civitimeapp.com Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://civitimeapp.com/
Submission: On December 15 via api (December 15th 2024, 4:50:22 pm UTC) from US — Scanned from GB

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 20 domains to perform 71 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is civitimeapp.com.
TLS certificate: Issued by R10 on October 24th 2024. Valid for: 3 months.

This is the only time civitimeapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	13.35.58.120 13.35.58.120	16509 (AMAZON-02) (AMAZON-02)
4	13.35.58.148 13.35.58.148	16509 (AMAZON-02) (AMAZON-02)
1	104.16.78.142 104.16.78.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.160.168 104.16.160.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.139.17 104.18.139.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.147.16 172.64.147.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.223.152 104.17.223.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.67.167.146 172.67.167.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.244.18.97 18.244.18.97	16509 (AMAZON-02) (AMAZON-02)
6	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.240.108 104.18.240.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
4	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
20	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
1	104.16.118.116 104.16.118.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.69.251.6 54.69.251.6	16509 (AMAZON-02) (AMAZON-02)
2	184.24.77.18 184.24.77.18	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.139.209 104.16.139.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	24

5 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

civitimeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-120.fra60.r.cloudfront.net

static.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.58.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-148.fra60.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.78.142 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.160.168 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.139.17 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.147.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.223.152 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.167.146 (United States)

ASN13335 (CLOUDFLARENET, US)

mf-mg-prod.civitimeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mf-cc-prod.civitimeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct-campaigns.civitimeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-97.fra56.r.cloudfront.net

client.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.240.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.251.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-251-6.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.24.77.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-24-77-18.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1132310.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.139.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 firestore.googleapis.com — Cisco Umbrella Rank: 1478	6 KB
14	civitimeapp.com civitimeapp.com mf-mg-prod.civitimeapp.com mf-cc-prod.civitimeapp.com ct-campaigns.civitimeapp.com	2 MB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5268 app.hubspot.com — Cisco Umbrella Rank: 5921 track.hubspot.com — Cisco Umbrella Rank: 2477 forms.hubspot.com — Cisco Umbrella Rank: 6196 js.hubspot.com — Cisco Umbrella Rank: 3653 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677	30 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1935	36 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 333	2 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	15 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	20 KB
2	axept.io static.axept.io — Cisco Umbrella Rank: 61766 client.axept.io — Cisco Umbrella Rank: 64050	182 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3819	1 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 6680	1 KB
1	sentry.io o1132310.ingest.sentry.io	336 B
1	gstatic.com fonts.gstatic.com	48 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1510	173 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	95 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3690	991 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3341	4 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5955	92 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5194	27 KB
71	20

	Domain	Requested by
20	firestore.googleapis.com	civitimeapp.com
7	ct-campaigns.civitimeapp.com	civitimeapp.com
5	civitimeapp.com	civitimeapp.com
4	fonts.googleapis.com	client
4	cdn.segment.com	civitimeapp.com cdn.segment.com
3	px.ads.linkedin.com	civitimeapp.com
2	region1.google-analytics.com	civitimeapp.com
2	snap.licdn.com	js.hsadspixel.net snap.licdn.com
2	api.hubspot.com	js.usemessages.com
2	js.hs-banner.com	civitimeapp.com js.hs-banner.com
1	perf-na1.hsforms.com
1	cta-service-cms2.hubspot.com	civitimeapp.com
1	js.hubspot.com	js-na1.hs-scripts.com
1	forms.hubspot.com	civitimeapp.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	o1132310.ingest.sentry.io	civitimeapp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	api.segment.io	civitimeapp.com
1	app.hubspot.com	js.usemessages.com
1	www.googletagmanager.com	civitimeapp.com
1	api.hubapi.com	js.hsadspixel.net
1	client.axept.io	static.axept.io
1	mf-cc-prod.civitimeapp.com	civitimeapp.com
1	mf-mg-prod.civitimeapp.com	civitimeapp.com
1	js.hsadspixel.net	civitimeapp.com
1	js.hsleadflows.net	civitimeapp.com
1	js.hs-analytics.net	civitimeapp.com
1	js.usemessages.com	civitimeapp.com
1	static.axept.io	civitimeapp.com
71	30

This site contains no links.

Subject Issuer	Validity	Valid
civitimeapp.com R10	`2024-10-24` - `2025-01-22`	3 months	crt.sh
static.axeptio.eu Amazon RSA 2048 M02	`2024-05-19` - `2025-06-17`	a year	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
usemessages.com WE1	`2024-12-04` - `2025-03-04`	3 months	crt.sh
hs-analytics.net WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
hsleadflows.net WE1	`2024-11-27` - `2025-02-25`	3 months	crt.sh
hs-banner.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
hsadspixel.net WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
client.axept.io Amazon RSA 2048 M03	`2024-07-03` - `2025-07-31`	a year	crt.sh
hubspot.com WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
hubapi.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
edgecert.googleapis.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2024-11-13` - `2025-12-13`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-02` - `2025-12-01`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
hs-scripts.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
hsforms.com WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://civitimeapp.com/
Frame ID: B9D51A50B62FDB4D71A3136172C794C2
Requests: 69 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/5260294/threads/utk/2b88f07f976644b58d29e8ecb6fba1e2?uuid=4909ace685c84787941abb3beb98746c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=civitimeapp.com&inApp53=false&messagesUtk=2b88f07f976644b58d29e8ecb6fba1e2&url=https%3A%2F%2Fcivitimeapp.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: DB58616F9C915C465473460B36208F70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hub

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

71
Requests

100 %
HTTPS

0 %
IPv6

20
Domains

30
Subdomains

24
IPs

3
Countries

2357 kB
Transfer

11921 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
civitimeapp.com/ 877 B
677 B 181ms
45ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://civitimeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f01cbdec861837f70b306dc0c1638b08f1553b6c92b71ce1e6f6fad92fdf3b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 329
content-type: text/html; charset=utf-8
date: Sun, 15 Dec 2024 16:50:14 GMT
etag: "3e04ac7b414f84d064aa49d23e97b34353faa1f2b6bdcdcccf62dafc992f9e57-br"
last-modified: Thu, 21 Nov 2024 10:44:51 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600040-LCY
x-timer: S1734281414.332262,VS0,VE1

GET
H2 200 main.40c2c37f890551173057.js Show response
civitimeapp.com/ 1 MB
285 KB 132ms
132ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://civitimeapp.com/main.40c2c37f890551173057.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

adb47da9673f09d9d882537feaf936373bac4eea79fd7dea2f953602b5601d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "1f0aa9a28a1a48b4c9a42cfcd4f61d0b4bb898553be3ded8dfd5b73d7ddb9f94-br"
x-timer: S1734281414.380737,VS0,VE107
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS
content-length: 291199
date: Sun, 15 Dec 2024 16:50:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 10:44:51 GMT
x-served-by: cache-lcy-eglc8600040-LCY
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 sdk.js Show response
static.axept.io/ 711 KB
181 KB 511ms
59ms Script
text/javascript 13.35.58.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.axept.io/sdk.js
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a8499608f9deceaddebc2ec4250f55be7d3257667ee01f225ff3ef2131ca76a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: br
etag: W/"c05e7ae0f7c7cfd8f1d67d9ce3f0db08"
x-amz-version-id: pp7skO5TGyaUJafRoB6NORhUlQjWdCdV
age: 25230
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: _Khr0On6Hh-55oUrHqybgoTcYVGs7lkhlg1lJ2HiQWxyaoV9XEouAA==
date: Sun, 15 Dec 2024 14:59:41 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 14:59:39 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/ 106 KB
30 KB 695ms
534ms Script
text/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/analytics.min.js
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1155ed9ca31c556f59333311735ad0643521ac02edd104215164897b31be5e9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: l9RiSeNLPsXmrrDTmetccooVlPH9KjFt
etag: W/"814ba907efd73f79bd648d4529109662"
access-control-allow-methods: GET, HEAD
x-cache: RefreshHit from cloudfront
x-amz-cf-id: BGt6ZPSRegb98thik9UG2RfNfd4j0xlNWsyjFeA_wgvhG49DVK9fDA==
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Tue, 05 Nov 2024 20:37:37 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 343f10c14a24beceec4fd2e9df6f9a50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 94 KB
27 KB 456ms
46ms Script
application/javascript 104.16.78.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.78.142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

