www.enjoyillinois.com Open in urlscan Pro
3.135.131.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://luxebyillinois.com/
Effective URL:
https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Submission: On November 08 via api (November 8th 2024, 4:12:00 pm UTC) from US — Scanned from GB

Summary HTTP 134 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 26 domains to perform 134 HTTP transactions. The main IP is 3.135.131.171, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.enjoyillinois.com. The Cisco Umbrella rank of the primary domain is 513552.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 23rd 2024. Valid for: a year.

This is the only time www.enjoyillinois.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
34	3.135.131.171 3.135.131.171	16509 (AMAZON-02) (AMAZON-02)
20	18.66.122.46 18.66.122.46	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::ac40:9572	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	95.85.19.25 95.85.19.25	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	146.185.171.17 146.185.171.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2	2a04:4e42:200... 2a04:4e42:200::84	54113 (FASTLY) (FASTLY)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
7	54.86.47.15 54.86.47.15	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
1 2	95.101.111.153 95.101.111.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:268e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	34.160.64.247 34.160.64.247	15169 (GOOGLE) (GOOGLE)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
6	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 6	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	34.102.191.167 34.102.191.167	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
2	2600:9000:275... 2600:9000:275d:2400:1d:40aa:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	54.236.206.179 54.236.206.179	14618 (AMAZON-AES) (AMAZON-AES)
1	108.156.60.105 108.156.60.105	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	95.85.9.7 95.85.9.7	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
134	40

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

luxebyillinois.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 3.135.131.171 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-131-171.us-east-2.compute.amazonaws.com

www.enjoyillinois.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.66.122.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-46.fra60.r.cloudfront.net

starling.crowdriff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9572 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.85.19.25 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

geo.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.171.17 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.86.47.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-47-15.compute-1.amazonaws.com

embed.guidegeek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.153 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:268e (United States)

ASN13335 (CLOUDFLARENET, US)

api.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.64.247 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 247.64.160.34.bc.googleusercontent.com

jsres.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

14266377.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.102 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

8388687.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.191.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.191.102.34.bc.googleusercontent.com

sdk.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:2400:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.relay-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.206.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-206-179.compute-1.amazonaws.com

api.guidegeek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-105.ams1.r.cloudfront.net

cdn1.matadornetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.85.9.7 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	enjoyillinois.com www.enjoyillinois.com — Cisco Umbrella Rank: 513552	1 MB
20	crowdriff.com starling.crowdriff.com — Cisco Umbrella Rank: 51069	295 KB
15	doubleclick.net 7 redirects 14266377.fls.doubleclick.net td.doubleclick.net — Cisco Umbrella Rank: 192 ad.doubleclick.net — Cisco Umbrella Rank: 150 8388687.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 283	3 KB
9	guidegeek.com embed.guidegeek.com — Cisco Umbrella Rank: 279062 api.guidegeek.com — Cisco Umbrella Rank: 307127	35 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 fcmatch.google.com — Cisco Umbrella Rank: 3720 adservice.google.com — Cisco Umbrella Rank: 357	2 KB
7	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4352	32 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 930	5 KB
6	sojern.com static.sojern.com — Cisco Umbrella Rank: 13754 pixel.sojern.com — Cisco Umbrella Rank: 9645	46 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	383 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 267	5 KB
5	adara.com js.adara.com — Cisco Umbrella Rank: 23948 jsres.adara.com — Cisco Umbrella Rank: 23322 sdk.adara.com — Cisco Umbrella Rank: 23240	6 KB
5	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 7153 api.weglot.com — Cisco Umbrella Rank: 20869	86 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1442 match.adsrvr.org — Cisco Umbrella Rank: 373 insight.adsrvr.org — Cisco Umbrella Rank: 945	6 KB
3	cookie-script.com geo.cookie-script.com — Cisco Umbrella Rank: 31152 cdn.cookie-script.com — Cisco Umbrella Rank: 22973 consent.cookie-script.com — Cisco Umbrella Rank: 39937	100 KB
2	relay-t.io p.relay-t.io — Cisco Umbrella Rank: 50898	5 KB
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4145	875 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 1994 alb.reddit.com — Cisco Umbrella Rank: 1330	761 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2502	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 982	25 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1063	13 KB
1	matadornetwork.com cdn1.matadornetwork.com — Cisco Umbrella Rank: 301939	70 KB
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 3798	432 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	gstatic.com www.gstatic.com	215 KB
1	luxebyillinois.com 1 redirects luxebyillinois.com	337 B
134	26

	Domain	Requested by
34	www.enjoyillinois.com	www.enjoyillinois.com
20	starling.crowdriff.com	www.enjoyillinois.com starling.crowdriff.com
7	embed.guidegeek.com	www.enjoyillinois.com embed.guidegeek.com
7	static.addtoany.com	www.enjoyillinois.com static.addtoany.com
6	ad.doubleclick.net	4 redirects www.enjoyillinois.com
6	ct.pinterest.com	s.pinimg.com
6	www.googletagmanager.com	www.enjoyillinois.com www.googletagmanager.com
5	ib.adnxs.com	2 redirects www.enjoyillinois.com
4	pixel.sojern.com	static.sojern.com www.enjoyillinois.com
4	www.google.com	www.enjoyillinois.com www.googletagmanager.com www.gstatic.com
4	cdn.weglot.com	www.enjoyillinois.com cdn.weglot.com
3	cm.g.doubleclick.net	1 redirects www.enjoyillinois.com
3	sdk.adara.com	js.adara.com
2	api.guidegeek.com	embed.guidegeek.com
2	adservice.google.com	www.enjoyillinois.com
2	p.relay-t.io	pixel.sojern.com p.relay-t.io
2	tag.yieldoptimizer.com	2 redirects
2	c1.adform.net	2 redirects
2	8388687.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	14266377.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	trkn.us	1 redirects www.enjoyillinois.com
2	static.sojern.com	www.googletagmanager.com static.sojern.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
1	consent.cookie-script.com	cdn.cookie-script.com
1	insight.adsrvr.org	js.adsrvr.org
1	cdn1.matadornetwork.com	embed.guidegeek.com
1	match.adsrvr.org	www.enjoyillinois.com
1	fcmatch.youtube.com	www.enjoyillinois.com
1	fcmatch.google.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	jsres.adara.com	js.adara.com
1	alb.reddit.com	www.enjoyillinois.com
1	pixel-config.reddit.com	www.redditstatic.com
1	api.weglot.com	cdn.weglot.com
1	js.adara.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.cookie-script.com	www.googletagmanager.com
1	geo.cookie-script.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	luxebyillinois.com	1 redirects
134	42

This site contains links to these domains. Also see Links.

Domain
de.enjoyillinois.com
fr.enjoyillinois.com
es-mx.enjoyillinois.com
it.enjoyillinois.com
tourillinois.org
meetinillinois.com
sportsillinois.com
media.enjoyillinois.com
www.facebook.com
www.instagram.com
pinterest.com
www.tiktok.com
www.linkedin.com
www.youtube.com
www.indiennechicago.com
dceo.illinois.gov
www.illinois.gov
www.choosechicago.com
greatlakesusa.org
www.visittheusa.com
get.adobe.com
timezoneone.com
www.addtoany.com

Subject Issuer	Validity	Valid
enjoyillinois.com Amazon RSA 2048 M02	`2024-08-23` - `2025-09-21`	a year	crt.sh
*.crowdriff.com Amazon RSA 2048 M03	`2024-07-18` - `2025-08-16`	a year	crt.sh
static.addtoany.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
cdn.weglot.com WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-17` - `2025-08-17`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-06` - `2025-04-03`	6 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
www.golfsnap.app WR3	`2024-10-23` - `2025-01-21`	3 months	crt.sh
guidegeek.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-24` - `2025-03-08`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-21`	5 months	crt.sh
api.weglot.com WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh
*.adara.com Go Daddy Secure Certificate Authority - G2	`2024-06-15` - `2025-07-17`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
p.relay-t.io Amazon RSA 2048 M02	`2024-04-30` - `2025-05-29`	a year	crt.sh
cdn1.matadornetwork.com Amazon RSA 2048 M03	`2024-05-18` - `2025-06-15`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Frame ID: AAD1F312ADC0ADEFD37D106BE34CA333
Requests: 128 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 075CFCC9887ED0F3D6F0B13407BC2ACD
Requests: 1 HTTP requests in this frame

Frame: https://14266377.fls.doubleclick.net/activityi;dc_pre=CL6cuJKQzYkDFTWIgwcdTKw6aw;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F
Frame ID: D573064D3B35A5BF04030507DC1A8E61
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F
Frame ID: 3B2B390576E805804617A05ABB2E19E3
Requests: 1 HTTP requests in this frame

Frame: https://8388687.fls.doubleclick.net/activityi;dc_pre=CPKssZKQzYkDFeCW_QcdYFwezg;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F
Frame ID: 3F7CACD5CCB7226F7BBCF90F73DFF0FE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F
Frame ID: 4AB7A541F3F0686890C29FAD47CB3AE2
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.enjoyillinois.com
Frame ID: 8797FE4220FCF63C6759664BF139CD50
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly93d3cuZW5qb3lpbGxpbm9pcy5jb206NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=qe3b6l2ofhq7
Frame ID: 64C2198B00DECA94FB9CF9BED4EF4E33
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go
Frame ID: 9548AC700C0753C04E8E56F715A70C49
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4E1067DB5DAA2186AA0606D043454275
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2iu5zxx&ref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&upid=gyp701j&upv=1.1.0&td1=/plan-your-trip/illinois-luxury/&paapi=1
Frame ID: B973F58C3C02C2A5AD539A9D1DA6CD21
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Luxe by Illinois | Enjoy Illinois

Page URL History Show full URLs

https://luxebyillinois.com/ HTTP 302
https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/ Page URL

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

134
Requests

94 %
HTTPS

35 %
IPv6

26
Domains

42
Subdomains

40
IPs

4
Countries

2544 kB
Transfer

6110 kB
Size

35
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://de.enjoyillinois.com/plan-your-trip/illinois-luxury/
Title: DE

Search URL Search Domain Scan URL

URL: https://fr.enjoyillinois.com/plan-your-trip/illinois-luxury/
Title: FR

Search URL Search Domain Scan URL

URL: https://es-mx.enjoyillinois.com/plan-your-trip/illinois-luxury/
Title: ES-MX

Search URL Search Domain Scan URL

URL: https://it.enjoyillinois.com/plan-your-trip/illinois-luxury/
Title: IT

Search URL Search Domain Scan URL

URL: https://tourillinois.org/
Title: Tour in IL

Search URL Search Domain Scan URL

URL: https://meetinillinois.com/
Title: Meet in IL

Search URL Search Domain Scan URL

URL: https://sportsillinois.com/
Title: Sports IL

Search URL Search Domain Scan URL

URL: https://media.enjoyillinois.com/
Title: Media

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EnjoyIllinoisUS/
Title: Like us on Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/enjoyillinois/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://pinterest.com/enjoyillinois/
Title: Check our Pinterest

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@enjoyillinois
Title: Follow us on TikTok

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/illinois-office-of-tourism/
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@EnjoyIllinois
Title: Subscribe to our channel on YouTube

Search URL Search Domain Scan URL

URL: https://www.indiennechicago.com/
Title: Indienne Chicago

Search URL Search Domain Scan URL

URL: https://dceo.illinois.gov/
Title: Illinois Department of Commerce and Economic Opportunity

Search URL Search Domain Scan URL

URL: https://www.illinois.gov/
Title: State of Illinois

Search URL Search Domain Scan URL

URL: https://www.choosechicago.com/

Search URL Search Domain Scan URL

URL: https://greatlakesusa.org/

Search URL Search Domain Scan URL

URL: https://www.visittheusa.com/

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Download Acrobat Reader

Search URL Search Domain Scan URL

URL: https://timezoneone.com/
Title: TimeZoneOne

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://luxebyillinois.com/ HTTP 302
https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://trkn.us/pixel/conv/ppt=24134;g=sitewide;gid=59649;?gtmcb=1733180350 HTTP 302
https://trkn.us/pixel/conv/ppt=24134;g=sitewide;gid=59649;?gtmcb=1733180350;ip=194.74.212.84;cuidchk=1

Request Chain 75

https://14266377.fls.doubleclick.net/activityi;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F HTTP 302
https://14266377.fls.doubleclick.net/activityi;dc_pre=CL6cuJKQzYkDFTWIgwcdTKw6aw;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F

