www.civilianhotel.com Open in urlscan Pro
13.68.180.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.civilianhotel.com/
Effective URL:
https://www.civilianhotel.com/
Submission: On February 20 via api (February 20th 2024, 12:46:52 am UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 74 HTTP transactions. The main IP is 13.68.180.169, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.civilianhotel.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on June 4th 2023. Valid for: a year.

This is the only time www.civilianhotel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	13.68.180.169 13.68.180.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	44.240.80.5 44.240.80.5	16509 (AMAZON-02) (AMAZON-02)
1 12	2606:4700:e4:... 2606:4700:e4::ac40:ac0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::60 2620:1ec:46::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	45.60.155.144 45.60.155.144	19551 (INCAPSULA) (INCAPSULA)
9	52.217.82.254 52.217.82.254	() ()
3	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100::213:c669	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	45.60.243.22 45.60.243.22	19551 (INCAPSULA) (INCAPSULA)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
3	2606:4700:e4:... 2606:4700:e4::ac40:ad0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.65.182 151.101.65.182	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
74	26

13 13.68.180.169 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: iws-04.ideawork.com

www.civilianhotel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.80.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-80-5.us-west-2.compute.amazonaws.com

contact-api.inguest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:e4::ac40:ac0d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeted-messages.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

10814658.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.155.144 (United States)

ASN19551 (INCAPSULA, US)

services.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.217.82.254 (Ashburn, United States)

ASN- ()
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::213:c669 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

download-video.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.243.22 (United States)

ASN19551 (INCAPSULA, US)

services-p1.synxis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

messages.guest-experience.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:ad0d (United States)

ASN13335 (CLOUDFLARENET, US)

api.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.182 (United States)

ASN54113 (FASTLY, US)

static.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	triptease.io 1 redirects onboard.triptease.io — Cisco Umbrella Rank: 33183 targeted-messages.triptease.io — Cisco Umbrella Rank: 54318 messages.guest-experience.triptease.io — Cisco Umbrella Rank: 55895 api.triptease.io — Cisco Umbrella Rank: 53205 static.triptease.io — Cisco Umbrella Rank: 84285	325 KB
13	civilianhotel.com 1 redirects www.civilianhotel.com	618 KB
9	amazonaws.com s3.amazonaws.com	3 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 934 c.clarity.ms — Cisco Umbrella Rank: 1449 o.clarity.ms — Cisco Umbrella Rank: 8022	28 KB
6	synxis.com services.synxis.com — Cisco Umbrella Rank: 676082 services-p1.synxis.com — Cisco Umbrella Rank: 90472	8 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000 www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 409 c.bing.com — Cisco Umbrella Rank: 280	16 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	305 KB
3	doubleclick.net 1 redirects 10814658.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
2	gstatic.com fonts.gstatic.com	95 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 122	856 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	inguest.com contact-api.inguest.com — Cisco Umbrella Rank: 138737	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	akamaized.net download-video.akamaized.net — Cisco Umbrella Rank: 29767
1	vimeo.com 1 redirects player.vimeo.com — Cisco Umbrella Rank: 2295	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 5654	455 B
74	18

	Domain	Requested by
13	www.civilianhotel.com	1 redirects www.civilianhotel.com
9	s3.amazonaws.com
9	onboard.triptease.io	1 redirects www.civilianhotel.com onboard.triptease.io
4	services-p1.synxis.com	www.civilianhotel.com
4	www.googletagmanager.com	www.civilianhotel.com www.googletagmanager.com
3	api.triptease.io	targeted-messages.triptease.io
3	targeted-messages.triptease.io	onboard.triptease.io targeted-messages.triptease.io
3	o.clarity.ms	www.clarity.ms
3	bat.bing.com	www.civilianhotel.com bat.bing.com
2	fonts.gstatic.com	fonts.googleapis.com
2	services.synxis.com	www.civilianhotel.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	10814658.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.civilianhotel.com connect.facebook.net
2	www.google-analytics.com	www.civilianhotel.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	contact-api.inguest.com	www.civilianhotel.com
1	static.triptease.io
1	fonts.googleapis.com	targeted-messages.triptease.io
1	messages.guest-experience.triptease.io	targeted-messages.triptease.io
1	download-video.akamaized.net
1	player.vimeo.com	1 redirects
1	c.bing.com	1 redirects
1	www.facebook.com	www.civilianhotel.com
1	adservice.google.com	10814658.fls.doubleclick.net
1	www.google.de	www.civilianhotel.com
1	www.google.com	www.civilianhotel.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
74	29

This site contains links to these domains. Also see Links.

Domain
be.synxis.com
www.instagram.com
www.onceuponatime.agency

Subject Issuer	Validity	Valid
www.civilianhotel.com RapidSSL TLS RSA CA G1	`2023-06-04` - `2024-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
revinate.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-05` - `2025-03-07`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-29` - `2024-02-27`	3 months	crt.sh
onboard.triptease.io GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-10-04` - `2024-04-01`	6 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
targeted-messages.triptease.io GTS CA 1P5	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.guest-experience.triptease.io R3	`2024-02-17` - `2024-05-17`	3 months	crt.sh
api.triptease.io GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.triptease.io GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.civilianhotel.com/
Frame ID: E1BE5FB8E48F02A70039E5AF9EA56FC8
Requests: 61 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v7351.95710/kernel-host.html?originHost=www.civilianhotel.com
Frame ID: 752B3FCE36ED16D4ADBD553A6ED357FE
Requests: 2 HTTP requests in this frame

Frame: https://10814658.fls.doubleclick.net/activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F
Frame ID: B754A267BBB89C577AE5527CF1559970
Requests: 2 HTTP requests in this frame

Frame: https://targeted-messages.triptease.io/static/storageIframe.html
Frame ID: BD9270CA9AE4D246AEF684B9D9A19336
Requests: 1 HTTP requests in this frame

Frame: https://targeted-messages.triptease.io/static/nudge.html
Frame ID: 87F70A593C9E9548D4BE1FD6B88B74F1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CIVILIAN Hotel

Page URL History Show full URLs

http://www.civilianhotel.com/ HTTP 301
https://www.civilianhotel.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

74
Requests

96 %
HTTPS

59 %
IPv6

18
Domains

29
Subdomains

26
IPs

4
Countries

4332 kB
Transfer

19796 kB
Size

24
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://be.synxis.com/?Chain=15922&currency=USD&hotel=31240&level=hotel&locale=en-US&arrive=Invalid%20date&depart=Invalid%20date&promo=&adult=2
Title: Reserve

Search URL Search Domain Scan URL

URL: https://www.instagram.com/civilianhotel/
Title: Instagram @civilianhotel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C2qBVosP1Bc/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0MoYgoSe6a/?img_index=1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CyYpq_dxKdV/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CwF4b78ssTF

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C1CtDgDMs9r/

Search URL Search Domain Scan URL

URL: https://be.synxis.com/signin?chain=159224&hotel=31240
Title: Modify A Reservation

Search URL Search Domain Scan URL

URL: https://www.onceuponatime.agency/hospitality
Title: Once Upon a Time

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.civilianhotel.com/ HTTP 301
https://www.civilianhotel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ HTTP 307
https://onboard.triptease.io/bootstrap/v7351.95710/bootstrap.js

Request Chain 13

https://10814658.fls.doubleclick.net/activityi;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F HTTP 302
https://10814658.fls.doubleclick.net/activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F

Request Chain 28

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B3E3A26AB88F49C0840BD2F6E321B21A&RedC=c.clarity.ms&MXFR=0928D47A985E645F2761C0519C5E6A5F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B3E3A26AB88F49C0840BD2F6E321B21A&MUID=14A628F2F88365A31F183CD9F98364C2

