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091621

Request Chain 22

https://bcp.crwdcntrl.net/5/c=931/b=53091601 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091601

Request Chain 23

https://bcp.crwdcntrl.net/5/c=931/b=71248580 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=71248580

Request Chain 24

https://bcp.crwdcntrl.net/5/c=931/b=72579969 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=72579969

Request Chain 25

https://bcp.crwdcntrl.net/5/c=931/b=91036862 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036862

Request Chain 26

https://bcp.crwdcntrl.net/5/c=931/b=91036928 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036928

Request Chain 34

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1337457%26time%3D1660573395039%26url%3Dhttps%253A%252F%252Ficash.illinoistreasurer.gov%252Fapp%252Fclaim-search%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&liSync=true&e_ipv6=AQLgfWh1u5D9VwAAAYKh4yqXUoty-TX3oU_UzawMnOHHrRVeYmd-k8UvpLJHUx7hN2EewWhNXFVZ88pP8x7dZp_bsClSZA

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request claim-search Show response
icash.illinoistreasurer.gov/app/
Redirect Chain

https://0sgvv.mjt.lu/lnk/AU0AAF4fdtMAAcsC4K4AAANZzG4AAAAAE0MAABiaABoyPABi9b5tAg_yYmx7RRqsj0_KeFN0JQAZF3Q/7/5w-6Tj8zjlDa7i_MNswOug/aHR0cHM6Ly9pY2FzaC5pbGxpbm9pc3RyZWFzdXJlci5nb3YvYXBwL2NsYWltLXNlYXJjaA
https://icash.illinoistreasurer.gov/app/claim-search

3 KB
2 KB

547ms
23ms

Document
text/html

13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c7f5d3ffcbfbc76a7797dfc740e0a9e3798b9a6789237a84c77cbfc61437fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39334
content-encoding: gzip
content-type: text/html
date: Mon, 15 Aug 2022 03:27:39 GMT
etag: W/"3dbe4b503b862bc2f7c769c65576e7f4"
last-modified: Wed, 03 Aug 2022 15:06:02 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-id: PVxtAi44TZXZzFQarsCk7_Qwrx20efx_bFuk-gLmRQJcp_7iBzrroA==
x-amz-cf-pop: FRA60-P1
x-amz-error-code: NoSuchKey
x-amz-error-detail-key: app/claim-search
x-amz-error-message: The specified key does not exist.
x-amz-version-id: wisXcjIzzSrQ6Q0HpneADU0rh4RvAvol
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 75
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 14:23:13 GMT
location: https://icash.illinoistreasurer.gov/app/claim-search

GET
H/1.1 200
OK illinoischat.js Show response
scripts.dirad.com/ 17 KB
18 KB 596ms
152ms Script
application/javascript 40.121.32.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.dirad.com/illinoischat.js
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.121.32.232 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 2e1bd944f6ffb38a23864d61d31fd268ff9cc447e3bf85422f33125fdf7c69ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 14:23:15 GMT
ETag: W/"4440-17cec1255b0"
Last-Modified: Thu, 04 Nov 2021 17:49:57 GMT
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 17472

GET
H2 200 styles.e38f54cf373470837693.css
icash.illinoistreasurer.gov/ 200 KB
31 KB 28ms
25ms Stylesheet
text/css 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f1fd26422fe61fb4e9bc2c99a810c5b862dfa305bd834c5f8cc59954bf7f0e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: IVeJOWLJa63iM0x3gyTcZRbmTVHQlSrd
content-encoding: gzip
etag: W/"87bddc5e4f1cf4f022d350eac59d58bc"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:03 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:54 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 5G35u-eGOUBQNMJa8-5F4kjeyE4h0-i4GMGb1XAb_T-DcUKFilTx6Q==

GET
H2 200 runtime-es2015.af643c257e82e4ce9bda.js Show response
icash.illinoistreasurer.gov/ 2 KB
2 KB 103ms
100ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3001973593ade80a0059f72a8683fdb2ce96aa85910909119b8a94f675da8d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/app/claim-search
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: PEF87L1BHgM8jMiDGYwYhF7zXfFziqSw
content-encoding: gzip
etag: W/"e263514db56df0db064c1e1cb401358d"
age: 45648
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:02 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 01:42:27 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: zFiw6joLJZVJ8Ohf5FuFLBJX4tQra2NxeHsBWizmEpGs4gNWzgMWLw==