Request Chain 79

https://8388687.fls.doubleclick.net/activityi;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F HTTP 302
https://8388687.fls.doubleclick.net/activityi;dc_pre=CPKssZKQzYkDFeCW_QcdYFwezg;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_hm=ZTdmM2ZmMTEtZjA0My00YTU1LThmZWMtZmZmZjZlNjNmMDBm&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopuDFmmTHDcXmI467hzwaqn0vKeg-RJsdeJJfe6Y9GQ4W5mWIvh7uzFrmoMtoAHhTU_ckNU8iM93A7Cb3y3-W7oP79LuMtp3s6_5bMV0DjWWs4uVkfk9BCzJIhhL8f3lc0ISS9q HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopuDFmmTHDcXmI467hzwaqn0vKeg-RJsdeJJfe6Y9GQ4W5mWIvh7uzFrmoMtoAHhTU_ckNU8iM93A7Cb3y3-W7oP79LuMtp3s6_5bMV0DjWWs4uVkfk9BCzJIhhL8f3lc0ISS9q

Request Chain 107

https://c1.adform.net/serving/cookie/match?cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=5726732210333742771&cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f

Request Chain 109

https://tag.yieldoptimizer.com/ps/ps?t=i&p=1225&_yoid=112a38b8-dc89-4f6d-a7c3-c2cf5d20614d&_yosid=1e9a7ba6-df6e-4784-9608-470343781fce&gdpr=&gdpr_consent= HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=736294789&t=i&p=1225&_yoid=112a38b8-dc89-4f6d-a7c3-c2cf5d20614d&_yosid=1e9a7ba6-df6e-4784-9608-470343781fce&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxOTQyODE1NTk3NQ&google_sc&gdpr=&gdpr_consent=&

Request Chain 111

https://ad.doubleclick.net/ddm/activity/src=8287827;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN HTTP 302
https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN

Request Chain 112

https://ib.adnxs.com/px?id=1767597&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1767597%26t%3D1

Request Chain 113

https://ib.adnxs.com/seg?add=36702180&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D36702180%26t%3D1

Request Chain 114

https://ad.doubleclick.net/ddm/activity/src=8287827;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

134 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Redirect Chain

https://luxebyillinois.com/
https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

204 KB
36 KB

882ms
314ms

Document
text/html

3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f2977fb3350b46dd91282d28574d083f834af23731c088d93ad9376fad4ac89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cache-control: private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Nov 2024 16:11:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
vary: X-Forwarded-Protocol,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-heydaycache: hit at Fri, 08 Nov 2024 10:11:50 -0600
x-xss-protection: 1; mode=block;

Redirect headers

Connection: close
Content-Length: 84
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Nov 2024 16:11:49 GMT
Location: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Server: ip-100-74-5-93.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 2de5ec55-6287-49d3-ab42-b491b20635cb

GET
H2 200 crowdriff.js Show response
starling.crowdriff.com/js/ 46 KB
18 KB 327ms
141ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/crowdriff.js
Requested by: Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: a295df662b69cad05526ecafd6dcb9195041fb8cf39e876c38cb7f031c49af70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

vary: accept-encoding
cache-control: max-age=0
content-encoding: gzip
etag: W/"b976-192e342d548"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 2vZEkbSMdCGiGoYt6hhNhB-BVO93NwiRbqQau8yotSLaiJcidnuMkA==
date: Fri, 08 Nov 2024 16:11:50 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 15:47:41 GMT
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 logo.svg
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/ 2 KB
1 KB 235ms
232ms Image
image/svg+xml 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/logo.svg?m=1730341270

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9404936691def31ca1a9fab99eb87fc1d23059106b786c80312ccc1cbcbf9836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=15780000, public
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 724
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2024 02:21:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Shedd-Aquarium__FillMaxWzU1MCwxMTAwXQ_ext-WyJqcGciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Images/Indoor-Activities/ 18 KB
18 KB 228ms
227ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Indoor-Activities/Shedd-Aquarium__FillMaxWzU1MCwxMTAwXQ_ext-WyJqcGciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ec780b8837613808d26a81a1b15a29fee489568c5f86bb01a077673a2b629240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 18562
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 02:57:04 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Dragonfly-Lakes-Cabins__FocusFillMaxWyItMC4wMSIsIi0wLjU1IiwxODAwLDEwMDBd_ext-WyJqcGVnIiwid2VicCJd.webp
www.enjoyillinois.com/assets/Images/Accommodation/ 131 KB
132 KB 126ms
125ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Accommodation/Dragonfly-Lakes-Cabins__FocusFillMaxWyItMC4wMSIsIi0wLjU1IiwxODAwLDEwMDBd_ext-WyJqcGVnIiwid2VicCJd.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6767a021bfe445847bbda9c189f1d80c05afb4d300e77b40abadee428132d2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 134368
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:21 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Luxe-By-Illinois__FitWzYwMCw2MDBd_ext-WyJwbmciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Logos/ 24 KB
24 KB 237ms
234ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Logos/Luxe-By-Illinois__FitWzYwMCw2MDBd_ext-WyJwbmciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

cb32a094a7e04fb916d6c18bafe28d1988ef92222246db4d1ade295929037b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 24150
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:21 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 no-image.webp
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/ 916 B
1 KB 153ms
151ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/no-image.webp?m=1710871496

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0e0e4b49e3f74288435ce2ea64a7eeb38670ccb437a004f074dcc71af8a18710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 916
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 19 Mar 2024 18:04:56 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 main.css
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/ 164 KB
25 KB 238ms
235ms Stylesheet
text/css 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/main.css?m=1730263514

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ea355de68ba998ce59c31a8317d9c2484c6587dc7a1e9243dd139f90168d7ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=15780000, public
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 25553
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/css
last-modified: Wed, 30 Oct 2024 04:45:14 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 build.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 1 KB
985 B 237ms
236ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7e56a74442a182fda2822b7cc95ce14eaa4de9fdc2613644f6dc0208893cade0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 581
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 02 Sep 2024 22:50:09 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 autocomplete.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/ 143 KB
33 KB 238ms
237ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/autocomplete.js?m=1724892191

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2ad493684872765893c1aeb2ca44be9b8e07c0dfeb9acba14770028c4512e169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 33244
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Thu, 29 Aug 2024 00:43:11 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 favourites.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/ 845 KB
549 KB 239ms
238ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/favourites.js?m=1718838010

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b04b9be05c017dba18ad234780ac4d588caee3ec30422daaacaa50aa1e8d02c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Wed, 19 Jun 2024 23:00:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 167ms
60ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7980d9a797beb21fbeb086d8f294ad7b"
age: 17222
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrPPMPb7aBS%2FL6TP2TxSk0kHlOfnw%2BoCr5qmhw9FQHSXKO6iPRhDsxZ1xAjrn2OrLCdgKM4voG%2Bca5h%2B1WjXxvjfnc8XrExOraVhrgX1%2FZpVQXynSWrsdCY2vN%2Fl3v5KSbX0WYNy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 16:11:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8df6d75a0c7b3691-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 weglot.min.js Show response
cdn.weglot.com/ 136 KB
47 KB 159ms
51ms Script
application/javascript 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/weglot.min.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01269bff7ef5f891ca65851c040e33db891320db98e5ac17d4f7c68e2a854bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"dd6882754ad153d05113ddeec0557b0f"
age: 286
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 16:41:50 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 0E7vzAsaRaTge5KEB8YLJMcK6pXna5cmDQxAmPmXjQ7eUCU4Sd97-A==
date: Fri, 08 Nov 2024 16:11:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 08:37:07 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=1800
via: 1.1 087a2c4367cc671a52278d4d8f4a3520.cloudfront.net (CloudFront)
cf-ray: 8df6d75a0aa994e1-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
113 KB 255ms
77ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0616f7756bfde7000a6f4972c4c1bb3b9fd3f601b4f72b690eee68bbd9f3075c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 08 Nov 2024 16:11:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 16:11:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 08 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 115226
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 238ms
86ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptcha_callback&render=explicit

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4f614f8bbd9892baad9d79a156a7b39fb732315987ee7114b5cce0cc1fdf841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 16:11:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 px.png
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/ 95 B
459 B 252ms
252ms Image
image/png 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/px.png?m=1710871496

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=15780000, public
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 95
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: image/png
last-modified: Tue, 19 Mar 2024 18:04:56 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 075C 0
0 463ms
337ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 23802
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8df6d75ce8b5d174-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 08 Nov 2024 16:11:51 GMT
last-modified: Fri, 08 Nov 2024 09:35:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gx9yGjmLso4RhBQPy0KSHeXlPFPZaNDaevpTV9B%2BEYUJTDB%2FYKZOs3kbpyxEo0ATVjb2ZhklGe6w0LutkSgvkFka3Q%2Bug1LNR7zS9%2BWVi8XIkuLC%2BnI7iCvlDDFNQqQVrs%2FNbC8ngj81i5ODZE7%2F%2BfTG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.m4v434v2.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 197ms
74ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.m4v434v2.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"a4f330a2c6b3bd08f77e32260990108f"
age: 14570
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EdSaV9D4QXBxs6IzeLPDdkV7IfqKY1lcSFD1I%2FTlVdiQ%2B860DOqrAJGv3ectT7%2FybMuYVLvSVjvi0F%2FX1M06u40xIgSoquvaU31TpGTa4Pqv3eEjYjE4g3qiGbch0kaiFwbPpg7S6y%2Bkk2oyKE6Ixw2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 16:11:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8df6d75b4ce7946b-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 53d9adf2dcc13b5815c8dac8259606c10.json Show response
cdn.weglot.com/projects-settings/ 6 KB
2 KB 226ms
110ms Fetch
application/json 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/projects-settings/53d9adf2dcc13b5815c8dac8259606c10.json

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d5a58fef22aacf1513caaf0e3617bc663784fca517bef24c16c9eb4f468ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"65b67262187d337db0680d379fb18ce2"
x-amz-version-id: null
age: 32225
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 16:12:51 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: N7f3ds4vFweUV3Un_884bZYrIu-YZtMPK1wss-zoTtKMed-eThlhEA==
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/json
last-modified: Tue, 01 Oct 2024 12:07:22 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=60
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
cf-ray: 8df6d75b9b056533-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
server: cloudflare

GET
H2 200 splide-core.min-v4tv19Um.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 2 KB
1 KB 196ms
193ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/splide-core.min-v4tv19Um.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4763e2b841e5c78f14760398f97eb6eb924948d84a3f450947257edd41970fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 845
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 01 Apr 2024 20:19:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 _carousel-zQivqwrb.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 1 KB
1 KB 205ms
203ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/_carousel-zQivqwrb.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

cc40bcbc62043b13e0447ef083b52fa34c6942980046cf553e3afbfe1dcd201a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 625
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 01 Apr 2024 20:19:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 _block-content-slider-A0CShBrV.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 252 B
617 B 206ms
204ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/_block-content-slider-A0CShBrV.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d9677a860448c05cae657e2355cc6004a43d2203796c1decec51ecd866c9677a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 213
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Wed, 17 Apr 2024 21:59:01 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 splide-Fm7QWYzv.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 1 KB
1 KB 196ms
194ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/splide-Fm7QWYzv.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

149cabf8a24f889c0edb10155a9cabeab481f16786131550ddb80b2dca351ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 623
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 01 Apr 2024 20:19:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 navigation-doC_Dv8H.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 47 KB
8 KB 215ms
214ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/navigation-doC_Dv8H.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f747e893548a8d50f366c40bdd3519ca8643628e7f2a7c4c81d2eaa6f15cf649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 7546
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 02 Sep 2024 22:50:09 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 lozad-235Msoe5.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 3 KB
2 KB 196ms
195ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/lozad-235Msoe5.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

95fbf932146f692c95df286b2553958f07307da087181ed106ec22edcaba3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 1244
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Tue, 25 Jun 2024 22:58:48 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 alpine-Q5Ei7rp6.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 59 KB
20 KB 211ms
210ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/alpine-Q5Ei7rp6.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

51c498f30c8d5372fa17b9facad358eefc0a4075a4b3d3c9a64a390d58ff9580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 20427
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 02 Sep 2024 22:50:09 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 scroll-animation-3tDqNV7Q.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 845 B
881 B 196ms
195ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/scroll-animation-3tDqNV7Q.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9f3e6a5d73b4e510fa8e4b868a6c623aea6c39c1a94acbfb9f5d9b5d8910f607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/build.js?m=1725317409