805b0681c2bfc4efbcc9f7b089e5b3cc6f61711b48cc8a03541c28d5a6e98939

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: be96356d-ec05-41af-b9cf-d47461efd63b
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d3b48bb0354709f54a326afe32560d1"
x-amz-version-id: mHqP3rdCaqBiFV74VY6GE_TBMs74RQ_Z
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age: 39
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: RW5sas3spSXNzfLbVCxEbid_l3U17drhzI1FQMlkFyA_1TcnEa1JhQ==
date: Sun, 15 Dec 2024 16:50:15 GMT
x-hubspot-correlation-id: be96356d-ec05-41af-b9cf-d47461efd63b
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 15:54:36 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-jr57s
x-envoy-upstream-service-time: 3
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.19314/bundles/project.js&cfRay=8f17310f8f844136-AMS
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-ray: 8f27ee7bdc88f64f-LHR
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.19314/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5260294.js Show response
js.hs-analytics.net/analytics/1647530100000/ 68 KB
25 KB 588ms
175ms Script
text/javascript 104.16.160.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1647530100000/5260294.js
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b962bc34a0f8cd23d8210b38a671211671ce89c8f82550968f1269950fefa9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 20e601d4-e1f1-46e1-8088-48f4db64d9a4
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"dc4fb9b1d908882c4ead1c3a774e6748"
x-amz-version-id: null
expires: Sun, 15 Dec 2024 16:55:15 GMT
x-evy-trace-listener: listener_https
date: Sun, 15 Dec 2024 16:50:15 GMT
x-hubspot-correlation-id: 20e601d4-e1f1-46e1-8088-48f4db64d9a4
content-type: text/javascript
last-modified: Tue, 01 Oct 2024 15:34:51 GMT
vary: origin, Accept-Encoding
x-amz-id-2: ht+tBTLLevWeD3inktL3TsSVhITrOk6nfGt5BoknbMpuRiXC6sY0QSdWgsKdpv67rfqmbfRTlCva9u6WgiUHHVWdvSbb1w+2
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-75d7846cb8-cp6h8
x-envoy-upstream-service-time: 27
access-control-allow-credentials: false
x-amz-request-id: V12DMZWMKYVAVNHD
cf-ray: 8f27ee7bd8fa79bb-LHR
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 550 KB
92 KB 650ms
237ms Script
application/javascript 104.18.139.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.139.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7da57a437a999e2503178063a85ca9557211686f50d7671db0142a2ceb3095d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://civitimeapp.com
Referer: https://civitimeapp.com/

Response headers

x-request-id: 7e2fe42f-6705-47f5-ab1b-f3819f48979a
content-encoding: gzip
cf-cache-status: MISS
x-amz-version-id: PqQn.3x38ZWRmSYb9J2u1wYA9Etnh36Z
etag: W/"e9829c28fae41e369bd948323746cc37"
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: MmkMgEtVDtLNSV70IwCrPuJWbXeNx6ChObJGw3GqBYkiylLxFQuMzg==
x-hubspot-correlation-id: 7e2fe42f-6705-47f5-ab1b-f3819f48979a
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 15:49:15 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-b87dx
x-envoy-upstream-service-time: 53
x-hs-target-asset: lead-flows-js/static-1.2121/bundle/main/lead-flows-release.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Sun, 15 Dec 2024 16:50:15 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.2121/bundle/main/lead-flows-release.js&cfRay=8f27ee7bdca3637f-CDG
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-ray: 8f27ee7bdca3637f-LHR
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 5260294.js Show response
js.hs-banner.com/ 65 KB
20 KB 508ms
98ms Script
text/javascript 172.64.147.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5260294.js
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8ab60012ecbcc60875ced34708e8aad25cf965826ba3daa44b2d863f97e8965

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 78217051-20ca-474b-b054-e3d8a84f88c3
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"de996eb6b6f603e07c2265d31b1c1be9"
x-amz-version-id: 5IWvQthOPBoLS3gz_vuJBprRMnZ8s9Ev
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Sun, 15 Dec 2024 16:55:03 GMT
x-evy-trace-listener: listener_https
date: Sun, 15 Dec 2024 16:50:15 GMT
x-hubspot-correlation-id: 78217051-20ca-474b-b054-e3d8a84f88c3
content-type: text/javascript; charset=UTF-8
last-modified: Tue, 25 Jun 2024 06:03:37 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 3ErjZflWHNK0CgzImRSS/DC5rVN+vas/cQnfaz0x9eg94orfFQcYjSXPe0vbya8b+luRaGs7fnnhkcT1KBpZA0w33V/JejDq8Y+Z+Nebh2Q=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-j2gwx
x-envoy-upstream-service-time: 63
access-control-allow-credentials: true
x-amz-request-id: C1BADD7P57DVP13H
cf-ray: 8f27ee7bdb2c956c-LHR
access-control-allow-origin: https://builds.civitime-app.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 476ms
64ms Script
application/javascript 104.17.223.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbc9356e752ad2ec816689d39f6bc3c275294782b19934c54a20aea7580e4e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 236b1933-6ea8-4bbd-93dc-865a94a37463
content-encoding: gzip
cf-cache-status: HIT
etag: W/"707a0b55faf28e3938f5c35015d03842"
x-amz-version-id: JReSGa6dgrJ0I2wOjACpFmY9DiwA4Un0
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 529
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: jl967RrIiwxcJws_GQiQR4NJRDvFVrWjn9e10rgYggmqW55DeObN3Q==
date: Sun, 15 Dec 2024 16:50:15 GMT
x-hubspot-correlation-id: 236b1933-6ea8-4bbd-93dc-865a94a37463
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 15:06:23 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-n6bxn
x-envoy-upstream-service-time: 0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.976/bundles/pixels-release.js&cfRay=8f16ea680ec2cd8d-AMS
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-ray: 8f27ee7bde439481-LHR
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.976/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 149.30053d3e0be17ea3ec59.js Show response
civitimeapp.com/ 2 MB
435 KB 162ms
162ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

070a3902c86cb9ab3a235c77ab5b0caa3b7746eec67ece570b36728b6ba95c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "24ad46885d3a4949a9d9ef0d53d85fefd39eee8aa5b9fc16d75ce0f038f85b38-br"
x-timer: S1734281415.596432,VS0,VE129
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS
content-length: 445252
date: Sun, 15 Dec 2024 16:50:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 10:44:51 GMT
x-served-by: cache-lcy-eglc8600037-LCY
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 remoteEntry.js Show response
mf-mg-prod.civitimeapp.com/ 5 MB
794 KB 963ms
241ms Script
text/javascript 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mf-mg-prod.civitimeapp.com/remoteEntry.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da40941a09c79b847b822c8bcf139043ed8212b206a9bc4ad620bce4c91233f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"ad5db2dfaec42596877e78efeb405342f6c691f01bcfbb4b42c66555a2c7f172-br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YV9EjLFFi1WiKygAKSWPOZRFJ0rDYj2lvhp%2FHBXOCiaRw0MwSktIXWPC37FVMEDP4ZoEBJvI%2FsXCRSZwYXMjFFeWumDoABqMr4eAjye%2BbyHHK%2FeAG0U56PLjp9IkUhGnq5Lt5eZkslVw21NRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: MISS
server-timing: cfL4;desc="?proto=TCP&rtt=5049&min_rtt=3334&rtt_var=4121&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3946&recv_bytes=2178&delivery_rate=1274738&cwnd=244&unsent_bytes=0&cid=6c67941ab698bc7b&ts=249&x=0"
date: Sun, 15 Dec 2024 16:50:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 14 Apr 2023 12:48:25 GMT
x-served-by: cache-lcy-eglc8600064-LCY
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1734281415.357663,VS0,VE166
cf-ray: 8f27ee7dcb7f8898-LHR
server: cloudflare