GET
H2 200 polyfills-es2015.76438c4170c0194f777c.js Show response
icash.illinoistreasurer.gov/ 66 KB
23 KB 47ms
45ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/polyfills-es2015.76438c4170c0194f777c.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e9818c93ce3759a81e18dadf5c253b142ff9b6454359fe7dd3bed50a005bbf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/app/claim-search
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: cEn_u0Jvgei4hfN.p5w6pm1y4eJGRNjK
content-encoding: gzip
etag: W/"b8b40b1b0754022e1ef4031a9b2b3c11"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:02 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: aDQZS_7NL9RsmtlE-U1hz5_J1rBip34GdSThoJ-NQ86lrtQB-xGmXA==

GET
H2 200 main-es2015.d51fd8021c7bf6e2fccc.js Show response
icash.illinoistreasurer.gov/ 1 MB
333 KB 51ms
50ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/main-es2015.d51fd8021c7bf6e2fccc.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8a9ba10e45270aba2916142559fb55e1fe71d71cf1befb86da72a930d20ca0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/app/claim-search
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: pwXQT8bkOdiHEMHZ5K1CTwU31U_FZxS0
content-encoding: gzip
etag: W/"0c6fa6026ab6b53881bb40a49bf28843"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:02 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: J09AysjB7KZ8eAdVKRt1d2ItX256s8l2k8YEvuDSSV8xN1fKP4Q1Bw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
83 KB 96ms
46ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDPLB3Z

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2f53a35f5adadc977a3ba56f768547dacec8811cb507898fe44b4d9d5f1c070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84403
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 14:23:14 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 118ms
21ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 4c9e097414ccbfdefb3354fe850aa98a9e015d3b9f05519050a0db68105f5ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 14:23:14 GMT
Content-Encoding: gzip
Age: 284
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29276
x-tw-cdn: VZ
Last-Modified: Fri, 12 Aug 2022 17:26:11 GMT
Server: ECS (frb/67C1)
Etag: "bd88345e54896fdf79f585f9d089e582+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 100ms
33ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d0f6e2e4c2a421ea67459eadbcc6722205b92ee103c3655f0a8588a4fcbd521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aZCMqRmeOA0w8bPdXL/cQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1683
x-fb-rlafr: 0
x-fb-debug: OiSkw3BWTqZlms6LPNVPlHCqTf8oTSSGg5e735Mes1DBJZyDw5d57cP65NoYEwFnsXGrqZ1zXeIIiGYElC03Qw==
x-fb-trip-id: 720026100
x-fb-content-md5: dae27952a082c7bd911040f51b082f47
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Aug 2022 14:23:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6c5b8a9f06bfae08f638dcc29871b102"
timing-allow-origin: *
expires: Mon, 15 Aug 2022 14:40:44 GMT

GET
H2 200 siteanalyze_1409.js Show response
siteimproveanalytics.com/js/ 27 KB
10 KB 87ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_1409.js
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dbf3766a7e16bd9f63c9cfca7d872b169828ff73082d2c70036b916f9824eff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:14 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5806
cf-ray: 73b29644b9a88fe8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9262
x-amz-id-2: vw99yHlAdhlFwZFE1jS7CEz4Ssf/LDnYlS2Li9gmvfgdlAy5bpYpWA1kEIcZfJaGlHcyOiYAX1A=
last-modified: Mon, 11 Jul 2022 21:47:31 GMT
server: cloudflare
etag: "83af8909dbfd8b76aae802ebdf9d39be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew7wyjHuKEe8aNXGCtBaeHkPt%2BNfb376Zq0PX%2FNfHAsOp2Ng%2BtZ9Nz5ictXRTFBF48L8OfOHc4nbzDyI02TBcAG4Mfid%2BvPq1m%2FXHGSrS6%2B8JijMmEdORGoTxJmnKS3V0f566JsdYMuKMMzEsUbCR0vDjiApWYk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 2FQRE2FQYFJRH46Q
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 bg_texture.png
icash.illinoistreasurer.gov/images/ 78 KB
79 KB 49ms
49ms Image
image/png 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icash.illinoistreasurer.gov/images/bg_texture.png