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 477
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Thu, 29 Aug 2024 00:43:11 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 arrow-down-alt-winered.svg
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/icons/ 439 B
687 B 161ms
160ms Image
image/svg+xml 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/icons/arrow-down-alt-winered.svg

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/main.css?m=1730263514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0d4b0628cefc50bab0bbbbcc68aee5f1dad98b23b39a3f666c6e1ae0a0baa02d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/main.css?m=1730263514

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=15780000, public
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 283
date: Fri, 08 Nov 2024 16:11:50 GMT
x-xss-protection: 1; mode=block;
content-type: image/svg+xml
last-modified: Mon, 09 Sep 2024 22:38:21 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 308.a7827ba42ffb0d4b66bb.js Show response
starling.crowdriff.com/js/ 230 KB
73 KB 217ms
66ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/308.a7827ba42ffb0d4b66bb.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 20fd4a8c62de8218d6f3f45e8fbceaef5ee0328e57786c0fda1c7ec9941acf9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"397bc-18f2a944840"
age: 16675895
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: wgdzPC_XF33-CRA-EACU2hFT5JTOs24DrV0iSnxabXwehzcO8GTMWQ==
date: Mon, 29 Apr 2024 16:00:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 29 Apr 2024 15:58:32 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 init.8a29080535cbdb06396f.css
starling.crowdriff.com/css/ 2 KB
1 KB 213ms
63ms Stylesheet
text/css 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/css/init.8a29080535cbdb06396f.css
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: f097b65466a9b8a6ea638087081c73f9bafa6ebb0ce82a3d9edee1ded1f57cc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"7b9-192ba56f8f8"
age: 1379080
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: GiWGKcf6s-IRKuPZTgKldp0No6RLVhFDxdfggY9vXuP0mvUc7YM05Q==
date: Wed, 23 Oct 2024 17:07:11 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 init.8a29080535cbdb06396f.js Show response
starling.crowdriff.com/js/ 77 KB
19 KB 264ms
115ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: b8b570ad7cd8778b52aff6c8e647a302243426f9f72fb8bd592bac5ca3ab97ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"13213-192ba56f8f8"
age: 1379079
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: iIzPvm4o_m09rV-TtTCAPu2BeJAg1sAsI-cBiMEBzNBv1vnLCShDZw==
date: Wed, 23 Oct 2024 17:07:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 175ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptcha_callback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
age: 2705
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 15:26:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 15:26:46 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H2 200 784c71da78753beade1e7bb250fdb768.js Show response
geo.cookie-script.com/s/ 330 KB
54 KB 265ms
19ms Script
application/javascript 95.85.19.25
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.cookie-script.com/s/784c71da78753beade1e7bb250fdb768.js?country=gb-br&region=eu
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.85.19.25 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: d35bbebfc42d690471373f1c653871a23bff3948d452dbf33cef581b77fe9ef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-cache-status: HIT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 13:24:39 GMT

GET
H2 200 b292ee90376d35a3f45c3a5264693bcf.js Show response
cdn.cookie-script.com/s/ 316 KB
46 KB 263ms
51ms Script
application/javascript 146.185.171.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/b292ee90376d35a3f45c3a5264693bcf.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0363299f047346c971ce1c7457b245f24c0131fc4d40ede5a8fdd8cb9f0d501e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-cache-status: HIT
content-encoding: gzip
etag: W/"b64cd7da01eaa7485d5b13815d859749"
access-control-allow-origin: *
date: Fri, 08 Nov 2024 16:11:51 GMT
last-modified: Sun, 23 Jun 2024 23:43:29 GMT
vary: Accept-Encoding
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
107 KB 81ms
72ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8RNP5S1WF9&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbf0575008bfab3741644c818f3808c03ebb1f6a68b8a7d83420474f6791727f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 08 Nov 2024 16:11:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109043
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 109ms
103ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8388687&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6093117360944255a783485545cb96a4e231021e8ff7bfc29e8c91ad1b3060cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 08 Nov 2024 16:11:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 08 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83182
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 228ms
32ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12126
date: Fri, 08 Nov 2024 16:11:51 GMT
last-modified: Tue, 15 Oct 2024 19:34:59 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 226ms
32ms Script
application/javascript 2a04:4e42:200::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "e5ea31abd058f03a816c43871945979e"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1879
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 134ms
117ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14266377&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cf827a05bfa7f129e4b99e47fad8db1bc30f5af84660e0fa6f2e1ae6df96ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 08 Nov 2024 16:11:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 08 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83162
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 273ms
54ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"407149e43d6d6f4c2458e9179af5b3a2"
Age: 24195
Connection: keep-alive
Via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xX3Vnl7hZSXfd2W_ECr1nTXUbl_gESoRopJP8f07_zs2V45oIpE6PQ==
Date: Fri, 08 Nov 2024 09:28:36 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 16:18:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 index.js Show response
js.adara.com/ 14 KB
5 KB 219ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.adara.com/index.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c2a844666a1dcf8427326925ebc0b27cd0993e7fbb4007a7428b6889d888db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: br
etag: "7a4fdb1c89eef06ced71cd23f8505d3f20b7fae69d3b5fa9d654abacb20c4855-br"
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 15 Nov 2023 19:35:53 GMT
x-served-by: cache-lon4278-LON
x-cache-hits: 8876
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=3600
x-timer: S1731082311.289600,VS0,VE0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4514

GET
H2 200 embed.js Show response
embed.guidegeek.com/ 45 KB
13 KB 711ms
254ms Script
application/javascript 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.guidegeek.com/embed.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

66f7192be096612b07cee8bcb5191d6067f780a526a8f09bea7b015a6530612b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1800, must-revalidate
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:41:51 GMT
accept-ranges: bytes
content-length: 13376
date: Fri, 08 Nov 2024 16:11:51 GMT
last-modified: Mon, 04 Nov 2024 19:42:53 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 sojern.min.js Show response
static.sojern.com/sdk/latest/ 136 KB
43 KB 250ms
29ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/sdk/latest/sojern.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5ea9f849070a092308e707d30caaeb2f2a6595e44f223eb9807388b970bcbddb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=Lo6g2Q==, md5=WOSEnCXrey2Y2PtEnrS2Jw==
content-encoding: br
etag: W/"58e4849c25eb7b2d98d8fb449eb4b627"
age: 3583
x-goog-stored-content-encoding: identity
expires: Fri, 08 Nov 2024 16:12:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 139605
date: Fri, 08 Nov 2024 15:12:08 GMT
last-modified: Tue, 05 Nov 2024 16:24:36 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3TaTbnaSMIVpzxZU2f2pp97iG2mNW6Ov7Wjn3UvQ488k60eUN8OLjwD0RhP-noFyedcKc2a-jgFQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1730823876604197
content-length: 43533
server: UploadServer

GET
H/1.1

200
OK

ppt=24134;g=sitewide;gid=59649;
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=24134;g=sitewide;gid=59649;?gtmcb=1733180350
https://trkn.us/pixel/conv/ppt=24134;g=sitewide;gid=59649;?gtmcb=1733180350;ip=194.74.212.84;cuidchk=1

42 B
721 B

58ms
53ms

Image
image/gif

95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=24134;g=sitewide;gid=59649;?gtmcb=1733180350;ip=194.74.212.84;cuidchk=1

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

HTTP/1.1

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sun, 9 Nov 1980 12:58:00 GMT
Content-Length: 42
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Fri, 08 Nov 2024 16:11:51 GMT
Content-Type: image/gif

Redirect headers

Location: /pixel/conv/ppt=24134;g=sitewide;gid=59649;?gtmcb=1733180350;ip=194.74.212.84;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Date: Fri, 08 Nov 2024 16:11:51 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H3 200 x.js Show response
static.addtoany.com/menu/svg/icons/ 297 B
796 B 85ms
84ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/x.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

122ed4db2019348aef89a605e3eb79c6004f5727f16144dc46b61f31ee131764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"7cdbf2d5d94ad6e7bf6e7cc1418dd608"
age: 3293
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQLOz6XWGMRuXmwqqS%2FUfsCPWNyEufuRcvMK3TshZ13smIRIvZRHrEEsoZJAfg94UKl5Xw7jIJx7jp8ar6gjrKsLeVPeZSHTm5pvmt4fhEutcoZoiichGH7vEO5deHin9uCIIxWMU4rbzCa85uZvpeRc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=864000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8df6d75caf1b946b-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 429 B
874 B 86ms
85ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
age: 12088
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myvnxvx7O7EgZsLQpQj7BNscv9cLpz%2BWQbXz%2FzNhN5Lkep3sBlRmXTg3QZFvWrZ9CMHKwhczgPK%2Bc7B6aIyCKejvOhhu4qAu13xnXGievEzO%2BUE7MKci6ZwffYeq99vSM8FoIU%2B6kueRkqBjid84sum9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8df6d75cbf2b946b-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 892 B
1 KB 84ms
73ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af131f38af73817b1fbcd3381d88c95f4123b4b5a58ca4bd0872a68f29cbbf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b83511f1e536e2440b4e06f3278d8a84"
age: 12088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xg9kZ6IadVNr69NOrm0yA0cFusM7mQ71so7Ff7SPVKskCNQGoJZeoI7yWUdMnDavclDaWfZiJzdBoNClNeUdrdslXt58q%2BrXAy%2BU82iAqyYprLTb0%2BKUeC0obJ5A5v8F0jwPkjvOrI%2BpeZdqeLvvGwA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8df6d75cbf2c946b-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 415 B
861 B 84ms
71ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://static.addtoany.com/menu/modules/core.m4v434v2.js

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"eb2119ad4221a9d01abc336e06962867"
age: 12088
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVz7SV%2F4i7n84cO7aPuvoaaTOPtYqn1TF0SCq5P9KNNEpZ0xyDDWjMPFJT5ZlkMeClAj1RV9xvkR5ArXPLLaaBiL5R0lytmgEB9yC4DfS8xlJceWr7ofK04hWgicit6Pe421%2BKU%2Bomzqv8eJuKsK%2BDRu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8df6d75cbf30946b-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 splide.esm-RYtC6n_A.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 39 KB
16 KB 163ms
158ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/splide.esm-RYtC6n_A.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/splide-Fm7QWYzv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

55daf4791f9cc3826c27aeaf233f195ea7685a3d74dc8c70aa11b0abd7117a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/splide-Fm7QWYzv.js

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 15988
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 01 Apr 2024 20:19:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 style-inject.es-kUXDZLrF.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 422 B
703 B 135ms
130ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/style-inject.es-kUXDZLrF.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fe7f6599f9f76690d6b34ec961c34e03e7d1fe5516c769615a0430b5e7603281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/splide-core.min-v4tv19Um.js

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 299
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 01 Apr 2024 20:19:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 _commonjsHelpers-uzQt2zA1.js Show response
www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/ 326 B
636 B 150ms
146ms Script
text/javascript 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/_commonjsHelpers-uzQt2zA1.js

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

39beff95f59dd482f75cd38c98a5627cbef7ca51c09fbda8b757f1678f560e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/build/lozad-235Msoe5.js

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=2678400, private
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 232
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
last-modified: Mon, 01 Apr 2024 20:19:10 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H3 200 weglot.min.css
cdn.weglot.com/ 28 KB
5 KB 121ms
116ms Stylesheet
text/css 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/weglot.min.css?v=8

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfde3ff6e84e9f937c3304e9bddfec2b7dc2a367545928b2108b36ca6915f09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"02fcb0153b60756b26b45300877868bf"
age: 1434522
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 16:11:51 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: zh5oU_EEqaISgP5r8-2td-HQ6p4cxv-fnMfl7Oki93fLyuEJHsjmgA==
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 22 Oct 2024 09:07:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
cf-ray: 8df6d75cee7294e1-LHR
x-amz-cf-pop: LHR62-C4
server: cloudflare

GET
H3 200 vertical_expand.edf63ca3a2ab26e6766b6b69c99cb5535baf437c.min.js Show response
cdn.weglot.com/switchers/ 92 KB
33 KB 89ms
83ms Script
application/javascript 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/switchers/vertical_expand.edf63ca3a2ab26e6766b6b69c99cb5535baf437c.min.js