GET
H2 200 remoteEntry.js Show response
mf-cc-prod.civitimeapp.com/ 181 KB
64 KB 910ms
147ms Script
text/javascript 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mf-cc-prod.civitimeapp.com/remoteEntry.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86803a462b3f72fa02a9b1edb10a6c1bfa27bf757ad9f83affd8e1aa0d294ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"2353d36e1f928438dbe50b97af4fe28ed227b1b017c6c90b9cd3e81fbfd370ee-br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHzBAENMKqhsrUjIy3XEjXgPrqRE2YeT3JglkiFgl1mrtNeQKikem4pzPSgtCehyhuznrUmpQuIgpeotCwUS1JbR45W%2BsNkR2WEBsYGPJDR2XMQrfs1zleqGi90OOtVZO2Y6OMyMJRxaWbUPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=TCP&rtt=5814&min_rtt=3635&rtt_var=4996&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3944&recv_bytes=2178&delivery_rate=1193460&cwnd=253&unsent_bytes=0&cid=56bdc386874dcb19&ts=166&x=0"
date: Sun, 15 Dec 2024 16:50:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 03 Apr 2024 12:50:38 GMT
x-served-by: cache-lcy-eglc8600076-LCY
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1734281415.462964,VS0,VE4
cf-ray: 8f27ee7e0d5263c6-LHR
server: cloudflare

GET
H3 200 422.72c7707a951c4246cb1f.js Show response
civitimeapp.com/ 1 MB
159 KB 136ms
136ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://civitimeapp.com/422.72c7707a951c4246cb1f.js

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/main.40c2c37f890551173057.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7faee0bfa4e7fd212c29c04a1766046dbf05865df216de46b9489bb61e7f530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "e25ffa3439cae9a8472e4381483658f6d67626d725b8b113fc3f1ec59527b3d8-br"
x-timer: S1734281415.596817,VS0,VE111
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS
content-length: 162975
date: Sun, 15 Dec 2024 16:50:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 10:44:51 GMT
x-served-by: cache-lcy-eglc8600037-LCY
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 645ba1002bc1846f5614f9a3.json Show response
client.axept.io/ 474 B
999 B 562ms
104ms Fetch
application/json 18.244.18.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/645ba1002bc1846f5614f9a3.json?r=0
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d0cd83cc40638e56d32cb3071c2c0190ddc0a43231ea8274b83644587eb520a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-expose-headers: X-Viewer-Country,X-Viewer-Country-Region,ETag
etag: "002e7fd9429ad9c99904b34af8bb7e84"
x-amz-version-id: U1GsxfNNMbxxUf4zqmFmExr1M2pA5J7u
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: C8ARlUFFQq73CnaxueJsuLwIgrtSCUD6ipxaYUOZjCtVwArP3lNzmw==
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/json
last-modified: Tue, 22 Mar 2022 14:41:17 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
via: 1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 474
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 361ms
360ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5260294&conversations-embed=static-1.19314&mobile=false&messagesUtk=2b88f07f976644b58d29e8ecb6fba1e2&traceId=2b88f07f976644b58d29e8ecb6fba1e2

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d052b00f604337982f11400c233e04ef6798307ed6fc09c37a9dd8d7388e19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://civitimeapp.com/
Referer: https://civitimeapp.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSjSisjAUOs92dC5A7yAGSyzSiKHPle3cf054EjAssOm5SgI5GBjMWH7%2Fbnx2fy4X2KcFalR4DgzsIOri9nzYG6Su7AYalDP9UtgX3b5kb7H0RKQGTX6o7HdySJnLTWSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Sun, 15 Dec 2024 16:50:15 GMT
x-hubspot-correlation-id: 667824d6-623e-4154-bd58-f793c66b49b3
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8f27ee7fbbb4ef0d-LHR
access-control-allow-origin: https://civitimeapp.com
content-length: 1374
server: cloudflare

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 561ms
147ms Preflight
text/plain 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://civitimeapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://civitimeapp.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8f27ee7ec82bef0d-LHR
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 15 Dec 2024 16:50:15 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOIQz0PExsHyqWewTTMcBRD0nKfxaGuSKdIUxkx2U7DfiBqRl0i5LYLk%2BYzO%2BssnW3I2rP2GsRjGat8tEmtKZn0RNkKZeWegLkskAWFy4xnwEWinKZd9CfsSDthv3n49qA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: 94e47f58-14e0-4a14-8a2d-d4bb95f91b83

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 6 B
349 B 456ms
46ms Fetch
text/plain 172.64.147.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/5260294.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61bc5a683625b3980e8f48b9141dfb2dfea199059f0df327c8e3a92bcb57f97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=1500
cf-ray: 8f27ee7f1e31ed14-LHR
access-control-allow-origin: *
content-length: 6
date: Sun, 15 Dec 2024 16:50:15 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/ 1 KB
1 KB 646ms
509ms Fetch
application/json 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3bfd4ab45c651e97c549e9ff87a799259a7ef58d4f27d0cf6c23891ac609cf2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: e40GeygzBwkJZRlyIw9IICVvtFX235T_
etag: W/"2d295db168f350a027fe949ccc207b48"
access-control-allow-methods: GET, HEAD
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6nehyGtOIF7yho1N0DsSLV7uO06PTgqbJUfoO0n1v0GXZocteMXF0Q==
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding
last-modified: Wed, 13 Nov 2024 21:25:54 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 113 B
991 B 557ms
140ms XHR
application/json 104.18.240.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5260294

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.240.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ab1d8b61ba3a9ece7e8aaa1014925adef100f7948988576d870f8b33bd8dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2YmIQxaijJgSq8%2BYvSUl%2Bj9n5IDiEJEfbEcVKjsYKqZX5mRPaYtHXwx6%2BzAdBWqGkMpCaVTsm8ckZ8qQ2RGCuGs0WITqNqPGjyKU9yVu2uQQHKfF3oCtmXt7bugLfAS"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Sun, 15 Dec 2024 16:50:16 GMT
x-hubspot-correlation-id: 7ec7d69c-6b26-4547-a2ff-3258eda16521
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8f27ee81fe1eef48-LHR
access-control-allow-origin: https://civitimeapp.com
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
95 KB 506ms
73ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G6TSZLVDTS

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d477c264ec98e63df6394a0b25c21e71414613fcff8f4d4ad15e07dd6be285bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 15 Dec 2024 16:50:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96247
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
786 B 497ms
70ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700;800;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

f02f532b9f12d29cb43acc91bbd652f32f470ead3b04af7cbd24d0fdcd4cdfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 16:50:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 16:44:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
903 B 490ms
63ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700;800;900&family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

b173945cdb00ab71af7f4e4b1e565d2541a8aba3030a9f659d1c1605bff2db09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 16:50:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 16:50:16 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1000 B 488ms
62ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700;800;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

8348c9f47980d99dab0da6abb0e504638f57e9d94ab07a2799a3316c321d6ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 16:50:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 16:50:16 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 903 B
505 B 496ms
69ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