Request Chain 47

https://player.vimeo.com/progressive_redirect/playback/857636521/rendition/1080p/file.mp4?loc=external&signature=f8ffd0aff94a0bf08e8dcdf7e8126e844b9e5baa51b0b0eab8bebb154e4594a0 HTTP 302
https://download-video.akamaized.net/v3-1/playback/8a9f5dac-dec1-4368-a8e0-19cbacacb057/10d255a8-3560596a?__token__=st=1708390004~exp=1708404404~acl=%2Fv3-1%2Fplayback%2F8a9f5dac-dec1-4368-a8e0-19cbacacb057%2F10d255a8-3560596a%2A~hmac=4c1d26c090557f1ae01859efea71922409ed229d7d8aadae8f18a4ce15cf93ae&r=dXMtY2VudHJhbDE%3D

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.civilianhotel.com/
Redirect Chain

http://www.civilianhotel.com/
https://www.civilianhotel.com/

6 KB
3 KB

376ms
126ms

Document
text/html

13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civilianhotel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

c5572b2d13aa17a676eac508313e5ce459b0d39385d6557fe333ffef86a4a3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"1841-LgJjSUM73/79EKk3KlPn1w"
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 116
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Feb 2024 00:46:42 GMT
Location: https://www.civilianhotel.com/
Vary: Accept
X-Powered-By: Express

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 99ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4VPVFCRV55

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88bbaebe09f6797153926c0435ac322e148f461d4fd96aa0f1407f55ba35e642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93891
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Feb 2024 00:46:43 GMT

GET
H2 200 revinate-form.js Show response
contact-api.inguest.com/bundles/revinatecontactapi/js/ 5 KB
2 KB 668ms
203ms Script
application/javascript 44.240.80.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contact-api.inguest.com/bundles/revinatecontactapi/js/revinate-form.js?v=1

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.80.5 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-80-5.us-west-2.compute.amazonaws.com

Software

Resource Hash

27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31449600, public
accept-ranges: bytes
content-length: 1480

GET
H2

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v7351.95710/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ
https://onboard.triptease.io/bootstrap/v7351.95710/bootstrap.js

123 KB
37 KB

51ms
51ms

Script
application/javascript

2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v7351.95710/bootstrap.js

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b1d515ca5717973ebd9c2094d095e6358a3a90cd3dada90e11c7b15323c168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: e07a1b1289c7780558cf886e7ce22b41058286f7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22401
x-guploader-uploadid: ABPtcPpkXxYFGq4y-FqjdS90e5BtKmpZrjNim-nB9bmXrvXSWYszkeaYaptxaM_LPm2HaWnt_9f5Md_e3Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7351.95710
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Feb 2024 18:10:56 GMT
server: cloudflare
etag: W/"09e39516d09d5eeeaf0669bf5ee978ce"
vary: Accept-Encoding
x-goog-generation: 1708366256766000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=n0jYFQ==, md5=CeOVFtCdXu6vBmm/Xul4zg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YprTfkzouVB7E1bLMpf5%2BZTA%2BYwlJ2SleNWefCARzJOhCRAKrRA8JYVsr3bgmwcHzf%2FjCKyXY%2BWetWgwU2vVfQZ7prjg6kV6GDXuuuekGtTwE2mVCOOYmWfmv1QYvsdrHvoEZco%2B821lmaHr6MswNrqXOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 126400
cf-ray: 8582bbf19abe2a2f-CDG
expires: Tue, 18 Feb 2025 18:15:51 GMT

Redirect headers

date: Tue, 20 Feb 2024 00:46:43 GMT
strict-transport-security: max-age=15552000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7aZy28CNyUDEItOkKfsQqIJLCKCFGf6Pdp5CHmeincW5lao8GW85MgBtJMg9Af%2FteCbBsIvxPhcCSEz%2F%2FUTXB3Gfi1vRyR4Un2CanLqBDlDvtTiIh1%2B6uwFR7PZCp8Em0AmAk0I1QoRHST%2F83JGJi74ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
location: https://onboard.triptease.io/bootstrap/v7351.95710/bootstrap.js
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 8582bbf13a8c2a2f-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 63
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
69 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10814658

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

685cd6819aa9afd121da7631ba797e39a6555c0de28af8f3de1c09945dc23976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70053
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Feb 2024 00:46:43 GMT

GET
H2 200 main.9e7860bdaec799e21c8b.css
www.civilianhotel.com/dist/ 246 KB
37 KB 126ms
126ms Stylesheet
text/css 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 0b505eb51eb7df3534832d583c92ebe36f7efb720f7abbe0b86ffa6cf3f8eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 06 Feb 2024 19:41:49 GMT
x-powered-by: Express
etag: W/"3d6b6-18d7ff0e33c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 main.9e7860bdaec799e21c8b.js Show response
www.civilianhotel.com/dist/ 1 MB
402 KB 127ms
127ms Script
application/javascript 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 2fe6ce8de6af3df843f5f135eda85d64655d95746bdfd7b1e1f6749dc71af365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 06 Feb 2024 19:41:50 GMT
x-powered-by: Express
etag: W/"160d52-18d7ff0e4f2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 136ms
51ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 20 Feb 2024 00:46:43 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81C734BE708F43A28815A054FA826BD6 Ref B: FRAEDGE1708 Ref C: 2024-02-20T00:46:43Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 98ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4VPVFCRV55&gtm=45je42e0v894658674za200&_p=1708390003042&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=829353518.1708390003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708390003&sct=1&seg=0&dl=https%3A%2F%2Fwww.civilianhotel.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1373
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VPVFCRV55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.civilianhotel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 23:30:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4563
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 20 Feb 2024 01:30:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 85ms
28ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Feb 2024 00:46:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: ov0XroahMjCaVtBfFdNIsbE1x7FBqPrAVduEQN61q+pTPl2iShttzgrjrhDJe+DlVQ75yvo7aPekwGIaWr83xg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10814658&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VPVFCRV55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b4ce6026b9a67267ddadaaf6351a4a842b2505a9f84df51549102869c4142d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70050
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Feb 2024 00:46:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-383821101&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VPVFCRV55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a20e3482d5f52bc42a3df8b4fd488aab42e0de0815a7e6de93f56f37b2cd4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78073
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Feb 2024 00:46:43 GMT

GET
H3 200 kernel-host.html Show response
onboard.triptease.io/kernel/v7351.95710/ Frame 752B 61 KB
20 KB 134ms
60ms Document
text/html 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v7351.95710/kernel-host.html?originHost=www.civilianhotel.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a1d05e0a4340224356ebe870ceb8ad1561289e7bed4681263a65ecfab43ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 14781
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 8582bbf3cc22f0e3-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 20 Feb 2024 00:46:43 GMT
expires: Tue, 18 Feb 2025 20:05:55 GMT
last-modified: Mon, 19 Feb 2024 18:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCSurbDLGUWHjGdpYOxdI3N2bZKrstqz7Z9k0AJlYekRGuu2yksPBzGiWQcBoo4OkQb7KCKH0qgCP65LI6WUw2CNOY%2Bfj%2Fxd3Me%2BR8JQIk9kgD9htAqqoJSGybgC2NGQGQT29LRkoc%2BQYa7k4NZH1%2BpdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1708366250464844
x-goog-hash: crc32c=UCemSQ== md5=/ykH34wG2+sBXTYdt2l1pA==
x-goog-meta-build-version: 7351.95710
x-goog-meta-git-hash: e07a1b1289c7780558cf886e7ce22b41058286f7
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62377
x-guploader-uploadid: ABPtcPq40Zwc28klIPyXaEjZwZUDSS88N0Rhfh6qaZPRZrfT92gIEJ_q87bb279BrR3n5SAyVZ4

GET
H2

200

activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sy... Show response
10814658.fls.doubleclick.net/ Frame B754
Redirect Chain

https://10814658.fls.doubleclick.net/activityi;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps...
https://10814658.fls.doubleclick.net/activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45...