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47c2a0fe489d23b1fb0c6eba41e47d9530dd663015dd7b512dcf4504cd500c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"48f8e5960566e3128ca6915330c1a5a3"
age: 241246
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 16:11:51 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: S0bNKXgxlUDlYDTGRAi_2QinMloSW3dJeu0nct7TwR5aWPXtuh21RQ==
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Sep 2024 14:10:52 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 704accbf5b6f4c295e4b81b2a363e97a.cloudfront.net (CloudFront)
cf-ray: 8df6d75d8f3194e1-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
server: cloudflare

POST
H3 200 pageviews
api.weglot.com/ 0
0 276ms
128ms Ping
application/json 2606:4700:4400::6812:268e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.weglot.com/pageviews?api_key=wg_53d9adf2dcc13b5815c8dac8259606c10
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:268e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.enjoyillinois.com/

Response headers

GET
H2 200 icon-search-winered.svg
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/icons/ 333 B
649 B 153ms
124ms Image
image/svg+xml 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/icons/icon-search-winered.svg

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/main.css?m=1730263514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2b89061493f6b5892867e78406945c044469b32064f2128de4ba6be704641f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/_resources/themes/enjoyillinois/dist/main.css?m=1730263514

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
cache-control: max-age=15780000, public
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 245
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
content-type: image/svg+xml
last-modified: Tue, 19 Mar 2024 18:04:56 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 main.5aecc8b1.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 70ms
33ms Script
application/javascript 2a04:4e42:200::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "f1f002e8782a3d0f44fde21e97f61203"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23676
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_esf1bfh8dls8/ 3 B
124 B 222ms
53ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_esf1bfh8dls8/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/json

GET
H2 200 a2_esf1bfh8dls8_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 426ms
64ms XHR
application/json 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_esf1bfh8dls8_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 219ms
53ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1731082311471&id=a2_esf1bfh8dls8&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3ea6d4d5-ae0c-441a-aafd-7a882ddea7fb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by: Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: image/gif
server: Varnish

GET
H2 200 ro.json Show response
jsres.adara.com/tcf/ 144 B
690 B 226ms
43ms Fetch
application/json 34.160.64.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jsres.adara.com/tcf/ro.json
Requested by: Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.64.247 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.64.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4eb2ce8428b069ef2cdb1351d1e6e849413abfc063b8c777527c2935feea19c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=Z7uADQ==, md5=xBAr+mi4Re6toRKVIW1uPg==
etag: "c4102bfa68b845eeada11295216d6e3e"
age: 1444
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 144
date: Fri, 08 Nov 2024 15:47:47 GMT
last-modified: Mon, 11 Dec 2023 11:52:16 GMT
content-type: application/json
x-guploader-uploadid: AHmUCY1LTfziyqKUMZOhc9tFiiL3b2rybhiC95EdgUX1RLL9euq9WYbvpgVvhUFamdseMgIJ7b5dpPr-SQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1702295536526290
content-length: 144
server: UploadServer

GET
H2 200 bg-pattern-transparent.webp
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/backgrounds/ 18 KB
18 KB 161ms
132ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/backgrounds/bg-pattern-transparent.webp?m=1710871496

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

97a4f509ee6b583bd49d2f7ab76954eaa231a7ac6727e6edada7cf114ffa937c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 18080
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 19 Mar 2024 18:04:56 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Hotel-Peninsula-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGVnIiwid2VicCJd.webp
www.enjoyillinois.com/assets/Images/Arts-+-Culture/ 36 KB
36 KB 225ms
215ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Arts-+-Culture/Hotel-Peninsula-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGVnIiwid2VicCJd.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

57862f82e4346c62b0852592ac9ed89104c28c18648fc47c75217bd405b14576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 36354
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:21 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Dragonfly-Lakes-Dahinda__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Images/Accommodation/ 44 KB
45 KB 261ms
252ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Accommodation/Dragonfly-Lakes-Dahinda__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a90fa207487fe61c3bfc6d673034be20e1fa716974436a567e18f9c23099a02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 45472
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:21 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Ulysses-Suites-Galena__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Images/Accommodation/ 47 KB
48 KB 263ms
254ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Accommodation/Ulysses-Suites-Galena__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

061d833e501e242f7d4add50dd17333267ea870113dd0731eb3d735cd14a1120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 48386
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:22 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Jail-Hill-Inn-Galena-v2__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Images/Accommodation/ 53 KB
53 KB 224ms
216ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Accommodation/Jail-Hill-Inn-Galena-v2__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b67f533b99e0d9b805ae83cf46b1a3e3221b57b1be3b051535de51c4dad90b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 54236
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:22 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Lyric-Opera-of-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Images/Indoor-Activities/ 27 KB
27 KB 261ms
253ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Indoor-Activities/Lyric-Opera-of-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9eebf511a3968415ee39e370c6294681e5ae890e3fe0e6e74b56a72c68ff0d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 27800
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:23 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 The-Peninsula-__FillWzgwMCw1MDBd_ext-WyJqcGVnIiwid2VicCJd.webp
www.enjoyillinois.com/assets/Images/Accommodation/ 42 KB
42 KB 273ms
266ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Accommodation/The-Peninsula-__FillWzgwMCw1MDBd_ext-WyJqcGVnIiwid2VicCJd.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

c3e6412c9f1fd102636484e189e1c523331bd45b04f32a80628b6c0982b92064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 42810
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:23 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 High-heels-Magnificent-mile-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGVnIiwid2VicCJd.webp
www.enjoyillinois.com/assets/Images/Shopping/ 44 KB
44 KB 262ms
256ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Shopping/High-heels-Magnificent-mile-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGVnIiwid2VicCJd.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1260a8ffd547ca61535f449f18a6276820d2316b39f3a0c1da27524ebb300ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 44680
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:23 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 Museum-of-Contemporary-Art-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp
www.enjoyillinois.com/assets/Images/Indoor-Activities/ 25 KB
25 KB 326ms
319ms Image
text/plain 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enjoyillinois.com/assets/Images/Indoor-Activities/Museum-of-Contemporary-Art-Chicago__FillWzgwMCw1MDBd_ext-WyJqcGciLCJ3ZWJwIl0.webp

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5e2decf8275ad366b2bfbcb0f9c1c3043c6c50c16c43e03b320fea5a1ed43d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 25174
date: Fri, 08 Nov 2024 16:11:51 GMT
x-xss-protection: 1; mode=block;
last-modified: Tue, 17 Sep 2024 03:00:23 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 config Show response
pixel.sojern.com/sdk/advertiser/id/10072/ 808 B
1 KB 260ms
70ms Fetch
application/json 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/sdk/advertiser/id/10072/config
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: aadc192832702dbf75f7f71d900fb87b5138b7d85d718f0a7fc66a0256a5f181

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.enjoyillinois.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 808
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: application/json
vary: Accept-Encoding
x-accel-expires: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
747 B 311ms
104ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613420151805&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1731082311743&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 0198dadc571f4039671e53c1a6ca4af0
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU0yRXhZMkZtWmpJdE5qTXlNaTAwWVRobExXSmpabUV0TXpJek5qTTNaamcwTVRsaQ
pinterest-version: d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin: https://www.enjoyillinois.com
content-length: 185
akamai-grn: 0.0dd53e17.1731082311.191b1999
x-pinterest-rid: 7430468526399965

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
770 B 310ms
104ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613420151805&cb=1731082311747&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: d5bdf363d7153c27d5a54e0e4784beda
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU1XWTJOekprTTJNdE1HSXhZUzAwWkdSakxUaGtZVGN0T0RaaFl6VTJNbVE1WmpVMQ
pinterest-version: d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin: https://www.enjoyillinois.com
content-length: 185
akamai-grn: 0.0dd53e17.1731082311.191b1998
x-pinterest-rid: 1539479672447229

POST
H3 200 collect
www.google.com/ccm/ 0
0 93ms
93ms Ping
text/plain 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=446515788.1731082312&auid=421711791.1731082312&npa=0&gtm=45He4b70v9132697269za200&gcs=G111&gcd=13v3v3v3v5l1&dma=0&tag_exp=101823848~101925629~102015666&tft=1731082311769&tfd=2667&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

POST
H2 200 graphql Show response
starling.crowdriff.com/ 816 B
2 KB 424ms
422ms Fetch
application/json 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 195c3fdc59e15c9ce6ab66e0c31bbbf9679854d6d445c019e69926554f0cc024

Request headers

Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

etag: W/"330-CukkdOYjkVQBQvKkjVTptbMWcVY"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 816
x-amz-cf-id: xQYTfFLoW1XIt_rkCBb-sAoP9CBhPaXsKHN2QYnEP9I9AjvvXhHVng==
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 200 graphql
starling.crowdriff.com/ Frame 0
0 140ms
133ms Preflight
text/html 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.enjoyillinois.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Fri, 08 Nov 2024 16:11:51 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-id: ZTxdlpoLyksRZ2MRJV8GbzAyQwB9BJ8xZjsAqQzVhqruSPKnywXUlg==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2

200

activityi;dc_pre=CL6cuJKQzYkDFTWIgwcdTKw6aw;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
14266377.fls.doubleclick.net/ Frame D573
Redirect Chain

https://14266377.fls.doubleclick.net/activityi;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=...
https://14266377.fls.doubleclick.net/activityi;dc_pre=CL6cuJKQzYkDFTWIgwcdTKw6aw;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=10894...

0
0

85ms
82ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14266377.fls.doubleclick.net/activityi;dc_pre=CL6cuJKQzYkDFTWIgwcdTKw6aw;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14266377&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 461
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Fri, 08 Nov 2024 16:11:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14266377.fls.doubleclick.net/activityi;dc_pre=CL6cuJKQzYkDFTWIgwcdTKw6aw;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
td.doubleclick.net/td/fls/rul/ Frame 3B2B 0
0 314ms
89ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14266377&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 48ms
46ms Image
text/plain 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=DC-14266377&v=3&t=t&pid=1843344872&dl=www.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&tdp=DC-14266377;188128212;1;7;1&frm=0&rtg=132697269&rlo=12&slo=5&hlo=3&lst=1&pcid=132697269&z=0
Requested by: Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 08 Nov 2024 16:11:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 activity;register_conversion=1;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
ad.doubleclick.net/ 0
23 B 509ms
113ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14266377;type=count0;cat=fan360;ord=9575820238967;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1089469941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188128212z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 08 Nov 2024 16:11:52 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"18368093502922510969"}],"aggregatable_trigger_data":[{"filters":[{"14":["89188761"]}],"key_piece":"0xdc5e6a36428abf74","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xa55ebb6625e44e03","not_filters":{"14":["89188761"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6443659344136129200","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"18368093502922510969","filters":[{"14":["89188761"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"18368093502922510969","filters":[{"14":["89188761"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"18368093502922510969","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"18368093502922510969","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14266377"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2

200

activityi;dc_pre=CPKssZKQzYkDFeCW_QcdYFwezg;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
8388687.fls.doubleclick.net/ Frame 3F7C
Redirect Chain

https://8388687.fls.doubleclick.net/activityi;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;u...
https://8388687.fls.doubleclick.net/activityi;dc_pre=CPKssZKQzYkDFeCW_QcdYFwezg;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731...

0
0

64ms
61ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8388687.fls.doubleclick.net/activityi;dc_pre=CPKssZKQzYkDFeCW_QcdYFwezg;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8388687&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 2735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Fri, 08 Nov 2024 16:11:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8388687.fls.doubleclick.net/activityi;dc_pre=CPKssZKQzYkDFeCW_QcdYFwezg;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
td.doubleclick.net/td/fls/rul/ Frame 4AB7 0
0 196ms
65ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8388687&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
ad.doubleclick.net/ 0
23 B 424ms
126ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=8388687;type=iotrd0;cat=unive0;ord=8564127932766;npa=0;auiddc=421711791.1731082312;gdid=dMmY1Mm;ps=1;pcor=1503731684;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4b70v9188071783z89132697269za201zb9132697269;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F?