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d5a11c1a68575eb4332a06059990cfb33cb1df0dd8aabb333cfbe7b5c9a057b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: tZEvtQ8BNcRBACv5QCYmJHghmbiYvDPx
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "ac1839b05d92a3c9818f9063ad10098e"
age: 20009
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 80065
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:58 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 08:49:45 GMT
vary: Accept-Encoding
content-type: image/png
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: u7rrxpPlFcI2S3LDsIwXdZ7GXPDkcyECjfUZ-KSCuklHqylup5pMDQ==

GET
H2 200 open-sans.woff2
icash.illinoistreasurer.gov/fonts/ 15 KB
16 KB 53ms
53ms Font
binary/octet-stream 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/fonts/open-sans.woff2

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: tvYzx4Wwg1108KHJBLD1I12lAzj1xhFc
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "4c9a4bc2b383253d953bad3699c3ab1b"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 15556
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:57 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:54 GMT
vary: Accept-Encoding
content-type: binary/octet-stream
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: H3IIZWEy3jP-UYwoiz5915MQXcyp70Va7eHjP_OamR8jNHG0XTWyqA==

GET
H2 200 en.json Show response
icash.illinoistreasurer.gov/i18nUpgrade/ 62 KB
18 KB 26ms
26ms XHR
application/json 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/i18nUpgrade/en.json

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/polyfills-es2015.76438c4170c0194f777c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ff63a3bf5bb053549735173c56c71643f740063856d64a52f5bec780c8574aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://icash.illinoistreasurer.gov/app/claim-search
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: QkeWUmWKesJY5r0tEzGB78PdwF2qiD_7
content-encoding: gzip
etag: W/"e9fa22fa6a6f04039fcabfd108b82c54"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:57 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:54 GMT
vary: Accept-Encoding
content-type: application/json
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: CAScK9cWGlQooTHMCTEtbfg0GYsFpZ7hJ2I-hPr34he08E3WeXUlJQ==

GET
H2 200 properties Show response
icash.illinoistreasurer.gov/SWS/app/ 7 KB
3 KB 428ms
428ms XHR
application/json 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/SWS/app/properties

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/polyfills-es2015.76438c4170c0194f777c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

9fa4343df70b5c9401f3a98f45b2870419a9a9ecf04e597f29af6efea837b988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://icash.illinoistreasurer.gov/app/claim-search
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 2820
x-xss-protection: 1; mode=block
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "1029527576--gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=900
x-amz-cf-id: BrsKOS-KMZvFm2Ahw7rO01d6h4mu7SpgJKbewmDPpTTMVeYEhVqn8w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
84 KB 65ms
31ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0ae7de9ce9b1dfee8eb3e887cff0e286

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d36ee94634d087b93ab6f6ef14b6bd3620478148192f49475f7cda3c5a16d1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://icash.illinoistreasurer.gov/
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xNSJvXpRT/iaySxv53yQNw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86403
x-fb-rlafr: 0
x-fb-debug: DIuIy0PZgyJCIhv9usMRG3OsUA3xvFzqQt7WXCIkKAuMUazSxUa2RQbV6EPaJFRhUCHJqAKLuMC+9EuNopnmsw==
x-fb-content-md5: 92f464c0de99c7687e6abeb8b102d1e9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Aug 2022 14:23:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6c755219bcc87e83379cc496806a5127"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Aug 2023 12:21:20 GMT

GET
H/1.1 200
OK widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html Show response
platform.twitter.com/widgets/ Frame D219 320 KB
104 KB 21ms
21ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html?origin=https%3A%2F%2Ficash.illinoistreasurer.gov
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://icash.illinoistreasurer.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 248081
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Aug 2022 14:23:14 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Fri, 12 Aug 2022 17:24:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6776)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDPLB3Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4637
date: Mon, 15 Aug 2022 13:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 15:05:57 GMT

GET
H3

200

activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search Show response
8579259.fls.doubleclick.net/ Frame 0884
Redirect Chain

https://8579259.fls.doubleclick.net/activityi;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-s...
https://8579259.fls.doubleclick.net/activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.ill...