523 B
608 B

41ms
40ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10814658.fls.doubleclick.net/activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10814658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

486d8127fed5edcc02bbb02c18a8218cf465869923b7052eea9e8d67440374be

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.civilianhotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:46:43 GMT
expires: Tue, 20 Feb 2024 00:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:46:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10814658.fls.doubleclick.net/activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 33ms
32ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=476412735&t=pageview&_s=1&dl=https%3A%2F%2Fwww.civilianhotel.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICDACEABBAAAACAAI~&jid=123037803&gjid=1271971233&cid=829353518.1708390003&tid=UA-2977205-103&_gid=550940771.1708390004&_r=1&_slc=1&z=1975312839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.civilianhotel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/383821101/ 3 KB
2 KB 99ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/383821101/?random=1708390003797&cv=11&fst=1708390003797&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.civilianhotel.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=781985402.1708390004&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-383821101&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e81d3e84f2d0f0db0b0450c436b174f254089741ad8abd44eb382bdb78553661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 151002211.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 56ms
56ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/151002211.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

be847ff8e10e6dff83561458d7249d77ed5b74546110c103cd6d80a9a22b9fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 20 Feb 2024 00:46:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75E0F1A7731544D2B504BF411C0B7F3E Ref B: FRAEDGE1708 Ref C: 2024-02-20T00:46:43Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 53ms
53ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=151002211&Ver=2&mid=f753ace8-b849-4489-aa21-0a8e9194c04f&sid=84ab4100cf8911ee9b31d5be650cb522&vid=84ab4520cf8911ee80e5f54e9d9399e1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.civilianhotel.com%2F&r=&lt=1881&evt=pageLoad&sv=1&rn=428951

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Feb 2024 00:46:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E504A6FA1A04CE7AB47AA942A664FC2 Ref B: FRAEDGE1708 Ref C: 2024-02-20T00:46:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 181650897361672 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/181650897361672?v=2.9.147&r=stable&domain=www.civilianhotel.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d4d42ce3350eb8e2dfc95fede29ff3dcb96c4cb57d2f1b423ebc9b80330f06d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Feb 2024 00:46:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 9s6z8tQhWtc36uKU2a/VDNi60OOuyKEW3lM/WomjGhWTwcy3/Q+FJyR6ALg0YPzY/OZ3/9fdy91jaH8fL+rcDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 151002211 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 296ms
217ms Script
application/x-javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/151002211
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/151002211.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e7b9259db3e78a80ad8508554eaf953266115d3bbde2d941aa43299dacd40493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: -1
date: Tue, 20 Feb 2024 00:46:44 GMT
x-azure-ref: 20240220T004643Z-se9s39euyx0trcxhkghsu459tc00000003y000000000kyta
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 kernel.js
onboard.triptease.io/kernel/v7351.95710/ Frame 752B 68 KB
22 KB 50ms
50ms Other
application/javascript 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v7351.95710/kernel.js?

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/kernel/v7351.95710/kernel-host.html?originHost=www.civilianhotel.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e000dc29147b02aaa77381e5792c53baace322f184fc631701d15b31e56af5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboard.triptease.io/kernel/v7351.95710/kernel-host.html?originHost=www.civilianhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:43 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: e07a1b1289c7780558cf886e7ce22b41058286f7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23449
x-guploader-uploadid: ABPtcPp0r13V69hMyxAM01FlL8RL3SSmob5S98-X-NiUFhmGB89ot9qF3tfwCGyUU8w9h64UZddFIo8msg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7351.95710
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Feb 2024 18:10:50 GMT
server: cloudflare
etag: W/"51573e0d7c9072a3f4cd8091a9d4cfb8"
vary: Accept-Encoding
x-goog-generation: 1708366250468285
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=OyxwKg==, md5=UVc+DXyQcqP0zYCRqdTPuA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZArXxTshzXIMFkwdgLUVUlLETQGPefus6wbfP6QjavC6hBzWBAlb3j74GGxXumDxrz2jhBHRCxqUQ%2Bh4o%2F9Q3PrjRNl6fFFYNcIVFZZLtVBZq%2F8bazza%2By0q6Exa2Job6IbODPJwcLHiyQE6WVTyAf%2B%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 69694
cf-ray: 8582bbf48c93f0e3-CDG
expires: Tue, 18 Feb 2025 18:15:50 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/383821101/ 42 B
455 B 91ms
35ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/383821101/?random=1708390003797&cv=11&fst=1708387200000&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.civilianhotel.com%2F&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_iX7-Lwhg_O9__7Xpmv1fbJ58DU1Unw&random=1273464946&rmt_tld=0&ipr=y

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/383821101/ 42 B
455 B 96ms
38ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/383821101/?random=1708390003797&cv=11&fst=1708387200000&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.civilianhotel.com%2F&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_iX7-Lwhg_O9__7Xpmv1fbJ58DU1Unw&random=1273464946&rmt_tld=1&ipr=y

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;u...
adservice.google.com/ddm/fls/z/ Frame B754 42 B
401 B 138ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F

Requested by

Host: 10814658.fls.doubleclick.net
URL: https://10814658.fls.doubleclick.net/activityi;dc_pre=CI3gxdrYuIQDFa4hBgAdftcNaA;src=10814658;type=websi106;cat=civil123;ord=1;num=3627012261994;npa=0;auiddc=781985402.1708390004;pscdl=noapi;gtm=45fe42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.civilianhotel.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10814658.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 80ms
26ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181650897361672&ev=PageView&dl=https%3A%2F%2Fwww.civilianhotel.com%2F&rl=&if=false&ts=1708390003945&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708390003945.1191765708&ler=empty&cdl=API_unavailable&it=1708390003853&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=e1&rqm=GET

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Feb 2024 00:46:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 content Show response
www.civilianhotel.com/api/ 259 KB
21 KB 140ms
140ms XHR
application/json 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civilianhotel.com/api/content?cacheBuster=1708390004115

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

46449848859ee4dfc530d7741bb88ed81f17a159859c39a87a504d264e78ffe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"40c71-8/vS8RfOfjY0/2TiNLFIAw"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-access-token
x-xss-protection: 1; mode=block

GET
H2 200 slides Show response
www.civilianhotel.com/api/ 556 KB
27 KB 153ms
153ms XHR
application/json 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civilianhotel.com/api/slides?cacheBuster=1708390004115

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

51d18670c0bfd590a9dbeffbb8d1c437cec8b68b3152411d33ffed00a46cfe24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"8ae75-BO4NUlMjVHSAmrvYImatAQ"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-access-token
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 54ms
53ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/151002211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:44 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240220T004644Z-se9s39euyx0trcxhkghsu459tc00000003y000000000kyth
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f639ad44-601e-007f-7b74-61e140000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B3E3A26AB88F49C0840BD2F6E321B21A&RedC=c.clarity.ms&MXFR=0928D47A985E645F2761C0519C5E6A5F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B3E3A26AB88F49C0840BD2F6E321B21A&MUID=14A628F2F88365A31F183CD9F98364C2

42 B
443 B

54ms
53ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B3E3A26AB88F49C0840BD2F6E321B21A&MUID=14A628F2F88365A31F183CD9F98364C2
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
last-modified: Fri, 09 Feb 2024 19:55:32 GMT
server: Microsoft-IIS/10.0
etag: "2155d7f0915bda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32D595EF8D034EC4BC77CC74B8B8066B Ref B: FRAEDGE1708 Ref C: 2024-02-20T00:46:44Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B3E3A26AB88F49C0840BD2F6E321B21A&MUID=14A628F2F88365A31F183CD9F98364C2
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

OPTIONS
H2 200 token
services.synxis.com/v1/auth/ Frame 0
0 612ms
163ms Preflight 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services.synxis.com/v1/auth/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,context
Access-Control-Request-Method: POST
Origin: https://www.civilianhotel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,context
access-control-allow-methods: POST
access-control-allow-origin: https://www.civilianhotel.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 Feb 2024 00:46:44 GMT
server: nginx
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google, 1.1 google
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 14-226335844-226335849 NNNN CT(0 3 0) RT(1708390003979 31) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr: LlLkNFnnei2Wp+0dPEYXcHT202UAAAAALp4Y5RNw8vafpjl4fE5opQ==

GET
H2 200 calendar-white.svg
www.civilianhotel.com/dist/ 658 B
750 B 142ms
142ms Image
image/svg+xml 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.civilianhotel.com/dist/calendar-white.svg
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: d2ce69a11f5de6bdc5742d80263eb1c7a27f8013d7ff7ac6d041798c05f3a235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"292-17c03e08640"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 658