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 08 Nov 2024 16:11:52 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"477733029823294155"}],"aggregatable_trigger_data":[{"filters":[{"14":["11201243"]}],"key_piece":"0xdd2a1fa744adde02","source_keys":["12","13","14","15","16","17","18","19","20","21","20451176","20451177","20451178","20451179","24063988","24063989","24063990","24063991","642836264","642836265","642836266","642836267","643975344","643975345","643975346","643975347"]},{"key_piece":"0x571deb0886158bf2","not_filters":{"14":["11201243"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20451176","20451177","20451178","20451179","24063988","24063989","24063990","24063991","642836264","642836265","642836266","642836267","643975344","643975345","643975346","643975347"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20451176":36,"20451177":36,"20451178":36,"20451179":3530,"21":6356,"24063988":81,"24063989":81,"24063990":81,"24063991":7946,"642836264":38,"642836265":38,"642836266":38,"642836267":3739,"643975344":65,"643975345":65,"643975346":65,"643975347":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2376290278847426698","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"477733029823294155","filters":[{"14":["11201243"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"477733029823294155","filters":[{"14":["11201243"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"477733029823294155","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"477733029823294155","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8388687"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
546 B 78ms
78ms Fetch
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2613420151805&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1731082312013

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-pinterest-rid-128bit: dcdfa1fb0a41f08e6f671eb76e1efe9d
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin: https://www.enjoyillinois.com
content-length: 35
akamai-grn: 0.0dd53e17.1731082312.191b19d6
x-pinterest-rid: 8027418633986571

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 321ms
146ms Fetch
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8RNP5S1WF9&gtm=45je4b70v869947972za200zb9132697269&_p=1731082310596&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101823848~101925629~102017403&gdid=dMmY1Mm&cid=1682247276.1731082312&ul=en-gb&sr=1600x1200&ir=1&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=BA&_s=1&sid=1731082312&sct=1&seg=0&dl=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&dt=Luxe%20by%20Illinois%20%7C%20Enjoy%20Illinois&en=page_view&_fv=1&_ss=1&epn.listing_actions=1&tfd=2973
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RNP5S1WF9&l=dataLayer&cx=c&gtm=45He4b70v9132697269za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.enjoyillinois.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 8797 0
0 206ms
61ms Document
text/html 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.enjoyillinois.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5ZZNGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 275800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:35:12 GMT
expires: Wed, 05 Nov 2025 11:35:12 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 64C2 0
0 239ms
66ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly93d3cuZW5qb3lpbGxpbm9pcy5jb206NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=qe3b6l2ofhq7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2IkQrpIeG9oab05nFVt6pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2IkQrpIeG9oab05nFVt6pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget-fonts.css
embed.guidegeek.com/ 704 B
500 B 127ms
127ms Stylesheet
text/css 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.guidegeek.com/widget-fonts.css

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

1b7a484831d2c8f69cec79364f8768642f0528bc908b3fa20915deed8f6c4759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1800
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:41:52 GMT
accept-ranges: bytes
content-length: 280
date: Fri, 08 Nov 2024 16:11:52 GMT
last-modified: Thu, 24 Oct 2024 18:13:46 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

POST
H2 200 api Show response
sdk.adara.com/ 16 B
89 B 59ms
31ms Fetch
text/plain 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api?gdpr=&gdpr_consent=
Requested by: Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

X-Adara-Key: YTQ3MTU0NTQtODRiNi00OTUzLWE2MGEtOGUxNWRjOTJlM2I5
Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-methods: POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: X-Adara-Key

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
791 B 111ms
109ms Fetch
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613420151805&cb=1731082312288&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU0yRXhZMkZtWmpJdE5qTXlNaTAwWVRobExXSmpabUV0TXpJek5qTTNaamcwTVRsaQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-pinterest-rid-128bit: 674c68345ba961bb0f65a2edece56304
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin: https://www.enjoyillinois.com
content-length: 35
akamai-grn: 0.0dd53e17.1731082312.191b1bb0
x-pinterest-rid: 1109472025982100

GET
H3 200 config Show response
static.sojern.com/sdk/config/advertiser/10072/ 168 B
197 B 154ms
32ms Fetch
application/json 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/sdk/config/advertiser/10072/config
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b1aca045cb9ee1179093fdf38ba786a679cc83449d46b8324a748d5a8bbf16e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=LbmzWQ==, md5=0UDmEbqmI5WFO1Ur3lbr0Q==
etag: "d140e611baa62395853b552bde56ebd1"
age: 59
x-goog-stored-content-encoding: identity
expires: Fri, 08 Nov 2024 17:10:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 168
date: Fri, 08 Nov 2024 16:10:53 GMT
last-modified: Thu, 04 Apr 2024 12:34:55 GMT
content-type: application/json
x-guploader-uploadid: AHmUCY0BHx6AQzG4dmvN5v5_UwKOaIv7GGHfUCuVXwHZtb7xiARVs-OmDCpe2iJPKE90q1J_qYw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1712234095540312
content-length: 168
server: UploadServer

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 224ms
68ms Preflight 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api?gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-adara-key
Access-Control-Request-Method: POST
Origin: https://www.enjoyillinois.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 08 Nov 2024 16:11:52 GMT
via: 1.1 google

GET
H2 200 428.5179a93fc6f41747b167.js Show response
starling.crowdriff.com/js/ 248 KB
82 KB 50ms
50ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/428.5179a93fc6f41747b167.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 476e69e75d904cacadbe7d045ce8c66db18ca18e02dcb6ab47bf9842dc95e516

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"3e0f2-18e2de21ca8"
age: 20901960
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: rdXiKjVqv5O7eiyJv3wEfKmS0ChWnpLdJevNy8oIz9K2wlsvlVWiIA==
date: Mon, 11 Mar 2024 18:05:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 11 Mar 2024 14:19:37 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 290.3c70f86589792a281bc4.js Show response
starling.crowdriff.com/js/ 56 KB
21 KB 60ms
60ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/290.3c70f86589792a281bc4.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 4dea7a7996a7e68f97e21cb52bec63500e225ff910dcaf8832b4c4b231f11617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"e1ee-18e2de21ca8"
age: 20901962
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: AsHVK2wwJ-sZQBRWMWC8Sdib2BQhRMXbAORpwTrTZeIr_LPXxM-IaQ==
date: Mon, 11 Mar 2024 18:05:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 11 Mar 2024 14:19:37 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 363.7ad85e62823298a9e345.js Show response
starling.crowdriff.com/js/ 47 KB
17 KB 64ms
64ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/363.7ad85e62823298a9e345.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 59ae0f730d27b4ba232b7a1d7d221f900be2474c79e55f217545709f1f1327d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"bdd9-192ba56f8f8"
age: 1379073
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: 7UeoUyHSEVJXL6-VBhAag6ymmk3wJn3zRK8kLmYqrZosQ1PAX_FyXQ==
date: Wed, 23 Oct 2024 17:07:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 845.e350f458a944d1bcec8c.css
starling.crowdriff.com/css/ 49 KB
7 KB 64ms
64ms Stylesheet
text/css 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/css/845.e350f458a944d1bcec8c.css
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 60c00a97fedc87aa7a9c446cd209f8d8ea39b7a912ce81893faf8021bae24cc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"c43f-192ba56f8f8"
age: 1379069
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: yIgxp_Dyl4wdvBg2MKU8ZYukZCuk2_qgwajWcGAAUfb-EtaCc2pbTA==
date: Wed, 23 Oct 2024 17:07:23 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 845.e350f458a944d1bcec8c.js Show response
starling.crowdriff.com/js/ 100 KB
20 KB 63ms
63ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/845.e350f458a944d1bcec8c.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: a10e619662181d24af9a9eddfecae05be222a1155a9642afe8e78898996215c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"18f01-192ba56f8f8"
age: 1379068
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: KYne08X9EkV4eURSGb_g6N43RnfKeoH9zPQT1ozK2nF4-zOflKhfVA==
date: Wed, 23 Oct 2024 17:07:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 276.e25d6b42fce9e8bd8fb4.js Show response
starling.crowdriff.com/js/ 27 KB
10 KB 74ms
74ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/276.e25d6b42fce9e8bd8fb4.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 00295bd2434891c2c31f5c66b5146d90cfa16423802bc43f3adeb0eaf9f35588

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"6c22-18e2de21ca8"
age: 20901960
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: y0fX9SitwjDC47N74lQWLbNaPQqAGKMIrpC8hzGPY5k1Z0TtExtCMw==
date: Mon, 11 Mar 2024 18:05:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 11 Mar 2024 14:19:37 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 gallery.e869a9fe562ce660e8fc.css
starling.crowdriff.com/css/ 437 B
1 KB 74ms
73ms Stylesheet
text/css 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/css/gallery.e869a9fe562ce660e8fc.css
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 338da371bd561692bee7730b33a34371b550c3052c7a0a90135b14cc384bbf4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

etag: W/"1b5-192ba56f8f8"
age: 1379070
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: UiEnw8VMJAnoxbFWoYg5XwGrHVpHZcu6YGC68EBenFFBgpnxdCi9Cw==
date: Wed, 23 Oct 2024 17:07:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 437
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

GET
H2 200 gallery.e869a9fe562ce660e8fc.js Show response
starling.crowdriff.com/js/ 22 KB
6 KB 72ms
72ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/js/gallery.e869a9fe562ce660e8fc.js
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 8c410d9afc0e43bf1e3e5e2a2cbfcd6bde56ee884d7c4f5bfd67396c217829c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"58a8-192ba56f8f8"
age: 1379074
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: Ok0bwh8-p2jcCOh7rSSgnVkwg4ZM1IqG-bY8n41iabuaefrb9cyYeA==
date: Wed, 23 Oct 2024 17:07:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

POST
H2 200 graphql Show response
starling.crowdriff.com/ 23 KB
6 KB 339ms
338ms Fetch
application/json 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: c9c9e2bc1ddbfddadf07fa606c92cef6e61a222af7f824f17ad5fedd0d63ebe7

Request headers

Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
etag: W/"5bd0-kIMnPGWrtrHN/aHxz9cNTL5Vky8"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: KY9WCf786kE9nJIBtShRLdq_zC-Sy7JMcATWT4a278jl6vjuPrr94w==
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 graphql Show response
starling.crowdriff.com/ 25 B
791 B 140ms
138ms Fetch
application/json 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: f708ae79e532e04b160f91ab57e7c90a73bb4025ea2b4541e947d69b1a339e2e

Request headers

Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

etag: W/"19-N51BhrLaMZq98GtoPk1P6/k830o"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 25
x-amz-cf-id: T_0JHlr3g6KmNt1Fed3iSlHfJPlCbbtk1a0ctEe-VHr7fb5gziwy6Q==
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 widget.css
embed.guidegeek.com/ 15 KB
3 KB 147ms
102ms Stylesheet
text/css 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.guidegeek.com/widget.css

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4e27780776b1ba13d688769e64bdb301a070d07f9ab5c54a70d9e41aa4e554d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1800
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:41:52 GMT
accept-ranges: bytes
content-length: 3291
date: Fri, 08 Nov 2024 16:11:52 GMT
last-modified: Thu, 24 Oct 2024 18:13:46 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 track Show response
pixel.sojern.com/sdk/advertiser/id/10072/ 1 KB
821 B 67ms
38ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/sdk/advertiser/id/10072/track?et=tracking&vid=vacation&ccid=v79sz-2hw8e-bmzhy-fc0nc-c1tae%7C1682247276.1731082312&pixelId=320941&domain=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&s=sdk%7Cccid_auto%7Cccid_ga%7Ciframe%3Dfalse&id=10072&l=en-GB&version=0.2.6
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: f9b7068d5ece69a78ad518e2908f2ab45f7dbc263ed5bcb677f3a1524470e78b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 646
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 430ms
115ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZTdmM2ZmMTEtZjA0My00YTU1LThmZWMtZmZmZjZlNjNmMDBm&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=uaUMu1QPzP4v0NtcHfSJfN2vM-s5n6ntVewoIGv7JwXMYRI20fhZw-asl7r6RGGE

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 08 Nov 2024 16:11:52 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=ZTdmM2ZmMTEtZjA0My00YTU1LThmZWMtZmZmZjZlNjNmMDBm&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopuDFmmTHDcXmI467hzwaqn0vKeg-RJsdeJJfe6Y9GQ4W5mWIvh7uzFrmoMtoAHhTU_ckNU8iM93A7Cb3y3-W7oP79LuMtp3s6_5bMV0DjWWs4uVkfk9BCzJIhhL8f3lc0ISS9q
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopuDFmmTHDcXmI467hzwaqn0vKeg-RJsdeJJfe6Y9GQ4W5mWIvh7uzFrmoMtoAHhTU_ckNU8iM93A7Cb3y3-W7oP79LuMtp3s6_5bMV0DjWWs4uVkfk9BCzJIhhL8f3lc0ISS9q