505 B
426 B

98ms
57ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8579259.fls.doubleclick.net/activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDPLB3Z

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

6f35137b588afa8319d6c5e235729dcafff710d7fdb07c72d0c8d6337ce1f7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8579259.fls.doubleclick.net/activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search Show response
8579259.fls.doubleclick.net/ Frame 6F97
Redirect Chain

https://8579259.fls.doubleclick.net/activityi;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-s...
https://8579259.fls.doubleclick.net/activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.ill...

505 B
424 B

98ms
57ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8579259.fls.doubleclick.net/activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDPLB3Z

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

3cc5265ba2cacf6ff2fb80e4d4b39c4a432bb838acebe222e27d985cab71b0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8579259.fls.doubleclick.net/activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 99ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDPLB3Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15161
x-xss-protection: 0
server: cafe
etag: 12862140795212465669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 14:23:14 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 185ms
51ms Script
application/x-javascript 2a02:26f0:10e::6860:5baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5baa Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=82246
accept-ranges: bytes
content-length: 3063

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 68ms
33ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: +o0RIttgr+5ErbyboJrYx1OGOJ91/7AUHDePhR7/oik2Ojg3Tx2+XMtz/iJITmm7PLNeqrPmdD9u/mjaMYveHg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Aug 2022 14:23:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b=53091621
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=53091621
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091621

49 B
278 B

60ms
59ms

Image
image/gif

54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091621
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.6.162
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091621
cache-control: no-cache
x-server: 10.45.30.131
content-length: 0
expires: 0

GET
H2

200

b=53091601
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=53091601
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091601

49 B
279 B

58ms
57ms

Image
image/gif

54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091601
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.27.191
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=53091601
cache-control: no-cache
x-server: 10.45.29.183
content-length: 0
expires: 0

GET
H2

200

b=71248580
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=71248580
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=71248580

49 B
278 B

62ms
61ms

Image
image/gif

54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=71248580
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.6.56
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=71248580
cache-control: no-cache
x-server: 10.45.27.228
content-length: 0
expires: 0

GET
H2

200

b=72579969
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=72579969
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=72579969

49 B
279 B

56ms
55ms

Image
image/gif

54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=72579969
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.26.118
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=72579969
cache-control: no-cache
x-server: 10.45.27.162
content-length: 0
expires: 0

GET
H2

200

b=91036862
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=91036862
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036862

49 B
279 B

58ms
58ms

Image
image/gif

54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036862
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.16.140
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036862
cache-control: no-cache
x-server: 10.45.15.161
content-length: 0
expires: 0

GET
H2

200

b=91036928
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=91036928
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036928

49 B
278 B

61ms
60ms

Image
image/gif

54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036928
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.1.160
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=91036928
cache-control: no-cache
x-server: 10.45.18.162
content-length: 0
expires: 0

GET
H/1.1 200
OK image.aspx
1409.global.siteimproveanalytics.io/ 34 B
620 B 150ms
20ms Image
image/gif 35.156.107.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1409.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&title=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&res=1600x1200&accountid=1409&rt=1043&prev=550df5df-153d-56c2-5a1f-b8b50e703727&luid=788c9dd1-53f7-1f18-7586-7603a1c6e883&rnd=91728
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.107.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-107-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 14:23:15 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Mon, 15 Aug 2022 14:23:15 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D219 580 B
548 B 417ms
125ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=eda8b4255b4e58ea7883fe590ee3d73714ad20ca

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html?origin=https%3A%2F%2Ficash.illinoistreasurer.gov

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

688689b02b248aa62bc07a3e299c08001ac65e4e72ecee0ea0514dc701a94010

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 15 Aug 2022 14:23:14 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 14:23:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c11b1375f432dd22f2c9831b3ed3aedc9156a7c8e5d3e69f308f2af6d101e3aa
content-length: 267

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
29ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2042484980&t=pageview&_s=1&dl=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&ul=en-us&de=UTF-8&dt=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=662109926&gjid=1789990760&cid=725391841.1660573395&tid=UA-66197022-1&_gid=686651959.1660573395&_r=1&gtm=2wg880TDPLB3Z&z=1813422734

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/polyfills-es2015.76438c4170c0194f777c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://icash.illinoistreasurer.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://icash.illinoistreasurer.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
22ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2042484980&t=pageview&_s=1&dl=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&ul=en-us&de=UTF-8&dt=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=725391841.1660573395&tid=UA-66197022-1&_gid=686651959.1660573395&gtm=2wg880TDPLB3Z&z=479590170