GET
H2 200 Pitch-Regular.woff2
www.civilianhotel.com/dist/ 22 KB
22 KB 144ms
144ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/Pitch-Regular.woff2
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: c70669431803359e9206f636b6fa849394f5147d24162a0c072583a913346ea0

Request headers

Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"578c-17c03e08630"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22412

GET
H2 200 Pitch-RegularItalic.woff2
www.civilianhotel.com/dist/ 24 KB
24 KB 142ms
142ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/Pitch-RegularItalic.woff2
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 90d82d5f0b36acf1bc4bab46d1783ac256667f3bf58e2f5fef5c6db0ac0d387e

Request headers

Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"5ed4-17c03e08630"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24276

GET
H2 200 Pitch-Light.woff2
www.civilianhotel.com/dist/ 21 KB
21 KB 144ms
143ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/Pitch-Light.woff2
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: a6dba5b7f6dc90dd9cb81865356f3212ded65d4a441b40be3d588ace4f81e263

Request headers

Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"54ac-17c03e08630"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21676

GET
H2 200 Pitch-Medium.woff2
www.civilianhotel.com/dist/ 22 KB
22 KB 144ms
143ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/Pitch-Medium.woff2
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: b325c4ea9922fdf2a7f3860d7df4673bdf1704e3a089530fada64a6c6775af11

Request headers

Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"5844-17c03e08630"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22596

GET
H2 200 SMMaxeville-Constructed.woff2
www.civilianhotel.com/dist/ 18 KB
19 KB 145ms
144ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/SMMaxeville-Constructed.woff2
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: e284434d512f51ebe7e5342fe1317817b0e0d6cc194b201d8adca646d555a68e

Request headers

Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"49c0-17c03e08630"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18880

GET
H2 200 SUBWAY.woff2
www.civilianhotel.com/dist/ 21 KB
21 KB 146ms
146ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civilianhotel.com/dist/SUBWAY.woff2
Requested by: Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 2d11363da9a7069d56559bd8bff67935390b329d9596190eb6dc95a126d3cf4e

Request headers

Referer: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.css
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

last-modified: Mon, 20 Sep 2021 15:43:38 GMT
x-powered-by: Express
etag: W/"5264-17c03e08640"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21092

GET
H2 200 revinate-form.js Show response
contact-api.inguest.com/bundles/revinatecontactapi/js/ 5 KB
2 KB 214ms
213ms Script
application/javascript 44.240.80.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contact-api.inguest.com/bundles/revinatecontactapi/js/revinate-form.js?v=1

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.80.5 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-80-5.us-west-2.compute.amazonaws.com

Software

Resource Hash

27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31449600, public
accept-ranges: bytes
content-length: 1480

POST
H2 200 token Show response
services.synxis.com/v1/auth/ 1 KB
1 KB 358ms
357ms Fetch
application/json 45.60.155.144
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services.synxis.com/v1/auth/token

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.155.144 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

f7c118602afbf1ff15359ec4df15eb6c1e1898eaa711f585ca2b807b33180440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.civilianhotel.com/
Context: SYNXISWS_VA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Authorization: Basic VDA1RFJWVlFUMDVEU1ZaSlRFbEJUbEJTVDBRPTpTVzFxZGsxQ1FUazJXRGhQSVUwPQ==
Content-Type: application/json

Response headers

date: Tue, 20 Feb 2024 00:46:45 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.civilianhotel.com
x-iinfo: 14-226335844-226335849 PNYN RT(1708390003979 205) q(0 0 0 7) r(4 4) U24
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: CYQicIQcb32Wp+0dPEYXcHT202UAAAAAUcG2vZB8SguWHiXeTxKD3w==
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK 423752968_397170129462125_3706884717557246576_n-1707257607380.jpg
s3.amazonaws.com/civilianhotel/ 307 KB
307 KB 406ms
159ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/423752968_397170129462125_3706884717557246576_n-1707257607380.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d49a5d8262aca5d0486c917f2b51c6686165aa1fae368460ad343e028f185104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Tue, 06 Feb 2024 22:13:28 GMT
Server: AmazonS3
x-amz-request-id: REW3GDN1H5VK7Y7E
ETag: "ee30b05307fd8354425ed9e2a4ec5430"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 314203
x-amz-id-2: I0EOLg/eJW+XJZZEV133rRytQNf+alUFhQcswigzQJGmi/vVbIR3LDrohgpxL85qKQ8NzihQHUg=

GET
H/1.1 200
OK 405219152_1115429053103194_4050611452391698369_n-1707257637258.jpg
s3.amazonaws.com/civilianhotel/ 455 KB
455 KB 414ms
164ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/405219152_1115429053103194_4050611452391698369_n-1707257637258.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 210c7a075842f8653ffedd10e7916c4aa52ab5bf868c77598fbaec0acf6db327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Tue, 06 Feb 2024 22:13:58 GMT
Server: AmazonS3
x-amz-request-id: REWBV3412TS8K4Z5
ETag: "72e11cde074d93caf626879df3d8ad3f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 465753
x-amz-id-2: rd62xIn7DIKHhz5v/hZ7YiJD/UyCV356c1B4Gvf1tVmiftfisVU65ZgeLD+dffiHhoUTjHErJsM=

GET
H/1.1 200
OK 391209314_1064056968069334_5513904694168149980_n-1707257738861.jpg
s3.amazonaws.com/civilianhotel/ 293 KB
293 KB 392ms
142ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/391209314_1064056968069334_5513904694168149980_n-1707257738861.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d0bffb24452fa9e8c17d913df91ff0ca8efca2351f98458a91153daf72299eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Tue, 06 Feb 2024 22:15:39 GMT
Server: AmazonS3
x-amz-request-id: REW7K5MGPTRPB5B0
ETag: "ce8e8bd73b66a7eca3bee94056a17171"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 299675
x-amz-id-2: NGIMTaG2zlYVYL1nT9fwT7r5gVBXJKV5K+1+/RQIduu+sZXuXMWx7VSsgcTmdT1NsjqXhCyaq7c=

GET
H/1.1 200
OK 368084941_229095316797642_9213663591973310837_n-1707257767251.jpg
s3.amazonaws.com/civilianhotel/ 263 KB
263 KB 385ms
138ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/368084941_229095316797642_9213663591973310837_n-1707257767251.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5fc525495440e5bc0b2adfa31b85814f65d1362f455af56c4bc94faa3445e566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Tue, 06 Feb 2024 22:16:09 GMT
Server: AmazonS3
x-amz-request-id: REWB5V63XRCNDHZA
ETag: "f2f7a1c2ebb5b1ff88ff6df0af691fc0"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 269358
x-amz-id-2: ce9Jz9RLQB4JL+WvNq/c6fbWDAKxKzlA8WMcbgPbayanqy464K64IJlFwjqjJ1Lceeg+mpoD8CE=

GET
H/1.1 200
OK 412427759_231794183283800_8321131534919461648_n-1707257902774.jpg
s3.amazonaws.com/civilianhotel/ 349 KB
350 KB 373ms
126ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/412427759_231794183283800_8321131534919461648_n-1707257902774.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3e47ed7e42e9f1b223715d2df23de88379689748c90d9c0a77f096298a2045d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Tue, 06 Feb 2024 22:18:23 GMT
Server: AmazonS3
x-amz-request-id: REWDYHKE25F6TZPB
ETag: "d4ffc26bc0466df0c1112c67dfad5503"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 357750
x-amz-id-2: e57mSalCFqOgS7PII57ZIbVdXr7ZXsBHdiXXHf16bFPD7NPwjdFdtLHdI71soZ31b0H9DhEhXlo=

GET
H/1.1 200
OK instagram15745431785671619472274112-1628015185987.svg
s3.amazonaws.com/civilianhotel/ 3 KB
3 KB 374ms
128ms Image
image/svg+xml 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/instagram15745431785671619472274112-1628015185987.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35aa0941ea47488d756b03ccd8422d8c37db9352ea022b958b3df8000fd612e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Tue, 03 Aug 2021 18:26:27 GMT
Server: AmazonS3
x-amz-request-id: REW5905QJ8H8H0WX
ETag: "de9c9492aace3199ae38c0c3b223e6ca"
Content-Type: image/svg+xml
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 3137
x-amz-id-2: K3k8rrwkWCJNGeIyxdsYPzlEpSoxzE6MGRpsiox1zHqqDvLAH2Xmm/rvmC5Wkrym9Hl29hRWze8=