208abf20aa1adf05c81a1aeeae7e1109619778b4f182313a82406a24c0884acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 16:50:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 16:33:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 404 config.json Show response
ct-campaigns.civitimeapp.com/clients/civitimeapp/ 127 B
972 B 828ms
108ms Fetch
application/xml 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/config.json?date=Sun%20Dec%2015%202024%2016:50:15%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkIQyK%2FQc0kXAvqWl2uUwehQIf71zaxqwua2wnN%2BiY0xQFcj%2FnIqvyZek%2F6t%2BxGazgvaIYSwlioKhAqneTzhIve6R5mkSTQxVi25BmeMhMW%2FE63zTFMtMuZ2dOAtWEP6wXQ5Nf9PB2pg3vTAhW%2BD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f27ee85af0f71b7-LHR
expires: Sun, 15 Dec 2024 16:50:16 GMT
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=5968&min_rtt=4242&rtt_var=4336&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3945&recv_bytes=2283&delivery_rate=1012950&cwnd=254&unsent_bytes=0&cid=453eeb35948e5310&ts=118&x=0"
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
x-guploader-uploadid: AFiumC5G2cKvCMAQXWoI7RIXqRT_nx4Mn4fQEWoaWPsLd6mA1hjJsUl42XJuKOKGpziLF9g0

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
451 B 611ms
176ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fct-next%2Fdatabases%2F(default)&VER=8&RID=6900&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.24.0%0D%0AContent-Type%3Atext%2Fplain%0D%0A&zx=yc56ur1oqfuz&t=1

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

efe62a603f811c03d379c509e23ecb975b8a406853ec5b318804491754c09dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

access-control-expose-headers: x-client-wire-protocol,x-http-session-id
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/plain; charset=utf-8
vary: origin
x-http-session-id: XUs5IrqndWtHluulXfkvbrJprriMfNGAqS55tLK_5xE
x-frame-options: SAMEORIGIN
cache-control: private
access-control-allow-credentials: true
x-client-wire-protocol: h2
access-control-allow-origin: https://civitimeapp.com
content-length: 71
x-xss-protection: 0
server: ESF

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 45ms
45ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: 7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age: 7581764
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: qJne8b4GKUuIcKg8yedaaYadDbJqRfji6hEg4Kqc6WZmSxHaIHMsUQ==
date: Wed, 18 Sep 2024 22:47:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 343f10c14a24beceec4fd2e9df6f9a50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 2b88f07f976644b58d29e8ecb6fba1e2
app.hubspot.com/conversations-visitor/5260294/threads/utk/ Frame DB58 0
0 751ms
344ms Document
text/html 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/5260294/threads/utk/2b88f07f976644b58d29e8ecb6fba1e2?uuid=4909ace685c84787941abb3beb98746c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=civitimeapp.com&inApp53=false&messagesUtk=2b88f07f976644b58d29e8ecb6fba1e2&url=https%3A%2F%2Fcivitimeapp.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://civitimeapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 357
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8f27ee849c3594de-LHR
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.21761/html/index.html&cfRay=8f27ee849c3594de&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F5260294%2Fthreads%2Futk%2F2b88f07f976644b58d29e8ecb6fba1e2%3Fuuid%3D4909ace685c84787941abb3beb98746c%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dcivitimeapp.com%26inApp53%3Dfalse%26messagesUtk%3D2b88f07f976644b58d29e8ecb6fba1e2%26url%3Dhttps%253A%252F%252Fcivitimeapp.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fcivitimeapp.com%2F&cfenv=prod&pdt=2024-12-15&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 15 Dec 2024 16:50:16 GMT
etag: W/"ba2f00ddefc26fc179bbea05a7bb2f53"
last-modified: Fri, 13 Dec 2024 15:54:36 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8f27ee849c3594de&resource=conversations-visitor-ui/static-1.21761/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-amz-cf-id: tlojU6rd5-G3DhL_LvvMIrCRNPze8QMFsb8MUaFq_9GI2cLsqeOUpQ==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: gOX1rNA.Zt9Nkfp_vYbKd.m.8.kAWH46
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-jr57s
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.21761/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: bbc27a2c-ad37-476e-ae4e-bd00ac0da4fb
x-request-id: bbc27a2c-ad37-476e-ae4e-bd00ac0da4fb

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 60ms
60ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/D1t7HKFZsjGikoTYtye3OjTUAX0t2DtR/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age: 7745926
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: NONPQ3lNIo7Fl2mQSjIWcH__m8O85GmBvPjLqXjHWJmfaJt9BYgErw==
date: Tue, 17 Sep 2024 01:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 343f10c14a24beceec4fd2e9df6f9a50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 769ms
337ms Fetch
application/json 54.69.251.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.251.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-251-6.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://civitimeapp.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://civitimeapp.com
content-length: 21
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/json
vary: Origin

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 2 KB
1006 B 549ms
97ms Script
application/javascript 184.24.77.18
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a184-24-77-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: max-age=15282
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 796
date: Sun, 15 Dec 2024 16:50:16 GMT
last-modified: Mon, 02 Dec 2024 19:28:43 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 459ms
52ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G6TSZLVDTS&gtm=45je4cc1v9180053770za200&_p=1734281415774&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1636756622.1734281416&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734281416&sct=1&seg=0&dl=https%3A%2F%2Fcivitimeapp.com%2F&dt=Hub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2153
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://civitimeapp.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 953 B
425 B 131ms
131ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fct-next%2Fdatabases%2F(default)&gsessionid=XUs5IrqndWtHluulXfkvbrJprriMfNGAqS55tLK_5xE&VER=8&RID=rpc&SID=dDhifaC3SYgWVLfkSvgC-Q&CI=1&AID=0&TYPE=xmlhttp&zx=73wi38xgxua4&t=1

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

63616b0bb74f4fdd39daa4e535b0c7e1337672fbc3c9045e417dd765abcab49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-debug-tracking-id: 16532362180691375186;o=0
cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: Referer, origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
98 B 69ms
68ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fct-next%2Fdatabases%2F(default)&VER=8&gsessionid=XUs5IrqndWtHluulXfkvbrJprriMfNGAqS55tLK_5xE&SID=dDhifaC3SYgWVLfkSvgC-Q&RID=6901&AID=6&zx=lhmyohmxhag0&t=1

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
95 B 75ms
75ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
95 B 75ms
75ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
95 B 75ms
75ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
95 B 76ms
76ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
95 B 76ms
75ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 782ms
54ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://civitimeapp.com
Referer: https://fonts.googleapis.com/

Response headers

age: 240064
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 22:09:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 22:09:13 GMT
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48336
x-xss-protection: 0
server: sffe

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
95 B 74ms
72ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 708 B
220 B 82ms
82ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

570fccd80387d0fac7701b8c4058f30505a159de0c5310a459790c269fb0370f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 93ms
93ms Script
application/javascript 184.24.77.18
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a184-24-77-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: max-age=81321
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sun, 15 Dec 2024 16:50:16 GMT
last-modified: Mon, 02 Dec 2024 10:13:56 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 3 KB
536 B 58ms
58ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

d82ea3708fa228852360d51d20f2f4e3f7a814c2c427a351fac8e14b9f385577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 / Show response
o1132310.ingest.sentry.io/api/6183615/envelope/ 41 B
336 B 167ms
43ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1132310.ingest.sentry.io/api/6183615/envelope/?sentry_key=2a6bb05b30614aac9d28ba50edc3f563&sentry_version=7

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

eb2011c2862064c0c958a9997c1d3ebe0335f7acc87af75035aabb80d68ffbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://civitimeapp.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
1 KB 598ms
161ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=477105&time=1734281416782&url=https%3A%2F%2Fcivitimeapp.com%2F
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://civitimeapp.com/

Response headers

content-encoding: gzip
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
access-control-allow-methods: GET, OPTIONS
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: application/json
access-control-allow-headers: *
x-li-pop: afd-prod-ltx1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-fs-uuid: 00062951dbd18642f53256fea312bc5a
x-msedge-ref: Ref A: C6A34AD1CA1E47E38E165A97484E9BF6 Ref B: LTSEDGE1011 Ref C: 2024-12-15T16:50:17Z
x-restli-protocol-version: 1.0.0
x-li-uuid: AAYpUdvRhkL1Mlb+oxK8Wg==
access-control-allow-origin: *