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 17:42:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74466
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 371142106705577 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 365ms
365ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/371142106705577?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dff561b922579bdb62b470af76faaea136b43cfa0cfadfd2878cddcec2e4968

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: CXk3I205LHT6ilZE+4ZiuhmuLR6+6yQqNoDNEAbDi47tHBqW/Q6gC+8JOPk8B9tVXgX8JCh3FBkSGIytvR0vNw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Aug 2022 14:23:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660573395307
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/322097116/ 2 KB
2 KB 85ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/322097116/?random=1660573394962&cv=9&fst=1660573394962&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&tiba=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&auid=322641005.1660573395&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abe5c73887cc02a6090c0e76274e771ff972a967b025c62c5905c76f283cf4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 84ms
27ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-66197022-1&cid=725391841.1660573395&jid=662109926&gjid=1789990760&_gid=686651959.1660573395&_u=YEBAAEAAAAAAAC~&z=678464203

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/polyfills-es2015.76438c4170c0194f777c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://icash.illinoistreasurer.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 14:23:15 GMT
content-type: text/plain
access-control-allow-origin: https://icash.illinoistreasurer.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1337457%26time%3D1660573395039%26url%3Dhttps%253A%252F%252Ficash.illinoistreasure...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&liSync=true&e_ipv6=AQLgfWh1u5D9VwAAAYKh4yqXUoty-TX3...

0
264 B

285ms
197ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&liSync=true&e_ipv6=AQLgfWh1u5D9VwAAAYKh4yqXUoty-TX3oU_UzawMnOHHrRVeYmd-k8UvpLJHUx7hN2EewWhNXFVZ88pP8x7dZp_bsClSZA
Requested by: Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3D0D62136EE249E2A76926DCD5E34591 Ref B: VIEEDGE2607 Ref C: 2022-08-15T14:23:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmSF9iaW5eneNrWuBPmg==
x-li-fabric: prod-ltx1

Redirect headers

date: Mon, 15 Aug 2022 14:23:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CF297A36A3224015AEFF17F10DBC82FB Ref B: FRAEDGE1518 Ref C: 2022-08-15T14:23:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1337457&time=1660573395039&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&liSync=true&e_ipv6=AQLgfWh1u5D9VwAAAYKh4yqXUoty-TX3oU_UzawMnOHHrRVeYmd-k8UvpLJHUx7hN2EewWhNXFVZ88pP8x7dZp_bsClSZA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmSF9eJOv4yr7bvtEYzA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/322097116/ 42 B
548 B 83ms
34ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/322097116/?random=1660573394962&cv=9&fst=1660572000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&frm=0&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&tiba=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&async=1&fmt=3&is_vtc=1&random=2068243166&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/322097116/ 42 B
548 B 80ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/322097116/?random=1660573394962&cv=9&fst=1660572000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&frm=0&url=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&tiba=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&async=1&fmt=3&is_vtc=1&random=2068243166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 78ms
44ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66197022-1&cid=725391841.1660573395&jid=662109926&_u=YEBAAEAAAAAAAC~&z=1956054124

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
45ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66197022-1&cid=725391841.1660573395&jid=662109926&_u=YEBAAEAAAAAAAC~&z=1956054124

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:23:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search Show response
adservice.google.com/ddm/fls/i/ Frame 42C6 504 B
469 B 111ms
60ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Requested by

Host: 8579259.fls.doubleclick.net
URL: https://8579259.fls.doubleclick.net/activityi;dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa1fbb835f7321e7afeb2355677cefed860c5865372e9a1ab075602c43e6ee32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8579259.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search Show response
adservice.google.com/ddm/fls/i/ Frame 58DD 504 B
868 B 110ms
59ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Requested by

Host: 8579259.fls.doubleclick.net
URL: https://8579259.fls.doubleclick.net/activityi;dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

282fe82c17ea0b501b1f0da0eb4a9101cc5fd96e449999d9de7b3d519e3a9c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8579259.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 918 B
603 B 72ms
29ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/main-es2015.d51fd8021c7bf6e2fccc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecf5a047908bf6961c887be3423be880b45a56f372f86aa5bb7d089015296a49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 14:23:15 GMT