GET
H/1.1 200
OK videobg-1619452252586.jpg
s3.amazonaws.com/civilianhotel/ 101 KB
102 KB 238ms
237ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/videobg-1619452252586.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b442299934bb2a35620f7bb27dbb4a87cf159d99e0cf9fbcc15f4875f47ae3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:45 GMT
Last-Modified: Mon, 26 Apr 2021 15:50:53 GMT
Server: AmazonS3
x-amz-request-id: REW7J791R7MT7PTQ
ETag: "739e9669c337d04e2e4cfbb74781fbd0"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 103772
x-amz-id-2: +HTUSWOtdCf6nOb74uBajMfNlEukgh2p8U895srLWBl4P9Gi3rOn9AYALWMv0YYwboh8aTIvnnc=

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
301 B 540ms
250ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.civilianhotel.com
Date: Tue, 20 Feb 2024 00:46:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

206

10d255a8-3560596a
download-video.akamaized.net/v3-1/playback/8a9f5dac-dec1-4368-a8e0-19cbacacb057/
Redirect Chain

https://player.vimeo.com/progressive_redirect/playback/857636521/rendition/1080p/file.mp4?loc=external&signature=f8ffd0aff94a0bf08e8dcdf7e8126e844b9e5baa51b0b0eab8bebb154e4594a0
https://download-video.akamaized.net/v3-1/playback/8a9f5dac-dec1-4368-a8e0-19cbacacb057/10d255a8-3560596a?__token__=st=1708390004~exp=1708404404~acl=%2Fv3-1%2Fplayback%2F8a9f5dac-dec1-4368-a8e0-19c...

12 MB
0

129ms
50ms

Media
video/mp4

2a02:26f0:7100::213:c669
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://download-video.akamaized.net/v3-1/playback/8a9f5dac-dec1-4368-a8e0-19cbacacb057/10d255a8-3560596a?__token__=st=1708390004~exp=1708404404~acl=%2Fv3-1%2Fplayback%2F8a9f5dac-dec1-4368-a8e0-19cbacacb057%2F10d255a8-3560596a%2A~hmac=4c1d26c090557f1ae01859efea71922409ed229d7d8aadae8f18a4ce15cf93ae&r=dXMtY2VudHJhbDE%3D
Protocol: H2
Server: 2a02:26f0:7100::213:c669 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:44 GMT
akamai-grn: 0.65c61302.1708390004.3f90b093
Content-Range: bytes 0-16429355/16429356
akamai-mon-iucid-del: 1190815
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 16429356
x-request-id: OSaT0p3dngkKH88KT811zzKASz1Jdq1y
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-Grn
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
akamai-request-bc: [a=2.19.198.101,b=1066446995,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Redirect headers

expires: Fri, 15 Dec 1985 19:30:00 GMT
Date: Tue, 20 Feb 2024 00:46:44 GMT
content-security-policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish
CF-Cache-Status: DYNAMIC
X-Cache: MISS
x-host: player-backend-787677bb4d-cz6zg
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 0
x-xss-protection: 1; mode=block
X-Served-By: cache-fra-eddf8230135-FRA
x-player-backend: g
Server: cloudflare
X-Timer: S1708390005.507251,VS0,VE306
access-control-allow-origin: *
Location: https://download-video.akamaized.net/v3-1/playback/8a9f5dac-dec1-4368-a8e0-19cbacacb057/10d255a8-3560596a?__token__=st=1708390004~exp=1708404404~acl=%2Fv3-1%2Fplayback%2F8a9f5dac-dec1-4368-a8e0-19cbacacb057%2F10d255a8-3560596a%2A~hmac=4c1d26c090557f1ae01859efea71922409ed229d7d8aadae8f18a4ce15cf93ae&r=dXMtY2VudHJhbDE%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-backend-787677bb4d-cz6zg
Accept-Ranges: bytes
CF-RAY: 8582bbf81dbb049b-FRA
X-Cache-Hits: 0

GET
H/1.1 200
OK thegift-1668010942148.png
s3.amazonaws.com/civilianhotel/ 805 KB
806 KB 135ms
135ms Image
image/png 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/thegift-1668010942148.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d3246ca1862a92cc89596df2180e7423604c5a2ce44dbfd83955633ffeb5da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:46 GMT
Last-Modified: Wed, 09 Nov 2022 16:22:23 GMT
Server: AmazonS3
x-amz-request-id: C0MZFBNNNSE7G6WN
ETag: "fa09c1da48e7b780595e7ae82eab5c88"
Content-Type: image/png
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 824790
x-amz-id-2: uLFNzm2xsCp9jbAwh0twm8611+fBkVRSO/8YNW4uipWJP5F/IqC2gWzuG7/nxDZjljVXprCYEzA=

GET
H/1.1 200
OK rosevalekitchen_creditnikolaskoenigforrockwellgroup1-1670010093898.jpg
s3.amazonaws.com/civilianhotel/ 260 KB
260 KB 178ms
178ms Image
image/jpeg 52.217.82.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/civilianhotel/rosevalekitchen_creditnikolaskoenigforrockwellgroup1-1670010093898.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.254 Ashburn, United States, ASN (),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2cb667769d80750e00c3b5465f689d043163187893d69c4d6399f77b71410bf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 00:46:46 GMT
Last-Modified: Fri, 02 Dec 2022 19:41:35 GMT
Server: AmazonS3
x-amz-request-id: C0MMYNB4S89RQDR5
ETag: "29c37161dc6776dcf6884d0d14246c00"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 265873
x-amz-id-2: RdkdJSEqzdzegZoEAIRUOB/CG+vgyYvZJ1CYz0z6aJu6ChkAK4B8Q6P2YquMSsMZfUTzqHdiRCw=

GET
H3 200 default.js Show response
onboard.triptease.io/integrations/v7351.95710/ 164 KB
52 KB 52ms
52ms Script
application/javascript 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v7351.95710/default.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66dc148b604fd11836898c1f73611a0274229ccd1382d61592207b0ab1b9b3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:45 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: e07a1b1289c7780558cf886e7ce22b41058286f7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19662
x-guploader-uploadid: ABPtcPrzR3RAc8OIEpI7DLZDXDO1RH8JfEXr3isLHYfbnBiPUSlZ6t2H5qX6WgW3LRcCyJYPJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7351.95710
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Feb 2024 18:14:06 GMT
server: cloudflare
etag: W/"cbf207623a89ed2d5f7cdf96b937eff1"
vary: Accept-Encoding
x-goog-generation: 1708366445967569
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=/TsY+Q==, md5=y/IHYjqJ7S1ffN+WuTfv8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FNBdVZVHzfQPJoY%2B9%2Fk9SVVJSfAoB%2Batamd%2BNEp898jdBHzdx%2FYgW1NaYxlWX08UyHkeeJn9jREjie7J4SeTJagzAXokdlC5E%2F3li3o25hHJ%2ByTuUWSXgNZJH237FYiSyuLTT0G68e%2Frsv7CIN%2FEtq6YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 167638
cf-ray: 8582bbfcf9ea6621-AMS
expires: Tue, 18 Feb 2025 19:15:55 GMT