GET
H2 200 collect
px.ads.linkedin.com/ 0
667 B 594ms
158ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=477105&time=1734281416782&url=https%3A%2F%2Fcivitimeapp.com%2F
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B5E7E7192DC144BCBB69D0FC747A1EA5 Ref B: LTSEDGE1820 Ref C: 2024-12-15T16:50:17Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYpUdvRgxXprmn+W5ijnQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/javascript

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
99 B 59ms
57ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

9b8216f7800605cdbadca83d030568ba75d33a636652edbe98f1e4d9f184cdf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 fr.json Show response
ct-campaigns.civitimeapp.com/texts/ 69 KB
19 KB 155ms
154ms Fetch
application/json 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/texts/fr.json?date=Sun%20Dec%2015%202024%2016:50:16%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e964273bb5b8ef44c5938fe8bf195c90b1b8b32168c5679aec5b86bcd85f00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=8ZaqXQ==, md5=wcxtSk7uSPZ4Go0rKkwSsw==
cf-cache-status: DYNAMIC
etag: W/"c1cc6d4a4eee48f6781a8d2b2a4c12b3"
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUSGVZ3mjC3ePBxBn01hcthWOunkcMCunX5rfzAivquwTzGhnenVzlYP1ottS2rKO%2B%2B0cHjsWoc%2F0pppvYGTp%2FPLB5lH7CGytvDry8vGV24jIY%2FvPJijYFIFAbEfBpUKmeM%2F7YQ%2FYafdT3nzeTFr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sun, 15 Dec 2024 17:50:16 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 70353
server-timing: cfL4;desc="?proto=TCP&rtt=5758&min_rtt=4227&rtt_var=3674&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4983&recv_bytes=2401&delivery_rate=1022647&cwnd=257&unsent_bytes=0&cid=453eeb35948e5310&ts=380&x=0"
date: Sun, 15 Dec 2024 16:50:16 GMT
content-type: application/json
last-modified: Mon, 29 Jan 2024 14:28:03 GMT
content-disposition: inline; filename*=utf-8''fr.json
x-guploader-uploadid: AFiumC5eTW2EvNn4mCjpytVOhr2GUvkBVpnbWCYQ7NUroFpWLu7kIgq9jE1CxLyUHIfj0HEb7YGQ8sk
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-firebasestoragedownloadtokens: 23baa480-e10f-4f9f-a958-430456e4a3b0
cf-ray: 8f27ee86f8ec71b7-LHR
access-control-allow-origin: *
x-goog-generation: 1706538483568322
server: cloudflare

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
96 B 92ms
91ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

9b8216f7800605cdbadca83d030568ba75d33a636652edbe98f1e4d9f184cdf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
96 B 92ms
91ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

9b8216f7800605cdbadca83d030568ba75d33a636652edbe98f1e4d9f184cdf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
96 B 92ms
91ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

9b8216f7800605cdbadca83d030568ba75d33a636652edbe98f1e4d9f184cdf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 1 KB
406 B 72ms
72ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

6fb38627f9842669c8ff449901a39e010dc439fd76eab6764e557ca3fca9ba9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 127 B
201 B 73ms
69ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

b8a27a29c1c2cc7e5f8c1e7caa970a5c4144b7ff2c6d95b69dd5343b5eb07472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
96 B 72ms
69ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

641083d92f2589262bf5feb443cc0b146a5962c9ec55ca0c2a5ac59a4fb17a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://civitimeapp.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sun, 15 Dec 2024 16:50:16 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 404 fr.json Show response
ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/ 127 B
671 B 82ms
82ms Fetch
application/xml 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/fr.json?date=Sun%20Dec%2015%202024%2016:50:16%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAtkmniIHwOnHNEBaPIOt%2FUhf7F7KE3HEigkewFQx6GgQg0Ie0OrJAns7ATalIb8CadngOLkS8RGSUNGuIVlYQwx11pNN%2B1bQwigGUsgAhuG2CqHmW6k2tCjwckwGeAtd9mPtsMtNp0Q3pBWvbgn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f27ee880a4971b7-LHR
expires: Sun, 15 Dec 2024 16:50:17 GMT
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=5442&min_rtt=4227&rtt_var=1138&sent=29&recv=18&lost=0&retrans=0&sent_bytes=24650&recv_bytes=2537&delivery_rate=1587819&cwnd=257&unsent_bytes=0&cid=453eeb35948e5310&ts=470&x=0"
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
x-guploader-uploadid: AFiumC7ammYaEUUuSW8XyaTU0QlWMXWWEE0vD41MVzdTD3FnvUXSB3JmARZ1kp0PuaIlGt41iYbK16A

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 18 B
0 67ms
67ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:17 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 404 fr.json Show response
ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/hub/ 127 B
867 B 81ms
79ms Fetch
application/xml 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/hub/fr.json?date=Sun%20Dec%2015%202024%2016:50:17%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLQgta2BVjvTvmDpkb6D4NlNywWD66ajXEX%2BIXPz%2F8GkqK1FzSlKVT7nsxDCO28hDpolMYKAO3bgFyjbP8xOuiGbf%2FVTIC1F6MQNvDS6npP6abrye6nM0tkozihnxawrIi5zKSYzlPiztb7PM8St"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f27ee889b0f71b7-LHR
expires: Sun, 15 Dec 2024 16:50:17 GMT
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=5869&min_rtt=4227&rtt_var=1709&sent=33&recv=20&lost=0&retrans=0&sent_bytes=25387&recv_bytes=2676&delivery_rate=1587819&cwnd=257&unsent_bytes=0&cid=453eeb35948e5310&ts=557&x=0"
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
x-guploader-uploadid: AFiumC4F7cYqVuutyOGza1cd0H9gSzwb-RE_f6tlg1ecRvQGfRAzztEYacj1-tFCQoL-yTGQbkGzpaA

GET
H2 404 fr.json Show response
ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/hub/quotes/ 127 B
630 B 86ms
84ms Fetch
application/xml 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/hub/quotes/fr.json?date=Sun%20Dec%2015%202024%2016:50:17%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMI%2F1z%2BzYUzypuCQC5T6USKsOhr6AkhhDZq6mX2acQt8JTBTlLWDUQhVU7Vn3wkIvpXazNp2YhC4bhveK7S87s2sxfKfFSP4AplyCVSMMxS0REOyI%2FV5sI9FubA880jKWfEwl04orSF7417HVGS%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f27ee891b7e71b7-LHR
expires: Sun, 15 Dec 2024 16:50:17 GMT
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=5703&min_rtt=4227&rtt_var=1612&sent=36&recv=22&lost=0&retrans=0&sent_bytes=26320&recv_bytes=2820&delivery_rate=1587819&cwnd=257&unsent_bytes=0&cid=453eeb35948e5310&ts=648&x=0"
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
x-guploader-uploadid: AFiumC7yCV1mOTuDMBdTDmy2FtQXXyX0LlHktjwtLYdzUYwYdXjvESNGxNdDa7cj5CrmXSzElM7pYx0