170 B
432 B

296ms
112ms

Image
image/png

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopuDFmmTHDcXmI467hzwaqn0vKeg-RJsdeJJfe6Y9GQ4W5mWIvh7uzFrmoMtoAHhTU_ckNU8iM93A7Cb3y3-W7oP79LuMtp3s6_5bMV0DjWWs4uVkfk9BCzJIhhL8f3lc0ISS9q

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache, must-revalidate
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopuDFmmTHDcXmI467hzwaqn0vKeg-RJsdeJJfe6Y9GQ4W5mWIvh7uzFrmoMtoAHhTU_ckNU8iM93A7Cb3y3-W7oP79LuMtp3s6_5bMV0DjWWs4uVkfk9BCzJIhhL8f3lc0ISS9q
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN

GET
H2 200 getuidnb
ib.adnxs.com/ 43 B
701 B 403ms
73ms Image
image/gif 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=uaUMu1QPzP4v0NtcHfSJfN2vM-s5n6ntVewoIGv7JwXMYRI20fhZw-asl7r6RGGE

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.84; 194.74.212.84; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 44906d8d-188d-478e-ae52-24a48ffb7a87
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 08 Nov 2024 16:11:52 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 233ms
92ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=uaUMu1QPzP4v0NtcHfSJfN2vM-s5n6ntVewoIGv7JwXMYRI20fhZw-asl7r6RGGE&ttd_tpi=1
Requested by: Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

content-length: 70
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: image/gif
server: Kestrel

GET
H3

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f&party=1296
https://pixel.sojern.com/idsync/adf?adfid=5726732210333742771&cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f

0
20 B

103ms
101ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=5726732210333742771&cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f
Requested by: Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 08 Nov 2024 16:11:53 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-accel-expires: 0

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://pixel.sojern.com/idsync/adf?adfid=5726732210333742771&cid=e7f3ff11-f043-4a55-8fec-ffff6e63f00f
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Fri, 08 Nov 2024 16:11:53 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 track Show response
pixel.sojern.com/sdk/advertiser/id/10072/ 1014 B
1 KB 70ms
49ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/sdk/advertiser/id/10072/track?et=tracking&vid=vacation&ccid=v79sz-2hw8e-bmzhy-fc0nc-c1tae%7C1682247276.1731082312&pixelId=139375&domain=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&s=sdk%7Cccid_auto%7Cccid_ga%7Ciframe%3Dfalse&id=10072&l=en-GB&version=0.2.6
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/sdk/latest/sojern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 7513517ee975ebce694484b83e84aad0f84e36f76215118f86b9b4a32429183e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1014
date: Fri, 08 Nov 2024 16:11:52 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-expires: 0

GET
H2

200

pixel Show response
cm.g.doubleclick.net/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=1225&_yoid=112a38b8-dc89-4f6d-a7c3-c2cf5d20614d&_yosid=1e9a7ba6-df6e-4784-9608-470343781fce&gdpr=&gdpr_consent=
https://tag.yieldoptimizer.com/ps/ps?tc=736294789&t=i&p=1225&_yoid=112a38b8-dc89-4f6d-a7c3-c2cf5d20614d&_yosid=1e9a7ba6-df6e-4784-9608-470343781fce&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxOTQyODE1NTk3NQ&google_sc&gdpr=&gdpr_consent=&

170 B
232 B

89ms
84ms

Fetch
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxOTQyODE1NTk3NQ&google_sc&gdpr=&gdpr_consent=&

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-cache
location: https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxOTQyODE1NTk3NQ&google_sc&gdpr=&gdpr_consent=&
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 0
date: Fri, 08 Nov 2024 16:11:52 GMT
server: Apache-Coyote/1.1

GET
H2 200 wh.js Show response
p.relay-t.io/ 4 KB
5 KB 337ms
96ms Script
application/javascript 2600:9000:275d:2400:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/wh.js

Requested by

Host: pixel.sojern.com
URL: https://pixel.sojern.com/sdk/advertiser/id/10072/track?et=tracking&vid=vacation&ccid=v79sz-2hw8e-bmzhy-fc0nc-c1tae%7C1682247276.1731082312&pixelId=320941&domain=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&s=sdk%7Cccid_auto%7Cccid_ga%7Ciframe%3Dfalse&id=10072&l=en-GB&version=0.2.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:2400:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

etag: "53ab807de88f695459be24327e46aad6"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: W8NanrFFNZTErQxAWaAqn-4Kv9wK-bejUucPUzcjrNCnZGl3TJROuQ==
date: Fri, 08 Nov 2024 16:11:53 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 13:34:04 GMT
vary: Origin
x-frame-options: SAMEORIGIN
x-amz-meta-content-type: application/javascript
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4196
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3

200

src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8287827;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSE...
https://ad.doubleclick.net/ddm/activity/src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BG...
https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGD...

42 B
63 B

266ms
86ms

Image
image/gif

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 08 Nov 2024 16:11:52 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"12733819294269015496"}],"aggregatable_trigger_data":[{"filters":[{"14":["11613502"]}],"key_piece":"0x8517f11c6512bea0","source_keys":["12","13","14","15","16","17","18","19","20","21","15702236","15702237","15702238","15702239","20485188","20485189","20485190","20485191","24772540","24772541","24772542","24772543","27146736","27146737","27146738","27146739","628839488","628839489","628839490","628839491","642010956","642010957","642010958","642010959"]},{"key_piece":"0xba2373cbaceaf64d","not_filters":{"14":["11613502"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15702236","15702237","15702238","15702239","20485188","20485189","20485190","20485191","24772540","24772541","24772542","24772543","27146736","27146737","27146738","27146739","628839488","628839489","628839490","628839491","642010956","642010957","642010958","642010959"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15702236":65,"15702237":65,"15702238":65,"15702239":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20485188":65,"20485189":65,"20485190":65,"20485191":6356,"21":6356,"24772540":163,"24772541":163,"24772542":163,"24772543":15892,"27146736":109,"27146737":109,"27146738":109,"27146739":10594,"628839488":327,"628839489":327,"628839490":327,"628839491":31784,"642010956":131,"642010957":131,"642010958":131,"642010959":12713},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6990434769735184863","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12733819294269015496","filters":[{"14":["11613502"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"12733819294269015496","filters":[{"14":["11613502"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"12733819294269015496","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"12733819294269015496","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8287827"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=COeJypKQzYkDFXYeogMdRFwYgQ;type=track0;cat=allsi0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/px?id=1767597&t=1
https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1767597%26t%3D1

0
1 KB

96ms
69ms

Image
application/javascript

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1767597%26t%3D1

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.84; 194.74.212.84; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 7a849fd6-56f3-4055-bb4c-32aca89a476e
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1767597%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 194.74.212.84; 194.74.212.84; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 6da58db5-7f20-4fc6-8709-2e0abe8be7b7
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 08 Nov 2024 16:11:52 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?add=36702180&t=1
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D36702180%26t%3D1

0
1 KB

124ms
123ms

Image
application/javascript

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D36702180%26t%3D1

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.84; 194.74.212.84; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 45a465eb-e5c2-4b68-ac4c-b1a906873745
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D36702180%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.84; 194.74.212.84; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 851906a6-1587-4ba9-bc43-e60ccf0a7f76
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 08 Nov 2024 16:11:52 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3

200

src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8287827;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
https://ad.doubleclick.net/ddm/activity/src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

42 B
63 B

223ms
86ms

Image
image/gif

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

Requested by

Host: www.enjoyillinois.com
URL: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 08 Nov 2024 16:11:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 08 Nov 2024 16:11:52 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17807585753742375794"}],"aggregatable_trigger_data":[{"filters":[{"14":["7693604"]}],"key_piece":"0xcfe1aecf5b30dd98","source_keys":["12","13","14","15","16","17","18","19","20","21","15702236","15702237","15702238","15702239","20485188","20485189","20485190","20485191","24772540","24772541","24772542","24772543","27146736","27146737","27146738","27146739","628839488","628839489","628839490","628839491","642010956","642010957","642010958","642010959"]},{"key_piece":"0xbdacf10de7424e5a","not_filters":{"14":["7693604"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15702236","15702237","15702238","15702239","20485188","20485189","20485190","20485191","24772540","24772541","24772542","24772543","27146736","27146737","27146738","27146739","628839488","628839489","628839490","628839491","642010956","642010957","642010958","642010959"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15702236":65,"15702237":65,"15702238":65,"15702239":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20485188":65,"20485189":65,"20485190":65,"20485191":6356,"21":6356,"24772540":163,"24772541":163,"24772542":163,"24772543":15892,"27146736":109,"27146737":109,"27146738":109,"27146739":10594,"628839488":327,"628839489":327,"628839490":327,"628839491":31784,"642010956":131,"642010957":131,"642010958":131,"642010959":12713},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15993079465510641917","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17807585753742375794","filters":[{"14":["7693604"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17807585753742375794","filters":[{"14":["7693604"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17807585753742375794","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17807585753742375794","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8287827"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=8287827;dc_pre=CNebypKQzYkDFQAQogMdc080rg;type=track0;cat=plany0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 settings Show response
api.guidegeek.com/chat/ 418 B
595 B 247ms
225ms Fetch
application/json 54.236.206.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.guidegeek.com/chat/settings

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.206.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-206-179.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e9ba40811d04b444cd014513d8134a5b4c4b6421a2afc4d87caa25d026ae8715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.enjoyillinois.com/

Response headers

strict-transport-security: max-age=31536000; preload
access-control-allow-origin: *
content-length: 418
etag: W/"1a2-JNaifZmHdkyydWkEeNddtnBJwqs"
date: Fri, 08 Nov 2024 16:11:53 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express

GET
H2 200 icon-x-mark.svg
embed.guidegeek.com/images/ 213 B
396 B 478ms
197ms Image
image/svg+xml 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.guidegeek.com/images/icon-x-mark.svg

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/widget.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

adf088931aa6a4e74db10e215fb5cf623bea9383889b6efc33b1630dbae18427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://embed.guidegeek.com/widget.css

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1800
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:41:53 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 167
date: Fri, 08 Nov 2024 16:11:53 GMT
last-modified: Thu, 24 Oct 2024 18:12:17 GMT
vary: Accept-Encoding
server: Apache
content-type: image/svg+xml

GET
H2 200 chat-icon-default.svg
embed.guidegeek.com/images/ 745 B
622 B 149ms
115ms Image
image/svg+xml 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.guidegeek.com/images/chat-icon-default.svg

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/widget.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

09584c1c07df971c095ce70f96a2845d35f763f5dc541af9ae51015a8493b7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://embed.guidegeek.com/widget.css

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1800
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:41:52 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
date: Fri, 08 Nov 2024 16:11:52 GMT
last-modified: Thu, 24 Oct 2024 18:12:17 GMT
vary: Accept-Encoding
server: Apache
content-type: image/svg+xml

GET
H2 200 Poppins-Bold.woff2
embed.guidegeek.com/fonts/ 8 KB
8 KB 543ms
290ms Font
font/woff2 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.guidegeek.com/fonts/Poppins-Bold.woff2

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/widget-fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://embed.guidegeek.com/widget-fonts.css

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:11:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7947
date: Fri, 08 Nov 2024 16:11:53 GMT
last-modified: Thu, 24 Oct 2024 18:12:17 GMT
vary: Accept-Encoding
server: Apache
content-type: font/woff2

GET
H2 200 Poppins-Medium.woff2
embed.guidegeek.com/fonts/ 8 KB
8 KB 455ms
202ms Font
font/woff2 54.86.47.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.guidegeek.com/fonts/Poppins-Medium.woff2

Requested by

Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/widget-fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.86.47.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-47-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://embed.guidegeek.com/widget-fonts.css

Response headers

strict-transport-security: max-age=31536000; preload
cache-control: max-age=1
content-encoding: gzip
expires: Fri, 08 Nov 2024 16:11:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7983
date: Fri, 08 Nov 2024 16:11:53 GMT
last-modified: Thu, 24 Oct 2024 18:12:17 GMT
vary: Accept-Encoding
server: Apache
content-type: font/woff2

GET
H2 200 729.d551c4946be3af561bf9.css
starling.crowdriff.com/css/ 10 KB
3 KB 130ms
129ms Stylesheet
text/css 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/css/729.d551c4946be3af561bf9.css
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/crowdriff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 2707ef06aca49773f7aeed41caf58fd12527cc737c029035451591b029a3368f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.enjoyillinois.com
Referer: https://www.enjoyillinois.com/