OPTIONS
H/1.1 200
OK rooms
services-p1.synxis.com/v1/api/hotel/ Frame 0
0 260ms
167ms Preflight 45.60.243.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/v1/api/hotel/rooms?primaryChannel=WEB&secondaryChannel=WEB&chainId=15922&hotelId=31240&numRooms=1&currencyCode=USD&view=full&pageSize=0&pageStart=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: activityid,authorization,content-type,context
Access-Control-Request-Method: GET
Origin: https://www.civilianhotel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 0
Date: Tue, 20 Feb 2024 00:46:45 GMT
Server: nginx
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Iinfo: 14-1772863-1772869 NNNN CT(1 8 0) RT(1708390004386 34) q(0 0 0 0) r(1 1) U24
access-control-allow-credentials: true
access-control-allow-headers: activityid,authorization,content-type,context
access-control-allow-origin: https://www.civilianhotel.com
access-control-max-age: 3600
cache-control: no-cache
expires: -1
pragma: no-cache
x-content-type-options: nosniff
x-incap-sess-cookie-hdr: O4fjSDzzWnB84XWb6rONAnT202UAAAAAAzt3kr/+9rBdNNcKBDmDNQ==

GET
H/1.1 200
OK rooms Show response
services-p1.synxis.com/v1/api/hotel/ 15 KB
3 KB 680ms
379ms XHR
application/json 45.60.243.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/v1/api/hotel/rooms?primaryChannel=WEB&secondaryChannel=WEB&chainId=15922&hotelId=31240&numRooms=1&currencyCode=USD&view=full&pageSize=0&pageStart=0

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

5a58e7c2838641b8c978aee36ec0f874f9c471d301f63a54c8ea513ea972251d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer T1RLAQIj1wQZIaHV/rz0HT96k4ffXImVXAxpp5OupVyLIrEjbBBN5dcNCR32N6ruVYh05yCIAAEgOsWMygTG6cB225/JxsAgEy9aLzRkAN0PXYTK4o5sQH+r842sRnmOEPx3TrpzNWAgqTkcy2/K2yuTC7RQLbZSvtCbx/SyORX4h2jVSXhE++uGoGmXP1AKwIgnrAULnshCWyhTI0GYZfyRoGcWsQl0ah9W6iRDA4od8+pSt0m3z7Ja6x7J3g2+HNjvdM57waJDXKcMHJjTe5AFWCOcarfLGbgWtrmcZfEB4JMi3in1Ce9W/xfBkQ0yOVaguEVrW3K80JskvDUSNhjUSk44HT0tdV8o4ViFiMzVunFzfK8Haw3nEtyQN1QM3kiZIHBV1Ywi1DMZlrfVOQQvC1LmGs98HBt8fz9J2O221d/XxdHQAOo+iXEUqWA5wZsfg2jmr1WS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json
ActivityID: CIV_get_rooms_1708390005
Accept: appplication/json
Referer: https://www.civilianhotel.com/
Context: WBSVC

Response headers

date: Tue, 20 Feb 2024 00:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google, 1.1 google
X-CDN: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
Transfer-Encoding: chunked
X-Iinfo: 14-1772862-1772932 NNNN CT(2 3 0) RT(1708390004386 498) q(0 0 0 0) r(4 4) U24
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 1e449a41-fc68-4a39-95a2-0d590aabd987
pragma: no-cache
content-type: application/json
access-control-allow-origin: https://www.civilianhotel.com
access-control-expose-headers: *
cache-control: no-cache
access-control-allow-credentials: false
x-incap-sess-cookie-hdr: e8hQZTT3Rjd84XWb6rONAnX202UAAAAAwToOOmpGNdXawzgXvvIhMA==
expires: -1

GET
H/1.1 200
OK rates Show response
services-p1.synxis.com/v1/api/hotel/ 41 KB
4 KB 1587ms
1287ms XHR
application/json 45.60.243.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/v1/api/hotel/rates?primaryChannel=WEB&secondaryChannel=WEB&chainId=15922&hotelId=31240&numRooms=1&currencyCode=USD

Requested by

Host: www.civilianhotel.com
URL: https://www.civilianhotel.com/dist/main.9e7860bdaec799e21c8b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

14d0e62143c44c8805185bcd6a58d080ab2159b069827a90cab10804b55e4db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer T1RLAQIj1wQZIaHV/rz0HT96k4ffXImVXAxpp5OupVyLIrEjbBBN5dcNCR32N6ruVYh05yCIAAEgOsWMygTG6cB225/JxsAgEy9aLzRkAN0PXYTK4o5sQH+r842sRnmOEPx3TrpzNWAgqTkcy2/K2yuTC7RQLbZSvtCbx/SyORX4h2jVSXhE++uGoGmXP1AKwIgnrAULnshCWyhTI0GYZfyRoGcWsQl0ah9W6iRDA4od8+pSt0m3z7Ja6x7J3g2+HNjvdM57waJDXKcMHJjTe5AFWCOcarfLGbgWtrmcZfEB4JMi3in1Ce9W/xfBkQ0yOVaguEVrW3K80JskvDUSNhjUSk44HT0tdV8o4ViFiMzVunFzfK8Haw3nEtyQN1QM3kiZIHBV1Ywi1DMZlrfVOQQvC1LmGs98HBt8fz9J2O221d/XxdHQAOo+iXEUqWA5wZsfg2jmr1WS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json
ActivityID: CIV_get_rates_1708390005
Accept: appplication/json
Referer: https://www.civilianhotel.com/
Context: WBSVC

Response headers

date: Tue, 20 Feb 2024 00:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google, 1.1 google
X-CDN: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
Transfer-Encoding: chunked
X-Iinfo: 14-1772863-1772930 NNNN CT(0 5 0) RT(1708390004386 490) q(0 0 0 0) r(13 13) U24
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 242ff08b-7ca9-42b4-8082-d86cbb78c30e
pragma: no-cache
content-type: application/json
access-control-allow-origin: https://www.civilianhotel.com
access-control-expose-headers: *
cache-control: no-cache
access-control-allow-credentials: false
x-incap-sess-cookie-hdr: PcTBAS+PBAl84XWb6rONAnb202UAAAAAqS8ynxmNelE7bMXWJHAJFA==
expires: -1

OPTIONS
H/1.1 200
OK rates
services-p1.synxis.com/v1/api/hotel/ Frame 0
0 251ms
160ms Preflight 45.60.243.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://services-p1.synxis.com/v1/api/hotel/rates?primaryChannel=WEB&secondaryChannel=WEB&chainId=15922&hotelId=31240&numRooms=1&currencyCode=USD

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.22 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: activityid,authorization,content-type,context
Access-Control-Request-Method: GET
Origin: https://www.civilianhotel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 0
Date: Tue, 20 Feb 2024 00:46:45 GMT
Server: nginx
Via: 1.1 google, 1.1 google
X-CDN: Imperva
X-Iinfo: 14-1772862-1772467 PNNN RT(1708390004386 31) q(0 0 0 1) r(1 1) U24
access-control-allow-credentials: true
access-control-allow-headers: activityid,authorization,content-type,context
access-control-allow-origin: https://www.civilianhotel.com
access-control-max-age: 3600
cache-control: no-cache
expires: -1
pragma: no-cache
x-content-type-options: nosniff
x-incap-sess-cookie-hdr: vv6Va0zUXW584XWb6rONAnT202UAAAAANIfR+55o2rcOpN5mlaB5hg==

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
301 B 122ms
121ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.civilianhotel.com
Date: Tue, 20 Feb 2024 00:46:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 identity Show response
onboard.triptease.io/ 161 B
837 B 45ms
44ms Fetch
application/json 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/identity

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b8bbddd2b11ff15305b31c42c3040bd045925dbc16cfd92c3b52ee3ea095836

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:46 GMT
strict-transport-security: max-age=15552000
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXRoKGGJs4iq%2F2oTA1bCK3KUq2UzGQhMttvRkp2oJU5PJIveljFfE7GYZs9Q%2F4sWMmr3T2TPE5c76qAfNfUV%2BE%2Bo3Wf6BZMIIqwGsnaMCD3lu1m3zjqUk8LKv%2BSblkw10%2BXSnYuBpcfBhwgCAt%2FlVETgrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.civilianhotel.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
cf-ray: 8582bc02dd1ff0e3-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 claim Show response
onboard.triptease.io/ 2 B
559 B 207ms
207ms Fetch
application/json 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/claim?apiKey=4774ef6c132b4ee89f0071eab9eca8ba