GET
H2 200 fr.json Show response
ct-campaigns.civitimeapp.com/hub/default-quotes/ 2 KB
2 KB 149ms
145ms Fetch
application/json 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/hub/default-quotes/fr.json?date=Sun%20Dec%2015%202024%2016:50:17%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c256352d7ac219d821ed57a47eac80a4593857a2621a2d84a0790dbb72dd2d4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=E6t5mw==, md5=d/nVDCzZKzzMj7FurMlpWw==
cf-cache-status: DYNAMIC
etag: W/"77f9d50c2cd92b3ccc8fb16eacc9695b"
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtnaQEhptO3jrTC90vBplQegEsL19muW2AdgCiBgHtopAK9vwnedp7Jw6ISvt3LNnkdXqUU0lyuqZqQhiTsoy010%2Fyrd6bOyqMYoeYDGGv7gP%2BAXki0VIgzj7KhK7oXkH%2FvJjS9r5iDQ8S8o5Wl6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sun, 15 Dec 2024 17:50:17 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 1551
server-timing: cfL4;desc="?proto=TCP&rtt=7175&min_rtt=4227&rtt_var=4286&sent=40&recv=25&lost=0&retrans=0&sent_bytes=27016&recv_bytes=2947&delivery_rate=1587819&cwnd=257&unsent_bytes=0&cid=453eeb35948e5310&ts=800&x=0"
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: application/json
last-modified: Wed, 19 Oct 2022 14:08:56 GMT
content-disposition: inline; filename*=utf-8''fr.json
x-guploader-uploadid: AFiumC7ZMWftUb-wUr49tOArkNBzyWTpyLOCPOAlz0By9t9B_sj1iPq3PjISb3wOM1JC_lc6v22W1LU
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-firebasestoragedownloadtokens: b44b545a-4c51-4e0e-8317-6b0acf40ab01
cf-ray: 8f27ee89ac1071b7-LHR
access-control-allow-origin: *
x-goog-generation: 1666188536873160
server: cloudflare

GET
H2 200 fr.json Show response
ct-campaigns.civitimeapp.com/hub/ 34 KB
10 KB 149ms
148ms Fetch
application/json 172.67.167.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct-campaigns.civitimeapp.com/hub/fr.json?date=Sun%20Dec%2015%202024%2016:50:17%20GMT+0000%20(Greenwich%20Mean%20Time)
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbbc4039aa80aa2c58558f9f67e9556fc8714bb88ce42f6b30b640e3f16f04d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=Be74Xw==, md5=vS9LkRPvcs3+2HMNbAT/jA==
cf-cache-status: DYNAMIC
etag: W/"bd2f4b9113ef72cdfed8730d6c04ff8c"
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRM57ExIRszphJqwHCCtzEfdLPWPHyV3V7mbfb0qnR9SEdeKY%2FMMB3wnFTsBBlivw7B4zmnzmtcWdNAMBAa%2B3xFH%2Fkw3CkeKYX0CeBJMyoXu94vsZbLbOVtbAVMqKPo6bxh9cAmFL4VJwcCCHvPQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sun, 15 Dec 2024 17:50:17 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 34512
server-timing: cfL4;desc="?proto=TCP&rtt=6815&min_rtt=4210&rtt_var=3933&sent=44&recv=27&lost=0&retrans=0&sent_bytes=28729&recv_bytes=3064&delivery_rate=1587819&cwnd=257&unsent_bytes=0&cid=453eeb35948e5310&ts=950&x=0"
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: application/json
last-modified: Wed, 04 Sep 2024 13:40:46 GMT
content-disposition: inline; filename*=utf-8''fr.json
x-guploader-uploadid: AFiumC6VeF3nzXkvs4K19sKSp7rTWkmxi8p6PzckzvEe_K0bOZBFvkBWp6PbybfzFhQl1rUl2lFgZLk
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-firebasestoragedownloadtokens: 945297a0-0b14-42e8-8b1c-55481245269e
cf-ray: 8f27ee8a9d3871b7-LHR
access-control-allow-origin: *
x-goog-generation: 1725457246670465
server: cloudflare

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 161ms
159ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://civitimeapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0869BDAC658C40D6AFE2C8C8F2D0F2F5 Ref B: LTSEDGE1820 Ref C: 2024-12-15T16:50:17Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYpUdvT/dUT3F5Shau97A==
x-li-proto: http/2
access-control-allow-origin: https://civitimeapp.com
x-cache: CONFIG_NOCACHE
date: Sun, 15 Dec 2024 16:50:16 GMT
vary: Origin

GET
H2 200 5260294.js Show response
js-na1.hs-scripts.com/ 3 KB
1 KB 1587ms
205ms Script
application/javascript 104.16.139.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/5260294.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1647530100000/5260294.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2368abd92a9e5339ecb9c92a70e5a950ad179df8d802adf4609a3bb64b3c2126

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8f27ee94180ecd4a-LHR
accept-ranges: bytes
access-control-allow-origin: https://civitimeapp.com
content-length: 697
date: Sun, 15 Dec 2024 16:50:19 GMT
x-hubspot-correlation-id: 6b974d2d-2303-4742-afeb-265a9cb4bfe6
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
server: cloudflare
last-modified: Sun, 15 Dec 2024 16:50:19 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
921 B 1602ms
220ms Image
image/gif 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-gb&bfp=3511443875&v=1.1&a=5260294&pu=https%3A%2F%2Fcivitimeapp.com%2F&t=Hub&cts=1734281417493&vi=ecd8804d246681150f3337c50560f08d&nc=true&u=214442952.ecd8804d246681150f3337c50560f08d.1734281417491.1734281417491.1734281417491.1&b=214442952.1.1734281417491&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-robots-tag: none
x-request-id: 28d1ebf2-f7d4-4b9e-936b-d16f96d833d4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsYem5Q4%2F2e76g6KpEhs9IVPseEQnlgD9Yxf1Uz1AKRy0EzW27NW2wvIUKXAx2g%2BErqdslEdFk9oRWhczzuwIComcf%2Fjxj%2FYLbkhfjJ%2BofA1HZvo0nPbu6M445e3%2Bp2oe4ac"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Sun, 15 Dec 2024 16:50:19 GMT
x-hubspot-correlation-id: 28d1ebf2-f7d4-4b9e-936b-d16f96d833d4
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-rkp6r
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8f27ee941c1ccd64-LHR
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 favicon.ico
civitimeapp.com/ 1 KB
722 B 26ms
25ms Other
image/x-icon 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://civitimeapp.com/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0891375e2d02fa810a01ee6aff5b5c189628899ad7c4d03cf7687862570114ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "500b4b4661f25f7506f93fa6c3aa687247ded9c4d8afb849a21379a4c9423085-br"
x-timer: S1734281418.507206,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 404
date: Sun, 15 Dec 2024 16:50:17 GMT
content-type: image/x-icon
last-modified: Thu, 21 Nov 2024 10:44:51 GMT
x-served-by: cache-lcy-eglc8600037-LCY
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 170ms
159ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5260294&utk=ecd8804d246681150f3337c50560f08d&__hstc=214442952.ecd8804d246681150f3337c50560f08d.1734281417491.1734281417491.1734281417491.1&__hssc=214442952.1.1734281417491&currentUrl=https%3A%2F%2Fcivitimeapp.com%2F

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c721770c036ad8dd1202667612a69e968331fc90f721cb8c13869f01ab07b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: e8bfcb13-dadd-4b0f-a646-33e211dec438
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgEnfLfCDmFgyHRRQDyQle%2BM%2FxwgYXSdSQ31qBBn%2BkoOgJRVGaFFinRMfMA00C7uDtBGsU8mHqTUVTOPVg%2F4d7jhGWlD5HWmC63F4ica5OcbbJwXZaRARJ4WYvO08BL7nORo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener: listener_https
date: Sun, 15 Dec 2024 16:50:17 GMT
x-hubspot-correlation-id: e8bfcb13-dadd-4b0f-a646-33e211dec438
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-btm5z
x-envoy-upstream-service-time: 20
access-control-allow-credentials: false
cf-ray: 8f27ee8c2a5cef0d-LHR
access-control-allow-origin: https://civitimeapp.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 84 KB
25 KB 177ms
168ms Script
application/javascript 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5260294.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://civitimeapp.com
Referer: https://civitimeapp.com/