GET
H2 200 dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search Show response
adservice.google.de/ddm/fls/i/ Frame B578 194 B
870 B 108ms
58ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNCL1PqFyfkCFUK5mgodgHMOgw;src=8579259;type=01;cat=claim0;ord=9363717853272;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Mon, 15 Aug 2022 14:23:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search Show response
adservice.google.de/ddm/fls/i/ Frame 85BF 194 B
242 B 108ms
59ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKuK1PqFyfkCFVChmgodlRYKXw;src=8579259;type=01;cat=landi0;ord=5726537368367;gtm=2wg880;auiddc=322641005.1660573395;~oref=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Mon, 15 Aug 2022 14:23:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 386 KB
154 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icash.illinoistreasurer.gov/
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:16:45 GMT

GET
H2 200 jsapi-v1.js Show response
apps.mypurecloud.com/webchat/ 203 KB
56 KB 482ms
216ms Script
text/javascript 52.203.120.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/webchat/jsapi-v1.js

Requested by

Host: scripts.dirad.com
URL: https://scripts.dirad.com/illinoischat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.120.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-120-236.compute-1.amazonaws.com

Software

nginx /

Resource Hash

58595932c9f65a080ed267155ee4d04194dbe7bbe1b54ea53568fc2850abb673

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 13:16:49 GMT
server: nginx
x-amz-request-id: XZ33G8BTY9SXG6GT
etag: "578751e993e4b84178a6ca3421eb1c40"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 56665
x-amz-version-id: zqdHoBZIo5qBz_POvEcVYAPZtOq4rZGs
x-amz-id-2: Qzfpz+PYsqh7jUIzY7zqmQj/xX9ivyC50K+AiCIoYp3zZezXpFQNZyyjeaulBmyAcE3HIL1CnXw=

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 63ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=371142106705577&ev=PageView&dl=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&rl=&if=false&ts=1660573395373&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660573395372.961998874&it=1660573394958&coo=false&rqm=GET

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 14:23:15 GMT

GET
H2 200 8-es2015.3699fde5d32b0bb49422.js Show response
icash.illinoistreasurer.gov/ 387 B
866 B 25ms
24ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/8-es2015.3699fde5d32b0bb49422.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d8e23d702fd1bf2065e6140f1d8081f1b75cc93bdb8a36feb4cb3cc82007c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: XE8qv9ZHyok7ZgzliRoELTE6Qu022DZj
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "9730962836a6425d669c2d2cec7c7dfb"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 387
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:48 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7Ma3vHsk9cf8-IYPn3WKBm_DHctfUyEQ_P1pdYx7Mfjd9qbr4w6KGQ==

GET
H2 200 11-es2015.bdd980b569cf51617a1b.js Show response
icash.illinoistreasurer.gov/ 7 KB
3 KB 27ms
26ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/11-es2015.bdd980b569cf51617a1b.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ff02c7e627245d21ac794cfea7302653eb429e4910b6cf707933dda3f5c83469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: CzMPQ8Ft6s_05bng70VbBUSbGpEAmcx9
content-encoding: gzip
etag: W/"d06be26a0373cf6964dfbf8b9eb5dbc9"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:46 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: WKRgntGA8ikCu_TFTRRCZQ5uFT8cp_iZDnbABWtkQnaje_peAsDaoQ==

GET
H2 200 6-es2015.4d64280c904095200bb5.js Show response
icash.illinoistreasurer.gov/ 28 KB
8 KB 27ms
27ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/6-es2015.4d64280c904095200bb5.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fbb80e25315471eef286b28478507082e6c29904d3a293b6735c93b3c8a487c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: blPhBprEBPsAkTT1aBKjh9T_hLsR0EwT
content-encoding: gzip
etag: W/"b16aa16b19101debc766f030e6008b14"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:47 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: FyaHz-MnezKyQX7yA9T68z_aTBmuObIfBnVQfuo1IojY7LdX_DK2xA==

GET
H2 200 7-es2015.5dd6f3d1986709fa243a.js Show response
icash.illinoistreasurer.gov/ 22 KB
6 KB 27ms
27ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/7-es2015.5dd6f3d1986709fa243a.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