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:46 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImGlvrtCdWkxqsjqly7ARqbkpCvfZH%2FZZgBpwlOISgJ8zIjwqm9YR7doOpMa%2FMhNzdV4vLB3v05hFvI7dssVuhtB5iUmBgqa%2Ft482u8UMn18ySu7uCZpsKQiG0yRjkO7Jku2aaw0SlZ14gXyHQS%2B0aF%2F0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.civilianhotel.com
cache-control: no-cache, no-store, max-age=0
access-control-allow-credentials: true
cf-ray: 8582bc032d4bf0e3-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-message-engine.js Show response
targeted-messages.triptease.io/static/ 93 KB
32 KB 168ms
54ms Script
application/javascript 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3514323fa4be3ed768c17e85b0fae158ae277ca4735c83de12dd0517a3aaca80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
Origin: https://www.civilianhotel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:46 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1708077348
age: 39
x-guploader-uploadid: ABPtcPrcM9MQGYhx2gS5BsKci5j6Rn9wlmsWxbeQmYDOR9wTKxAqf9x6L8wXUGlPncJ5ZIPmTg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 09:55:51 GMT
server: cloudflare
etag: W/"4fc8b9d76596078c2c9e4797d18fc5e7"
vary: Accept-Encoding
x-goog-generation: 1708077351787016
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=YkBpDQ==, md5=T8i512WWB4wsnkeX0Y/F5w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fI4L3rhOv%2BU2bll9%2FQbMXf%2FDkLzPDKLnUUqq0saisdj1PtIiqPlWnKcEcqpJL3ORHkehnaUsST5qI3XA%2B%2BzC1NfLri9cTURK8Hrz1PJwunhBmh2haJI2NNiKFfjmBFl5byDhqzl%2FGM%2BPoasT5iWE2KHNrER9NcnxziPx5xM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 95321
cf-ray: 8582bc065c620369-CDG
expires: Tue, 20 Feb 2024 00:56:07 GMT

GET
H3 200 storageIframe.html Show response
targeted-messages.triptease.io/static/ Frame BD92 7 KB
4 KB 114ms
47ms Document
text/html 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeted-messages.triptease.io/static/storageIframe.html

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44967af7d7413422ff93ef8e795f138ffa16e64d705bf2fcdbb164145e7d651f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 52
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: HIT
cf-ray: 8582bc0749eab984-AMS
content-encoding: br
content-type: text/html
date: Tue, 20 Feb 2024 00:46:46 GMT
expires: Tue, 20 Feb 2024 00:51:18 GMT
last-modified: Thu, 29 Jun 2023 09:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HbC7%2FYnP%2FbDjwTUhkZElwdkXy9pnxf3YIVaMLphGy326v0G84o7vjHzfZodQ1%2FZBnNmzB6cVF%2BFZ2QhCQ382eMX%2F5ket9IqEBdPTS9WFMmgtDEa95k0B8VhdeHM9hasG7o5lJKWdYsenon6GJIj%2FwwpLVVGrk%2BY3sTluRs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1688032590472706
x-goog-hash: crc32c=/G3XxQ== md5=98b+KQq4ov4sQNnkjjyKNw==
x-goog-meta-goog-reserved-file-mtime: 1688032586
x-goog-metageneration: 18
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7485
x-guploader-uploadid: ABPtcPrFg0CzqUJc8YkOeBhuta2pgwDAFeVAywgUp2GXHz4jxnEL4aZs6M3lmtICZ8nSHtFhEbo

GET
H2 200 messages Show response
messages.guest-experience.triptease.io/4774ef6c132b4ee89f0071eab9eca8ba/ 2 KB
3 KB 446ms
228ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://messages.guest-experience.triptease.io/4774ef6c132b4ee89f0071eab9eca8ba/messages?language=en
Requested by: Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4be2d1f8196ed68241388c10b47438fab8e2a1cdfcb131bf09a5dad7a07c7198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:46:47 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-city: kassel
content-length: 2274
x-served-by: cache-fra-etou8220059-FRA
server: Google Frontend
vary: Origin
tt_keys: campaigns-4774ef6c132b4ee89f0071eab9eca8ba campaigns-client-CIVILIANHOTEL
access-control-allow-origin: https://www.civilianhotel.com
x-region-code: HE
x-cloud-trace-context: c48a7bbc584980de4a4e8c8884d70d05
cache-control: public,stale-if-error=600,stale-while-revalidate=10,max-age=600
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
tt_host: messages.guest-experience.triptease.io
access-control-expose-headers: X-Country-Code, X-Region-Code, X-City
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 0

POST
H2 200 event
api.triptease.io/zappy/ 0
529 B 339ms
140ms Ping
text/plain 2606:4700:e4::ac40:ad0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ad0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Feb 2024 00:46:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.civilianhotel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LL7mxIayQuDuOuVkg17CjwmkMGoTWottTHLmPwP0bNRPQgCMv0Dp8OY0SaZNjwePlyviFkva1uJcTuKlPqbC%2BckqmtX4G1g8CRKVdI1KTCWVUicQoyZ8mxVFjRHDowOUaXV%2Fwiyg9kSwHxNr4o%2B0"}],"group":"cf-nel","max_age":604800}
cf-ray: 8582bc0baba16f0c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 event
api.triptease.io/zappy/ 0
263 B 340ms
142ms Ping
text/plain 2606:4700:e4::ac40:ad0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.triptease.io/zappy/event?eventName=messageAvailable

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ad0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Feb 2024 00:46:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.civilianhotel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUaZxgsVc%2Bhv0F2w5DHg9LV9ErntLv48llrNdn9DC3d5o0PYo57%2BkubvxaFuSBxCba85d7OZSG5GjSLc4KOQJOxaskO8eWq6zfkvmxek%2BwtZLdadZ1c1239boITKqP2%2BIu1XZ4NggdtfEihRznrQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8582bc0baba06f0c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 nudge.html Show response
targeted-messages.triptease.io/static/ Frame 87F7 340 KB
110 KB 55ms
55ms Document
text/html 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeted-messages.triptease.io/static/nudge.html

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50944e22829a7e23fb86e61ca5e9879ed74c6ed9d082a4988093feb8bd70a188

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 334
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: HIT
cf-ray: 8582bc0a7c91b984-AMS
content-encoding: br
content-type: text/html
date: Tue, 20 Feb 2024 00:46:47 GMT
expires: Tue, 20 Feb 2024 00:51:13 GMT
last-modified: Tue, 13 Feb 2024 16:18:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LLhnuvTmSQrCly4urSqKK1LXue5SJdtVjZDfjQd4mE8iO6j5fANLttePdYYCR7MWvVVRJVCEXzdhdgD4%2B%2F%2BhrK3ETS6MZc%2BxrmVVLvZ3Ca%2FATJYLDXUrEZOud275aZ5BiL9aXNFh3SwpTOCqAW%2F47fVYPLVv%2BGpEcf1q1A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1707841134553807
x-goog-hash: crc32c=R5JU8A== md5=sC8wv7PkVtyyVVFMNTLZxg==
x-goog-meta-goog-reserved-file-mtime: 1707841131
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 347980
x-guploader-uploadid: ABPtcPo9ori_jCTc7nvGgbJ1M4ZLWlKfPicKP7DYW9JEdtIEJB35NRvIp4PZ5aBmoJTDe-CcHql-4otiUA

GET
H2 200 css
fonts.googleapis.com/ Frame 87F7 11 KB
2 KB 94ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/nudge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targeted-messages.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 00:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 22:46:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 00:46:47 GMT