Response headers

content-encoding: gzip
etag: W/"2961-192ba56f8f8"
age: 1379066
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: fOLaYIPUf7IxiBzq05MiAeoDURtAU6clRHawb1BwVddJ3vtudhYIxQ==
date: Wed, 23 Oct 2024 17:07:26 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 17:05:15 GMT
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-powered-by: Express

POST
H2 200 graphql Show response
starling.crowdriff.com/ 2 KB
1 KB 460ms
458ms Fetch
application/json 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: c4c90b8108bb1dbf7c526924fd69ec9f4e7e5efd1ac4bbf9c10f806354dcdf50

Request headers

Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
etag: W/"64a-umQiR+0IJxv9gTqGeoOJ+f8rzfw"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 8O6L14cj2s0IXPsrOxbwnCXxQQzHJJMHWPiT2_IK8F1c90kq1hKDmw==
date: Fri, 08 Nov 2024 16:11:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 graphql Show response
starling.crowdriff.com/ 23 KB
5 KB 378ms
376ms Fetch
application/json 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 1bae1f2ee3867443bf4011da97d80666dc8e23653f82ec2a98c30788f8ee7030

Request headers

Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
etag: W/"5bdc-I7Hm8Wtkv9KQ/N/ujD8si/GxKrE"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: QjFOPmGpzTMqSIHtluYaIWQr0r4eufTxvGejdl7cOfrNWqfGCjPR2Q==
date: Fri, 08 Nov 2024 16:11:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 204 settings
api.guidegeek.com/chat/ Frame 0
0 613ms
203ms Preflight 54.236.206.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.guidegeek.com/chat/settings

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.206.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-206-179.compute-1.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.enjoyillinois.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Fri, 08 Nov 2024 16:11:53 GMT
strict-transport-security: max-age=31536000; preload
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
DATA 200
OK truncated
/ 773 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21215bb46d95a53c3090e10b31b2ce4f69a961592b8d4b58dc234f6b056247bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 beat.js Show response
p.relay-t.io/ 21 B
563 B 107ms
104ms Script
application/javascript 2600:9000:275d:2400:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F

Requested by

Host: p.relay-t.io
URL: https://p.relay-t.io/wh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:2400:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

etag: "590efd78ccb474abbf45b795b73e37d8"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: 21NfelikQyQ_m6nV1m6eOrBtYK_jFWD2dZtZKXYnLBWxLtSykS6k5g==
date: Fri, 08 Nov 2024 16:11:54 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 13:34:05 GMT
vary: Origin
x-frame-options: SAMEORIGIN
x-amz-meta-content-type: application/javascript
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 21
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 200 api Show response
sdk.adara.com/ 16 B
31 B 38ms
36ms Fetch
text/plain 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api?gdpr=&gdpr_consent=
Requested by: Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

X-Adara-Key: YTQ3MTU0NTQtODRiNi00OTUzLWE2MGEtOGUxNWRjOTJlM2I5
Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-methods: POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Fri, 08 Nov 2024 16:11:53 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: X-Adara-Key

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 9548 0
0 50ms
48ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yz_bFczPKlrUJxGVQ6Jvqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Yz_bFczPKlrUJxGVQ6Jvqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 16:11:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 966c69a4-c981-4692-9941-356e1c4dac97.png
cdn1.matadornetwork.com/guidegeek/ 70 KB
70 KB 208ms
49ms Image
application/octet-stream 108.156.60.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.matadornetwork.com/guidegeek/966c69a4-c981-4692-9941-356e1c4dac97.png
Requested by: Host: embed.guidegeek.com
URL: https://embed.guidegeek.com/widget.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-105.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed733b2a3b04c28b9f887489224403e8f535e25c44f8a49e9effbb26ab1dc080

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://embed.guidegeek.com/

Response headers

x-amz-version-id: 6REXa_._V4vdvxLL2Tromf7kQjTWwRtQ
etag: "a4c11485b858e93cc768a4cf020ffe12"
age: 16841
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 71334
x-amz-cf-id: bO2Ae4usP9Gy72N-DeCPmspBywJZ2RqOfGv3fbPj23MR77lZsklHZg==
date: Fri, 08 Nov 2024 11:31:13 GMT
content-type: application/octet-stream
last-modified: Fri, 24 May 2024 22:25:35 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 43ms
43ms Script
application/javascript 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "16d5d552603d86726ae439fc61299d42"
x-cdn: akamai
quic-version: 0x00000001
alt-svc: h3=":443"; ma=600
content-length: 2114
date: Fri, 08 Nov 2024 16:11:53 GMT
akamai-grn: 0.14d53e17.1731082313.6b261e5
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 4E10 0
0 309ms
100ms Document
text/html 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.0dd53e17.1731082314.191b29e9
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 08 Nov 2024 16:11:54 GMT
pinterest-version: d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1008510194898032
x-pinterest-rid-128bit: c2902dde3e16914f8bf57aca18927d3e

GET
H2 200 up
insight.adsrvr.org/track/ Frame B973 0
0 36ms
36ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2iu5zxx&ref=https%3A%2F%2Fwww.enjoyillinois.com%2Fplan-your-trip%2Fillinois-luxury%2F&upid=gyp701j&upv=1.1.0&td1=/plan-your-trip/illinois-luxury/&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.enjoyillinois.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 08 Nov 2024 16:11:54 GMT
server: Kestrel

GET
H2 200 analytics Show response
consent.cookie-script.com/ 47 B
453 B 665ms
364ms XHR
application/json 95.85.9.7
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1731082313840&script=b292ee90376d35a3f45c3a5264693bcf&category=
Requested by: Host: cdn.cookie-script.com
URL: https://cdn.cookie-script.com/s/b292ee90376d35a3f45c3a5264693bcf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.85.9.7 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 45b7284be11215ef8252a8db0b2a3d918ba946f5611096796e8d14b92857e02c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/

Response headers

x-amz-apigw-id: A727pGysjoEEuYg=
x-amzn-trace-id: Root=1-672e384a-5424281e12376c45312897ee;Parent=2ffc260dab46f62e;Sampled=0;Lineage=1:a8669a4e:0
x-amzn-requestid: 6bf61382-f4fe-4477-95d5-02a9eba2e879
via: 1.1 0a3248cb2729105e64fb474faf90e3b2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 47
x-amz-cf-id: JlOxcWkxML_97LU7EhZO0CxkHnRfLChrxiNVAXjF3ohgQ8tKkCERvA==
date: Fri, 08 Nov 2024 16:11:54 GMT
content-type: application/json
x-amz-cf-pop: AMS58-P3
server: nginx/1.18.0 (Ubuntu)

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f536fce1aaae1fb1642a19afca74b3c2bc6358760a34950560fba0b88747de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ccbcc3b899abfc282dadce5b52a66abd23a93fd86e7d4ae0a5251f806c4cb49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 200 graphql Show response
starling.crowdriff.com/ 71 B
840 B 232ms
228ms Fetch
application/json 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starling.crowdriff.com/graphql
Requested by: Host: starling.crowdriff.com
URL: https://starling.crowdriff.com/js/init.8a29080535cbdb06396f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 5d706da8d69652f390ae1a625cf3ccc82b57f22a7d07ee2f575e99e4304139f0

Request headers

Referer: https://www.enjoyillinois.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

etag: W/"47-bZrLVDYZVGEdUnrADwfp/D24zkw"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 71
x-amz-cf-id: 2zpfnsPZxWM1Noui6wpXMNNCPtkbxCK7QfOhIc2icq9FImEbZr7lKQ==
date: Fri, 08 Nov 2024 16:11:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 favicon-32x32.png
www.enjoyillinois.com/_resources/themes/enjoyillinois/images/favicons/ 1 KB
2 KB 128ms
125ms Other
image/png 3.135.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enjoyillinois.com/_resources/themes/enjoyillinois/images/favicons/favicon-32x32.png?m=1710871496