37fd12a7b33620da51458122eef1c20411670b07742349ac3819a9015095c498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Z1nwioP0PvWOyGly0erdQzf17CNATXtq
content-encoding: gzip
etag: W/"ac2910a69531b57501150e990791cdb6"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:50 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: x_9bA-Mjgj1JKvQbClaKPb8B5ucdVuFGH5XbiwaJfUkk1xGdfwFbhg==

GET
H2 200 1-es2015.c7d1647fb47616e5ebc8.js Show response
icash.illinoistreasurer.gov/ 94 KB
11 KB 25ms
25ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/1-es2015.c7d1647fb47616e5ebc8.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4a94009486a786798e912232f30b12700612ecc7e6d9498565f146c471c114dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: E.Dk9ENBzmH7QEhLAXR5JoZ12keGhmQd
content-encoding: gzip
etag: W/"ede626744fc5fc5444c8a71748374227"
age: 29623
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:44 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 06:09:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: CXVbCPpisiieh1Uc37dUJJfDy8lF4s7T1m1278dZ50jhB2XWw7cA5w==

GET
H2 200 10-es2015.6bbe9a119ccaa588985d.js Show response
icash.illinoistreasurer.gov/ 46 KB
9 KB 26ms
26ms Script
application/javascript 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/10-es2015.6bbe9a119ccaa588985d.js

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/runtime-es2015.af643c257e82e4ce9bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4e79dbe5e030bc10e54ca2a9e3052a08bd7d53d487c4625439806b72fc057937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: cnerEb2zFDROn6d6cFF1.OUqDpkL0mP_
content-encoding: gzip
etag: W/"fba029c781a9dad60ce7e86044250b71"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:45 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: fsmG0VVoEeNarEapzj696h4w3cyKlHGGj0NKxnOY5hPDuDCubAHZrw==

GET
H2 200 MaterialIcons-Regular.woff2
icash.illinoistreasurer.gov/fonts/iconfont/ 54 KB
54 KB 23ms
23ms Font
binary/octet-stream 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/fonts/iconfont/MaterialIcons-Regular.woff2?v=1

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: LwoWbgH0eYinu130P3RYLTTaxyE2sOpJ
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "658dde714e624426b1f0f9976f031513"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 55208
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:54 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: binary/octet-stream
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: B78LvvKXJVIZIeGg8yMw5Mk6SFxeZ5xPVQ0ZUKb-9hJKocvCU72H8A==

GET
H2 200 open-sans-bold.woff2
icash.illinoistreasurer.gov/fonts/ 16 KB
16 KB 24ms
24ms Font
binary/octet-stream 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://icash.illinoistreasurer.gov/fonts/open-sans-bold.woff2

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css
Origin: https://icash.illinoistreasurer.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: sDiuRDaTc.Ci..j8KXRwGC6sN0KJbQrv
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "766fc545e65b65297289359eac5ac7bf"
age: 66801
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 16224
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:05:56 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Sun, 14 Aug 2022 19:49:55 GMT
vary: Accept-Encoding
content-type: binary/octet-stream
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: X1Z4CRB8nLFERFAOkeW5JdlFPYvMXX0St-W8ak_h0BrLARbaYjghsA==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 300C 42 KB
22 KB 44ms
43ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3&co=aHR0cHM6Ly9pY2FzaC5pbGxpbm9pc3RyZWFzdXJlci5nb3Y6NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=s29gio77m4se

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de6a9949728cbf3c4f796d47fcb637a8f509070f90e9b1e15d60f66140b9a8c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NQfdbJ_w97RfQKpuroDP5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22651
content-security-policy: script-src 'report-sample' 'nonce-NQfdbJ_w97RfQKpuroDP5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 spinner.svg
icash.illinoistreasurer.gov/images/ 3 KB
904 B 26ms
26ms Image
image/svg+xml 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icash.illinoistreasurer.gov/images/spinner.svg

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1706bd9fa5445259733ae1f252c258f647fe257bd3044f0c9efb72bcc867faf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 8rnibw5apima7LeousSOoQxNY_BPpVpd
content-encoding: gzip
etag: W/"60d89ff03d26c39da3155bf966ba6137"
age: 28652
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:01 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 06:25:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: GWTKpUFOyMGa5pZPRA9in2q_08L1xTgFSDI2t_cDHvDtk8OcZudQaA==