Response headers

x-request-id: acc5717f-38f0-4b54-870d-b2831c583a1f
content-encoding: gzip
cf-cache-status: MISS
x-amz-version-id: _83IngeMtzUuERab6QgcByX86005NyG0
etag: W/"03686003e4860757c17ae65c11ab8ea4"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Krt8JxWvHfo%2FnagXNjn1zeUW5M6cs48wWvWI6ir7iBqFs6GaR4mRQW6uvxXQ0bKAX2iL3T1nhvvvx4pombM03j%2BDwIVrudMdSdo0vwQBQ5LrTQ0xw4fP66%2F0TOWCAH%2BW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: Iy6OfjWj4SoJTWx5mN6fBoiT6Y3pjwyqL-3_81bdyNb_OjgPw2_zFw==
x-hubspot-correlation-id: acc5717f-38f0-4b54-870d-b2831c583a1f
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 12:10:35 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-zzrjc
x-envoy-upstream-service-time: 32
x-hs-target-asset: web-interactives-embed/static-2.1996/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Sun, 15 Dec 2024 16:50:19 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1996/bundles/project.js&cfRay=8f27ee957f30ef0d-CDG
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-ray: 8f27ee957f30ef0d-LHR
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1 KB 154ms
145ms Fetch
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5260294&currentUrl=https%3A%2F%2Fcivitimeapp.com%2F&utk=ecd8804d246681150f3337c50560f08d&__hstc=214442952.ecd8804d246681150f3337c50560f08d.1734281417491.1734281417491.1734281417491.1&__hssc=214442952.1.1734281417491

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: c9efb074-a68f-4db1-9261-1aeb27a9b517
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feDk9Tk9%2FVOhamnkoc8YO7g44G5kDR5t%2Bj4g42H2bPqQaoEYMxbjI2cGBLI0eiqLMuve%2FQLVyxLK4cHcmrSESX8soFHUQN6fgSeeJQP2kmBQloF2JMgkgIhLCNq6J63f4l3OEhoZGzsB4lyofEc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Sun, 15 Dec 2024 16:50:19 GMT
x-hubspot-correlation-id: c9efb074-a68f-4db1-9261-1aeb27a9b517
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-g6ppr
x-envoy-upstream-service-time: 9
access-control-allow-credentials: true
cf-ray: 8f27ee96bbe8ef0d-LHR
access-control-allow-origin: https://civitimeapp.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 953ms
238ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

x-robots-tag: none
x-request-id: 914d4cd6-0516-42bc-8bbd-706350d8b291
access-control-expose-headers: X-Origin-Hublet
CF-Cache-Status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
Date: Sun, 15 Dec 2024 16:50:20 GMT
x-hubspot-correlation-id: 914d4cd6-0516-42bc-8bbd-706350d8b291
Content-Type: image/gif
vary: origin, Accept-Encoding
Last-Modified: Sun, 15 Dec 2024 16:50:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
Cache-Control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-dnfkd
x-envoy-upstream-service-time: 2
Connection: keep-alive
access-control-allow-credentials: false
CF-RAY: 8f27ee9c6b719565-LHR
Accept-Ranges: bytes
x-evy-trace-route-configuration: listener_https/all
Content-Length: 35
Server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 33ms
32ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G6TSZLVDTS&gtm=45je4cc1v9180053770za200&_p=1734281415774&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1636756622.1734281416&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1734281416&sct=1&seg=0&dl=https%3A%2F%2Fcivitimeapp.com%2F&dt=Hub&en=connexion&_ee=1&ep.clients=civitimeapp&_et=2&tfd=7158
Requested by: Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://civitimeapp.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:21 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 18 B
0 77ms
77ms XHR
text/plain 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: civitimeapp.com
URL: https://civitimeapp.com/149.30053d3e0be17ea3ec59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://civitimeapp.com/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://civitimeapp.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 16:50:22 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
civitimeapp.com/	1970-01-21 06:18:17	Name: axeptio_cookies Value: {%22$$token%22:%22uv5e48teupszqdj06wwgr%22%2C%22$$date%22:%222024-12-15T16:50:14.953Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
civitimeapp.com/	1970-01-21 06:18:17	Name: axeptio_authorized_vendors Value: %2C%2C
civitimeapp.com/	1970-01-21 06:18:17	Name: axeptio_all_vendors Value: %2C%2C
.usemessages.com/	1970-01-21 01:44:43	Name: __cf_bm Value: KKtlDJ0EQqwqRnOE2hE.uXbl.560lArTT568_M3Gzik-1734281415-1.0.1.1-N.9mrFsIu2L6OxYzjz33.fw6PsUllrBupc2p6VjfHVWahG8spL7J5hRou8O30Q5n5GvFmbT6UThJDIS1r3ArDA
.hsadspixel.net/	1970-01-21 01:44:43	Name: __cf_bm Value: eUfK0npOrVW2E7LHJSez9_czaEo4030NVtJER4oY1io-1734281415-1.0.1.1-3tje7Bu9q4gR27aIJX.TXTfV1gHCZlOiJeFfmn2CzHttGB0iHljepYQr07mb.QQHWe2JqTGosK.Ny_TKrCE4hg
.hs-banner.com/	1970-01-21 01:44:43	Name: __cf_bm Value: re2GiMhPH8Ay9Q88KVtRqnahs.7bvtw1SA_rZaLgur0-1734281415-1.0.1.1-FqV_jvW64NbVRB1o5l0lswj8MJGGZ26HxeIX4rJFi84SbS18aM1_aAG4RIVrFZLbDJ9tDs7GCau.k8CHMgS94g
.hs-analytics.net/	1970-01-21 01:44:43	Name: __cf_bm Value: .pZEukHnEoyq4nvhPdryq1npcLzXHVwHCmuQDX6_GgU-1734281415-1.0.1.1-CWnILO9DZvc045.dvrCyp68LbmJ_P5i5h212BoQfsa.hbygztNwKMkXcu8tELoSKC61t2YtRE88lgmI9DLU2aQ
.civitimeapp.com/	1970-01-21 10:30:17	Name: ajs_anonymous_id Value: 41ecc83d-6118-459d-ba74-b30d7019aa2e
.civitimeapp.com/	1970-01-21 11:20:41	Name: _ga Value: GA1.1.1636756622.1734281416
.civitimeapp.com/	1970-01-21 11:20:41	Name: _ga_G6TSZLVDTS Value: GS1.1.1734281416.1.0.1734281416.0.0.0
.hsappstatic.net/	1970-01-21 01:44:43	Name: __cf_bm Value: f_qUsAGmQJe_JaNn2t8w2N9EdsyivR6EVGjDDaZWIic-1734281417-1.0.1.1-5d0xHrn9uKv8i1UUNjZm.trt9jtrJJOCDNcmksH5mql8ZUR0kT3un_rtyOVE8Y_j14DGWFuBWIJXz4KuVpcOqA
.linkedin.com/	1970-01-21 10:30:17	Name: bcookie Value: "v=2&a8ae192f-8644-4af7-8d69-d53b867c3bb8"
.linkedin.com/	1970-01-21 06:03:53	Name: li_gc Value: MTswOzE3MzQyODE0MTc7MjswMjHt/w42UlFbN0/Lp7qWSWQB0STe1EQN8w/71vAbEqmHkg==
.linkedin.com/	1970-01-21 01:46:07	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2931:u=1:x=1:i=1734281417:t=1734367817:v=2:sig=AQF5KRlhGwdY2mp1kIr5gSYuYLq8FApX"
.civitimeapp.com/	1970-01-21 06:03:53	Name: __hstc Value: 214442952.ecd8804d246681150f3337c50560f08d.1734281417491.1734281417491.1734281417491.1
.civitimeapp.com/	1970-01-21 06:03:53	Name: hubspotutk Value: ecd8804d246681150f3337c50560f08d
.civitimeapp.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.civitimeapp.com/	1970-01-21 01:44:43	Name: __hssc Value: 214442952.1.1734281417491
.civitimeapp.com/	1970-01-21 06:03:53	Name: messagesUtk Value: 2b88f07f976644b58d29e8ecb6fba1e2
.hubspot.com/	1970-01-21 01:44:43	Name: __cf_bm Value: SBqkzbzBTiV5ZHU_ITgs.CL4tjIbEBchv_j8VIY7TpM-1734281417-1.0.1.1-_Zd9LBct.p33K.Wl2ENb4RmYE3r2XGeUxLmbGEKxHP6oD15PP6HLcNdqb_Y4lSu_Z9RbrE32CNA1MRDxucSocg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 4MpCo7hLoKjhKW1j4aSRE0VUnVnAP9yq9V.vPWVvu2g-1734281417788-0.0.1.1-604800000
.hs-scripts.com/	1970-01-21 01:44:43	Name: __cf_bm Value: uDdkG0uokolYK6yWLGROq4FlkTSDEwWLaDD4l5csdPU-1734281419-1.0.1.1-rGPs1DGP0GEcJb_XJ67Lm9n2Mf3LsFk0Qy4RK7SBY64e6cVZDQOMci_POFkwi0J0PP7BkO8rJ1AmH1cGYKj8cA
.hsforms.com/	1970-01-21 01:44:43	Name: __cf_bm Value: 6FZRx2oznV4zLyUdndU4aez025cVGbPJkU2dKSQZOcQ-1734281420-1.0.1.1-8wr3TXx1LyTGNK12bYUIs.QdFQXTmRetiaQn3AU2UQmO7oTaqLMHSFzfCEbxJCgvg87XFI9XFmPOCgCnypi7xg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: E4l0qozH3r8WSoELj19zbw2Ew4b_2RH7pWN.4lEfsec-1734281420390-0.0.1.1-604800000