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.135.131.171 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-131-171.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f0506f8e38a7c763a6b55a5d0f97aaa46860a295bd322323c2ffa4a4212eb94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=15780000, public
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
content-length: 1485
date: Fri, 08 Nov 2024 16:11:54 GMT
x-xss-protection: 1; mode=block;
content-type: image/png
last-modified: Tue, 19 Mar 2024 18:04:56 GMT
server: Apache
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.enjoyillinois.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: m1gshr4280uau9av53taq1fc2r
starling.crowdriff.com/	1970-01-21 01:01:27	Name: AWSALBCORS Value: B65uRw417ZTxpUKFLqN6Q3KK64KsyPz9ass/Pdw2u1hSJ3URWClAzwn5hroUK7HmVh2nOcvYo1vCGtdHdD3Tq4Jr8ry2cGNjQQEz638fnlKAANmj6vgOEtRf3TCz
.enjoyillinois.com/	1970-01-21 01:34:34	Name: pageCount Value: 1
.trkn.us/	1970-01-21 09:36:58	Name: barometric[cuid] Value: cuid_672e3847-99d0-4170-b22b-8094535307b9
.enjoyillinois.com/	1970-01-21 03:00:58	Name: _rdt_uuid Value: 1731082311464.3ea6d4d5-ae0c-441a-aafd-7a882ddea7fb
.enjoyillinois.com/	1970-01-21 03:00:58	Name: _gcl_au Value: 1.1.421711791.1731082312
.enjoyillinois.com/	1970-01-21 10:27:22	Name: _ga_8RNP5S1WF9 Value: GS1.1.1731082312.1.0.1731082312.0.0.0
.enjoyillinois.com/	1970-01-21 10:27:22	Name: _ga Value: GA1.1.1682247276.1731082312
.pinterest.com/	1970-01-21 09:36:58	Name: ar_debug Value: 1
.enjoyillinois.com/	1970-01-21 09:36:58	Name: _pin_unauth Value: dWlkPU0yRXhZMkZtWmpJdE5qTXlNaTAwWVRobExXSmpabUV0TXpJek5qTTNaamcwTVRsaQ
.www.enjoyillinois.com/	1970-01-21 09:36:58	Name: _yoid Value: 112a38b8-dc89-4f6d-a7c3-c2cf5d20614d
.www.enjoyillinois.com/	1969-12-31 23:59:59	Name: _yosid Value: 1e9a7ba6-df6e-4784-9608-470343781fce
.doubleclick.net/	1970-01-21 10:12:58	Name: IDE Value: AHWqTUkUdOMIPTJNOPwRKlgNl_XNezb0b21MX40LBCYbZpF_HS9t0GZgkBEo_8nNEVc
.doubleclick.net/	1970-01-21 05:10:34	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 01:34:34	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 09:36:58	Name: _pinterest_ct_ua Value: "TWc9PSY4V3JrQW16cEVNcVRNUXQwQ1B1VnFvSFFXVjFYcGZQM3R0ZWtuT29QNDFpenFzRk82SGQ4K3RjS3h6SHJVWlZJMWhDUVozdEdHMnBtOHViT3FMUU1kUlJpRUlmeEYxb3czRjVDTlNEa0dLbz0mbjlTTEVLYnB0MG1RZVNZeFdXU1ZHbXNkeEJjPQ=="
.sojern.com/	1970-01-21 09:36:58	Name: cid Value: e7f3ff11-f043-4a55-8fec-ffff6e63f00f#1731024000000
.adnxs.com/	1970-01-21 10:27:22	Name: receive-cookie-deprecation Value: 1
.bidr.io/	1970-01-21 10:19:52	Name: bito Value: AAD9BU7OXHEAABWP2lf5gg
.bidr.io/	1970-01-21 10:19:52	Name: bitoIsSecure Value: ok
.turn.com/	1970-01-21 05:10:34	Name: uid Value: 4341072904867681245
.yieldoptimizer.com/	1970-01-21 09:36:58	Name: cktst Value: 736294789
.adnxs.com/	1970-01-21 03:00:58	Name: XANDR_PANID Value: J-lYdK5LrWnsBg_XXF-PRF7tN69y2LN4JlKcuiHkx1g4Om2WhR0sUYLL8qC1yTSAR13fVxjww9H4MtC53j-1aCm9jaCkyIZMS8YlCK5_xsw.
.adnxs.com/	1970-01-21 03:00:58	Name: uuid2 Value: 1775820031808742468
.adform.net/	1970-01-21 01:34:34	Name: C Value: 1
.yieldoptimizer.com/	1970-01-21 09:36:58	Name: ckid Value: 3019428155975
.yieldoptimizer.com/	1970-01-21 09:36:58	Name: dph Value: %7B%22t%22%3A%5B138976%5D%2C%22dp%22%3A%5B1225%5D%7D
.yieldoptimizer.com/	1970-01-21 09:36:58	Name: ph Value: %7B%22p%22%3A%5B39%5D%2C%22t%22%3A%5B138976%5D%7D
.tiktok.com/	1970-01-21 03:00:58	Name: _ttp Value: 2oZg3RgBXY8a6pMjMBtEKayACuq
.adform.net/	1970-01-21 02:17:46	Name: uid Value: 5726732210333742771
.adnxs.com/	1970-01-21 03:00:58	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C'!nU#dZ!]tbP6j2F-XstGt!@E#H%%91M
.sojern.com/	1970-01-21 09:36:58	Name: adfid Value: 5726732210333742771
.amazon-adsystem.com/	1970-01-21 06:29:46	Name: ad-id Value: AzD-YazNmUg-oDT13CqHukQ
.amazon-adsystem.com/	1970-01-21 10:27:22	Name: ad-privacy Value: 0
.enjoyillinois.com/	1970-01-21 01:34:34	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_user_data":"targeting","ad_personalization":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"firstpage":"https://www.enjoyillinois.com/plan-your-trip/illinois-luxury/","bannershown":1}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14266377.fls.doubleclick.net
8388687.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
alb.reddit.com
api.guidegeek.com
api.weglot.com
c1.adform.net
cdn.cookie-script.com
cdn.weglot.com
cdn1.matadornetwork.com
cm.g.doubleclick.net
consent.cookie-script.com
ct.pinterest.com
embed.guidegeek.com
fcmatch.google.com
fcmatch.youtube.com
geo.cookie-script.com
ib.adnxs.com
insight.adsrvr.org
js.adara.com
js.adsrvr.org
jsres.adara.com
luxebyillinois.com
match.adsrvr.org
p.relay-t.io
pixel-config.reddit.com
pixel.sojern.com
s.pinimg.com
sdk.adara.com
starling.crowdriff.com
static.addtoany.com
static.sojern.com
tag.yieldoptimizer.com
td.doubleclick.net
trkn.us
www.enjoyillinois.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
107.178.244.119
108.156.60.105
142.250.185.102
142.250.185.134
142.250.185.162
142.250.186.166
146.185.171.17
15.197.193.217
15.197.225.128
151.101.1.140
151.101.193.140
151.101.65.195
18.172.103.101
18.66.122.46
2.19.224.184
2600:9000:275d:2400:1d:40aa:1fc0:93a1
2606:4700:10::6816:46c5
2606:4700:10::ac43:2794
2606:4700:4400::6812:268e
2606:4700:4400::ac40:9572
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:827::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a04:4e42:200::396
2a04:4e42:200::84
3.135.131.171
3.33.220.150
34.102.191.167
34.160.64.247
35.186.212.60
35.244.188.9
37.157.5.132
37.252.171.149
54.236.206.179
54.86.47.15
95.101.111.153
95.85.19.25
95.85.9.7
00295bd2434891c2c31f5c66b5146d90cfa16423802bc43f3adeb0eaf9f35588
01269bff7ef5f891ca65851c040e33db891320db98e5ac17d4f7c68e2a854bf5
0363299f047346c971ce1c7457b245f24c0131fc4d40ede5a8fdd8cb9f0d501e
0616f7756bfde7000a6f4972c4c1bb3b9fd3f601b4f72b690eee68bbd9f3075c
061d833e501e242f7d4add50dd17333267ea870113dd0731eb3d735cd14a1120
09584c1c07df971c095ce70f96a2845d35f763f5dc541af9ae51015a8493b7f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2
0d4b0628cefc50bab0bbbbcc68aee5f1dad98b23b39a3f666c6e1ae0a0baa02d
0e0e4b49e3f74288435ce2ea64a7eeb38670ccb437a004f074dcc71af8a18710
122ed4db2019348aef89a605e3eb79c6004f5727f16144dc46b61f31ee131764
1260a8ffd547ca61535f449f18a6276820d2316b39f3a0c1da27524ebb300ba1
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
149cabf8a24f889c0edb10155a9cabeab481f16786131550ddb80b2dca351ab5
19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07
195c3fdc59e15c9ce6ab66e0c31bbbf9679854d6d445c019e69926554f0cc024
1b7a484831d2c8f69cec79364f8768642f0528bc908b3fa20915deed8f6c4759
1bae1f2ee3867443bf4011da97d80666dc8e23653f82ec2a98c30788f8ee7030
1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77
1cf827a05bfa7f129e4b99e47fad8db1bc30f5af84660e0fa6f2e1ae6df96ca8
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
20fd4a8c62de8218d6f3f45e8fbceaef5ee0328e57786c0fda1c7ec9941acf9f
21215bb46d95a53c3090e10b31b2ce4f69a961592b8d4b58dc234f6b056247bb
2707ef06aca49773f7aeed41caf58fd12527cc737c029035451591b029a3368f
2ad493684872765893c1aeb2ca44be9b8e07c0dfeb9acba14770028c4512e169
2b89061493f6b5892867e78406945c044469b32064f2128de4ba6be704641f19
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294
338da371bd561692bee7730b33a34371b550c3052c7a0a90135b14cc384bbf4b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39beff95f59dd482f75cd38c98a5627cbef7ca51c09fbda8b757f1678f560e1e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45b7284be11215ef8252a8db0b2a3d918ba946f5611096796e8d14b92857e02c
4763e2b841e5c78f14760398f97eb6eb924948d84a3f450947257edd41970fc3
476e69e75d904cacadbe7d045ce8c66db18ca18e02dcb6ab47bf9842dc95e516
47c2a0fe489d23b1fb0c6eba41e47d9530dd663015dd7b512dcf4504cd500c66
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccbcc3b899abfc282dadce5b52a66abd23a93fd86e7d4ae0a5251f806c4cb49
4dea7a7996a7e68f97e21cb52bec63500e225ff910dcaf8832b4c4b231f11617
4e27780776b1ba13d688769e64bdb301a070d07f9ab5c54a70d9e41aa4e554d6
4eb2ce8428b069ef2cdb1351d1e6e849413abfc063b8c777527c2935feea19c3
51c498f30c8d5372fa17b9facad358eefc0a4075a4b3d3c9a64a390d58ff9580
55daf4791f9cc3826c27aeaf233f195ea7685a3d74dc8c70aa11b0abd7117a9c
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
57862f82e4346c62b0852592ac9ed89104c28c18648fc47c75217bd405b14576
59ae0f730d27b4ba232b7a1d7d221f900be2474c79e55f217545709f1f1327d2
5d706da8d69652f390ae1a625cf3ccc82b57f22a7d07ee2f575e99e4304139f0
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
5e2decf8275ad366b2bfbcb0f9c1c3043c6c50c16c43e03b320fea5a1ed43d9a
5ea9f849070a092308e707d30caaeb2f2a6595e44f223eb9807388b970bcbddb
6093117360944255a783485545cb96a4e231021e8ff7bfc29e8c91ad1b3060cf
60c00a97fedc87aa7a9c446cd209f8d8ea39b7a912ce81893faf8021bae24cc8
66f7192be096612b07cee8bcb5191d6067f780a526a8f09bea7b015a6530612b
6767a021bfe445847bbda9c189f1d80c05afb4d300e77b40abadee428132d2af
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de
7513517ee975ebce694484b83e84aad0f84e36f76215118f86b9b4a32429183e
78d5a58fef22aacf1513caaf0e3617bc663784fca517bef24c16c9eb4f468ab2
7c2a844666a1dcf8427326925ebc0b27cd0993e7fbb4007a7428b6889d888db6
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7e56a74442a182fda2822b7cc95ce14eaa4de9fdc2613644f6dc0208893cade0
7f536fce1aaae1fb1642a19afca74b3c2bc6358760a34950560fba0b88747de5
8c410d9afc0e43bf1e3e5e2a2cbfcd6bde56ee884d7c4f5bfd67396c217829c2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9404936691def31ca1a9fab99eb87fc1d23059106b786c80312ccc1cbcbf9836
95fbf932146f692c95df286b2553958f07307da087181ed106ec22edcaba3d5e
97a4f509ee6b583bd49d2f7ab76954eaa231a7ac6727e6edada7cf114ffa937c
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9eebf511a3968415ee39e370c6294681e5ae890e3fe0e6e74b56a72c68ff0d79
9f3e6a5d73b4e510fa8e4b868a6c623aea6c39c1a94acbfb9f5d9b5d8910f607
a10e619662181d24af9a9eddfecae05be222a1155a9642afe8e78898996215c3
a295df662b69cad05526ecafd6dcb9195041fb8cf39e876c38cb7f031c49af70
a90fa207487fe61c3bfc6d673034be20e1fa716974436a567e18f9c23099a02f
aadc192832702dbf75f7f71d900fb87b5138b7d85d718f0a7fc66a0256a5f181
adf088931aa6a4e74db10e215fb5cf623bea9383889b6efc33b1630dbae18427
af131f38af73817b1fbcd3381d88c95f4123b4b5a58ca4bd0872a68f29cbbf2d
b04b9be05c017dba18ad234780ac4d588caee3ec30422daaacaa50aa1e8d02c3
b1aca045cb9ee1179093fdf38ba786a679cc83449d46b8324a748d5a8bbf16e2
b4f614f8bbd9892baad9d79a156a7b39fb732315987ee7114b5cce0cc1fdf841
b67f533b99e0d9b805ae83cf46b1a3e3221b57b1be3b051535de51c4dad90b93
b8b570ad7cd8778b52aff6c8e647a302243426f9f72fb8bd592bac5ca3ab97ce
c3e6412c9f1fd102636484e189e1c523331bd45b04f32a80628b6c0982b92064
c4c90b8108bb1dbf7c526924fd69ec9f4e7e5efd1ac4bbf9c10f806354dcdf50
c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6
c9c9e2bc1ddbfddadf07fa606c92cef6e61a222af7f824f17ad5fedd0d63ebe7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb32a094a7e04fb916d6c18bafe28d1988ef92222246db4d1ade295929037b66
cbf0575008bfab3741644c818f3808c03ebb1f6a68b8a7d83420474f6791727f
cc40bcbc62043b13e0447ef083b52fa34c6942980046cf553e3afbfe1dcd201a
cfde3ff6e84e9f937c3304e9bddfec2b7dc2a367545928b2108b36ca6915f09b
d35bbebfc42d690471373f1c653871a23bff3948d452dbf33cef581b77fe9ef5
d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c
d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453
d9677a860448c05cae657e2355cc6004a43d2203796c1decec51ecd866c9677a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ba40811d04b444cd014513d8134a5b4c4b6421a2afc4d87caa25d026ae8715
ea355de68ba998ce59c31a8317d9c2484c6587dc7a1e9243dd139f90168d7ce7
ec780b8837613808d26a81a1b15a29fee489568c5f86bb01a077673a2b629240
ed733b2a3b04c28b9f887489224403e8f535e25c44f8a49e9effbb26ab1dc080
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0506f8e38a7c763a6b55a5d0f97aaa46860a295bd322323c2ffa4a4212eb94e
f097b65466a9b8a6ea638087081c73f9bafa6ebb0ce82a3d9edee1ded1f57cc2
f2977fb3350b46dd91282d28574d083f834af23731c088d93ad9376fad4ac89c
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191
f708ae79e532e04b160f91ab57e7c90a73bb4025ea2b4541e947d69b1a339e2e
f747e893548a8d50f366c40bdd3519ca8643628e7f2a7c4c81d2eaa6f15cf649
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
f9b7068d5ece69a78ad518e2908f2ab45f7dbc263ed5bcb677f3a1524470e78b
fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fe7f6599f9f76690d6b34ec961c34e03e7d1fe5516c769615a0430b5e7603281

www.enjoyillinois.com Open in urlscan Pro 3.135.131.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

94 %HTTPS

35 %IPv6

26 Domains

42 Subdomains

40 IPs

4 Countries

2544 kBTransfer

6110 kBSize

35 Cookies

23 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.enjoyillinois.com Open in urlscan Pro
3.135.131.171 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

94 %
HTTPS

35 %
IPv6

26
Domains

42
Subdomains

40
IPs

4
Countries

2544 kB
Transfer

6110 kB
Size

35
Cookies

134 HTTP transactions
7 data transactions