GET
H2 200 red-exclamation.png
icash.illinoistreasurer.gov/images/icons/ 636 B
1 KB 24ms
24ms Image
image/png 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icash.illinoistreasurer.gov/images/icons/red-exclamation.png

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/app/claim-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

efb16df6352815fec634108132a394118d052f10260af426c782bb2afbe1280b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/app/claim-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: eVSQsMCRYb3vozEVsA9d4au4THt9DQo0
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "7b8a151c7c27c053b65d75c906743916"
age: 39779
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 636
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:00 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 03:20:17 GMT
vary: Accept-Encoding
content-type: image/png
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: XlqhpIO85V_89wMr3mntfvIm1gnH3wU_DxlSzc_P0AKtld4EGzinRQ==

GET
H2 200 il_process_logo.png
icash.illinoistreasurer.gov/images/ 26 KB
27 KB 25ms
24ms Image
image/png 13.32.121.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icash.illinoistreasurer.gov/images/il_process_logo.png

Requested by

Host: icash.illinoistreasurer.gov
URL: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-124.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fd519d17ef8294a81fd7993ddc01b698c574510a4ddf09493d6ce599670021b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/styles.e38f54cf373470837693.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 51Z8bpiCrGcQMDaCQqNRITK7OULFhen.
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
etag: "23a89f9e04e9f3261f76b9d4ff44d22e"
age: 39779
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 26847
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Aug 2022 15:06:01 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 03:20:17 GMT
vary: Accept-Encoding
content-type: image/png
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hltSoYbMvfLAi9hD39bV0Ed3VyRtipGh84T5oLj6KY6oe4QWPgwTpA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 300C 52 KB
24 KB 61ms
20ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3&co=aHR0cHM6Ly9pY2FzaC5pbGxpbm9pc3RyZWFzdXJlci5nb3Y6NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=s29gio77m4se

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:56:30 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 300C 383 KB
152 KB 72ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:56:29 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 300C 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 326586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 18 Aug 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 300C 15 KB
15 KB 80ms
30ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 529510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 300C 15 KB
16 KB 74ms
24ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 501807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 300C 102 B
134 B 31ms
30ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3&co=aHR0cHM6Ly9pY2FzaC5pbGxpbm9pc3RyZWFzdXJlci5nb3Y6NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=s29gio77m4se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 14:23:15 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame AECB 7 KB
1 KB 38ms
37ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c51a607e71632e6e85054e851a6a2657c78430d9385eca84a2909f38dd92cbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b6VwVjonoEfi5S3kEr7w1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icash.illinoistreasurer.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-b6VwVjonoEfi5S3kEr7w1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 14:23:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame AECB 52 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:56:30 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame AECB 383 KB
152 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:56:29 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame AECB 38 KB
23 KB 75ms
75ms XHR
application/json 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd6c42c8e0e5d375d4f6d0a0f76ac9cd150be9658296f99cca640ca70647918c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Le1HyEUAAAAAGDRTDgxkrt_LOU8pIMr-574w-E3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 15 Aug 2022 14:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23166
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 14:23:15 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 44ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=371142106705577&ev=Microdata&dl=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&rl=&if=false&ts=1660573396877&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660573395372.961998874&it=1660573394958&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:23:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 14:23:16 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2042484980&t=event&ni=1&_s=1&dl=https%3A%2F%2Ficash.illinoistreasurer.gov%2Fapp%2Fclaim-search&ul=en-us&de=UTF-8&dt=Illinois%20Unclaimed%20Property%20%E2%80%93%20Official%20State%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Timer&ea=time-on-page&el=0m%205s&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=725391841.1660573395&tid=UA-66197022-1&_gid=686651959.1660573395&gtm=2wg880TDPLB3Z&z=570389981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icash.illinoistreasurer.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 17:42:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74471
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

icash.illinoistreasurer.gov Open in urlscan Pro 13.32.121.124

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

90 %HTTPS

62 %IPv6

19 Domains

27 Subdomains

24 IPs

5 Countries

1773 kBTransfer

5103 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

icash.illinoistreasurer.gov
13.32.121.124

Screenshot
Live screenshot

Full Image

72
Requests

90 %
HTTPS

62 %
IPv6

19
Domains

27
Subdomains

24
IPs

5
Countries

1773 kB
Transfer

5103 kB
Size

21
Cookies

72 HTTP transactions
0 data transactions