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/config.json?date=Sun%20Dec%2015%202024%2016:50:15%20GMT+0000%20(Greenwich%20Mean%20Time) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/fr.json?date=Sun%20Dec%2015%202024%2016:50:16%20GMT+0000%20(Greenwich%20Mean%20Time) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/hub/fr.json?date=Sun%20Dec%2015%202024%2016:50:17%20GMT+0000%20(Greenwich%20Mean%20Time) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ct-campaigns.civitimeapp.com/clients/civitimeapp/texts/custom/hub/quotes/fr.json?date=Sun%20Dec%2015%202024%2016:50:17%20GMT+0000%20(Greenwich%20Mean%20Time) Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://civitimeapp.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
api.segment.io
app.hubspot.com
cdn.segment.com
civitimeapp.com
client.axept.io
ct-campaigns.civitimeapp.com
cta-service-cms2.hubspot.com
firestore.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
mf-cc-prod.civitimeapp.com
mf-mg-prod.civitimeapp.com
o1132310.ingest.sentry.io
perf-na1.hsforms.com
px.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
static.axept.io
track.hubspot.com
www.googletagmanager.com
104.16.117.116
104.16.118.116
104.16.139.209
104.16.160.168
104.16.78.142
104.17.223.152
104.18.139.17
104.18.240.108
104.18.80.204
13.107.42.14
13.35.58.120
13.35.58.148
142.250.181.234
142.250.184.227
142.250.185.138
142.250.74.200
172.64.147.16
172.67.167.146
18.244.18.97
184.24.77.18
199.36.158.100
216.239.32.36
34.120.195.249
54.69.251.6
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
070a3902c86cb9ab3a235c77ab5b0caa3b7746eec67ece570b36728b6ba95c50
0891375e2d02fa810a01ee6aff5b5c189628899ad7c4d03cf7687862570114ad
1155ed9ca31c556f59333311735ad0643521ac02edd104215164897b31be5e9f
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1d0cd83cc40638e56d32cb3071c2c0190ddc0a43231ea8274b83644587eb520a
1da40941a09c79b847b822c8bcf139043ed8212b206a9bc4ad620bce4c91233f
208abf20aa1adf05c81a1aeeae7e1109619778b4f182313a82406a24c0884acb
2368abd92a9e5339ecb9c92a70e5a950ad179df8d802adf4609a3bb64b3c2126
2b962bc34a0f8cd23d8210b38a671211671ce89c8f82550968f1269950fefa9d
2c721770c036ad8dd1202667612a69e968331fc90f721cb8c13869f01ab07b4e
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
50e964273bb5b8ef44c5938fe8bf195c90b1b8b32168c5679aec5b86bcd85f00
570fccd80387d0fac7701b8c4058f30505a159de0c5310a459790c269fb0370f
63616b0bb74f4fdd39daa4e535b0c7e1337672fbc3c9045e417dd765abcab49e
641083d92f2589262bf5feb443cc0b146a5962c9ec55ca0c2a5ac59a4fb17a21
674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fb38627f9842669c8ff449901a39e010dc439fd76eab6764e557ca3fca9ba9a
7da57a437a999e2503178063a85ca9557211686f50d7671db0142a2ceb3095d2
805b0681c2bfc4efbcc9f7b089e5b3cc6f61711b48cc8a03541c28d5a6e98939
8348c9f47980d99dab0da6abb0e504638f57e9d94ab07a2799a3316c321d6ac7
85ab1d8b61ba3a9ece7e8aaa1014925adef100f7948988576d870f8b33bd8dfc
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a8499608f9deceaddebc2ec4250f55be7d3257667ee01f225ff3ef2131ca76a
8d052b00f604337982f11400c233e04ef6798307ed6fc09c37a9dd8d7388e19b
9b8216f7800605cdbadca83d030568ba75d33a636652edbe98f1e4d9f184cdf0
a8ab60012ecbcc60875ced34708e8aad25cf965826ba3daa44b2d863f97e8965
adb47da9673f09d9d882537feaf936373bac4eea79fd7dea2f953602b5601d18
b173945cdb00ab71af7f4e4b1e565d2541a8aba3030a9f659d1c1605bff2db09
b3bfd4ab45c651e97c549e9ff87a799259a7ef58d4f27d0cf6c23891ac609cf2
b8a27a29c1c2cc7e5f8c1e7caa970a5c4144b7ff2c6d95b69dd5343b5eb07472
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
c256352d7ac219d821ed57a47eac80a4593857a2621a2d84a0790dbb72dd2d4d
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
c86803a462b3f72fa02a9b1edb10a6c1bfa27bf757ad9f83affd8e1aa0d294ac
cbc9356e752ad2ec816689d39f6bc3c275294782b19934c54a20aea7580e4e58
d477c264ec98e63df6394a0b25c21e71414613fcff8f4d4ad15e07dd6be285bf
d61bc5a683625b3980e8f48b9141dfb2dfea199059f0df327c8e3a92bcb57f97
d82ea3708fa228852360d51d20f2f4e3f7a814c2c427a351fac8e14b9f385577
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eb69fdbd0d30e262424ef2fb86ab51cff522228031534008983420aae2cf1d
e7faee0bfa4e7fd212c29c04a1766046dbf05865df216de46b9489bb61e7f530
eb2011c2862064c0c958a9997c1d3ebe0335f7acc87af75035aabb80d68ffbf6
efe62a603f811c03d379c509e23ecb975b8a406853ec5b318804491754c09dbd
f01cbdec861837f70b306dc0c1638b08f1553b6c92b71ce1e6f6fad92fdf3b46
f02f532b9f12d29cb43acc91bbd652f32f470ead3b04af7cbd24d0fdcd4cdfb7
fbbc4039aa80aa2c58558f9f67e9556fc8714bb88ce42f6b30b640e3f16f04d0

civitimeapp.com Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

0 %IPv6

20 Domains

30 Subdomains

24 IPs

3 Countries

2357 kBTransfer

11921 kBSize

24 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

civitimeapp.com Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

0 %
IPv6

20
Domains

30
Subdomains

24
IPs

3
Countries

2357 kB
Transfer

11921 kB
Size

24
Cookies

71 HTTP transactions
0 data transactions