GET
H2 200 f6147db19e24a4de4ac67af9375b4bc9.jpeg
static.triptease.io/message-porter/clients/CIVILIANHOTEL/ Frame 87F7 41 KB
42 KB 132ms
37ms Image
image/jpeg 151.101.65.182
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.triptease.io/message-porter/clients/CIVILIANHOTEL/f6147db19e24a4de4ac67af9375b4bc9.jpeg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6e6ea0684ef2c66a0ce0ba6752e18ef9fd4cf4c40526c22d6b7ebafb16a791c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targeted-messages.triptease.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 10:23:06 GMT
date: Tue, 20 Feb 2024 00:46:47 GMT
via: 1.1 varnish
surrogate-key-debug: message-porter message-porter-f6147db19e24a4de4ac67af9375b4bc9 message-porter-jpeg
strict-transport-security: max-age=31557600
age: 311021
x-guploader-uploadid: ABPtcPrE1DGQCpH6U2_UHqlVq4uKSUGYetRjO_YcM8m08zbM56M6zqFLURNM4BnzCcctF6JjEBInrLJy7w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
backend-url: /message-porter/clients/CIVILIANHOTEL/f6147db19e24a4de4ac67af9375b4bc9.jpeg
content-length: 41895
x-served-by: cache-fra-etou8220035-FRA
last-modified: Tue, 15 Aug 2023 17:15:53 GMT
server: UploadServer
x-timer: S1708390008.810294,VS0,VE1
etag: "efd5c6d163e045fa1d11d747d0cf2009"
pseudo-session-id: 265898233fcf46417caf7583fa30112f5907e38f7e78dde5db098875bad8ca20
x-goog-generation: 1692119753051356
x-goog-hash: crc32c=J0Hmpw==, md5=79XG0WPgRfodEddH0M8gCQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 41895
content-type: image/jpeg
accept-ranges: bytes
timing-allow-origin: *
pseudo-device-id: cc226b7286c738b4b18ea9f63f3804a2745c26a904f4c825f143c89369bee22e
x-cache-hits: 1

POST
H3 204 batch
onboard.triptease.io/message/ 0
477 B 177ms
177ms Ping
text/html 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Feb 2024 00:46:47 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAYcPuL533sXv9K%2B0SBi7hCuDFygOsrYbbox6erzD3C14mngCbedyxL8UDggKTfylBpJ3CFpw61N%2B2ArLgJBWCFLmKKZXc3m1Ou974hjXNdbOpk5m8RZQCdOKSEeLSIyob5Lz%2BItPd2DJJPpT1WJCE%2Btrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: f1831fd90799f702912b541b34ede7af
cf-ray: 8582bc0c4c6df0e3-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 87F7 47 KB
47 KB 114ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://targeted-messages.triptease.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 507290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 03:51:57 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 87F7 47 KB
48 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://targeted-messages.triptease.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 507290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 03:51:57 GMT

POST
H2 200 event
api.triptease.io/zappy/ 0
286 B 141ms
141ms Ping
text/plain 2606:4700:e4::ac40:ad0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.triptease.io/zappy/event?eventName=opened&eventAppName=abandonment

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ad0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Feb 2024 00:46:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.civilianhotel.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f74LEIqmwMtq5XtsbzifJ%2BdKA0QolgKUxv71aDCNRwDHxkLNLdWuzxjSn16AkqRJAJ9weSvSyTvwEuinJJjafF95HYXuOI0eTUPhRFWNtxY8kDAFVJG3IAngCxXOIikSwea6FCtgfcC%2BSUmGy4Qn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8582bc0dcd5e6f0c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 33ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4VPVFCRV55&gtm=45je42e0v894658674za200&_p=1708390003042&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=829353518.1708390003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708390003&sct=1&seg=0&dl=https%3A%2F%2Fwww.civilianhotel.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6379
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VPVFCRV55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civilianhotel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 00:46:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.civilianhotel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 batch
onboard.triptease.io/message/ 0
481 B 168ms
168ms Ping
text/html 2606:4700:e4::ac40:ac0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FGNWEXQS7JF7T6E45WZ7MNJJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ac0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Feb 2024 00:46:48 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESeemI%2F%2F4MlmGSFwcAZkgX1gUE%2FDv7s%2Bh3i5BtvDup1kteY%2FTe%2Bj1WU30sDEuuUHkAEodf3ZqR5yX1HmnDiyIkfUbkOB2uRtDCz5jQlvvkXxzPPBYBA2MzPT%2BQngSIxI0Vjue4DgSCl5kiBSvh5Wisr9Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 4d21ac7e7e4e695d6a06ea558d1a778c
cf-ray: 8582bc128905f0e3-CDG
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
301 B 123ms
123ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.civilianhotel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.civilianhotel.com
Date: Tue, 20 Feb 2024 00:46:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.civilianhotel.com/	1970-01-21 04:09:10	Name: _ga_4VPVFCRV55 Value: GS1.1.1708390003.1.0.1708390003.0.0.0
.civilianhotel.com/	1970-01-20 20:42:46	Name: _gcl_au Value: 1.1.781985402.1708390004
.civilianhotel.com/	1970-01-21 04:09:10	Name: _ga Value: GA1.2.829353518.1708390003
.civilianhotel.com/	1970-01-20 18:34:36	Name: _gid Value: GA1.2.550940771.1708390004
.civilianhotel.com/	1970-01-20 18:33:10	Name: _gat Value: 1
.civilianhotel.com/	1970-01-20 18:34:36	Name: _uetsid Value: 84ab4100cf8911ee9b31d5be650cb522
.civilianhotel.com/	1970-01-21 03:54:46	Name: _uetvid Value: 84ab4520cf8911ee80e5f54e9d9399e1
.bing.com/	1970-01-21 03:54:46	Name: MUID Value: 14A628F2F88365A31F183CD9F98364C2
.doubleclick.net/	1970-01-20 18:33:10	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 22:52:22	Name: receive-cookie-deprecation Value: 1
.civilianhotel.com/	1970-01-20 20:42:46	Name: _fbp Value: fb.1.1708390003945.1191765708
www.clarity.ms/	1970-01-21 03:18:46	Name: CLID Value: 286dd71cf91b445ca4d345d1ac1a9e1e.20240220.20250219
.civilianhotel.com/	1970-01-21 03:18:46	Name: _clck Value: 14uumda%7C2%7Cfjf%7C0%7C1511
.c.bing.com/	1970-01-20 18:43:14	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:54:46	Name: SRM_B Value: 14A628F2F88365A31F183CD9F98364C2
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:54:46	Name: MUID Value: 14A628F2F88365A31F183CD9F98364C2
.c.clarity.ms/	1970-01-20 18:43:14	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:33:10	Name: ANONCHK Value: 0
.vimeo.com/	1970-01-20 18:33:11	Name: __cf_bm Value: dxjgj82afKme0ws1XJS7hxBbN_WnYeWOQfWuVGFMhYk-1708390004-1.0-AfJOs7xJ/rvTtPoj9LOyICNNmV3J2VtciB9dXtqaM7V4Fu09JpPmOcPAjjAbdEuuQadBFYYwrA+rpjiAPViwRTk=
.civilianhotel.com/	1970-01-20 18:34:36	Name: _clsk Value: 1695j2j%7C1708390004910%7C1%7C1%7Co.clarity.ms%2Fcollect
www.civilianhotel.com/	1970-01-20 18:33:10	Name: civilian_token Value: T1RLAQIj1wQZIaHV/rz0HT96k4ffXImVXAxpp5OupVyLIrEjbBBN5dcNCR32N6ruVYh05yCIAAEgOsWMygTG6cB225/JxsAgEy9aLzRkAN0PXYTK4o5sQH+r842sRnmOEPx3TrpzNWAgqTkcy2/K2yuTC7RQLbZSvtCbx/SyORX4h2jVSXhE++uGoGmXP1AKwIgnrAULnshCWyhTI0GYZfyRoGcWsQl0ah9W6iRDA4od8+pSt0m3z7Ja6x7J3g2+HNjvdM57waJDXKcMHJjTe5AFWCOcarfLGbgWtrmcZfEB4JMi3in1Ce9W/xfBkQ0yOVaguEVrW3K80JskvDUSNhjUSk44HT0tdV8o4ViFiMzVunFzfK8Haw3nEtyQN1QM3kiZIHBV1Ywi1DMZlrfVOQQvC1LmGs98HBt8fz9J2O221d/XxdHQAOo+iXEUqWA5wZsfg2jmr1WS
.triptease.io/	1970-01-21 03:20:12	Name: triptease-user-id Value: 01HQ1ZNFEEHA99Z22G7Q5FVPWE
.triptease.io/	1970-01-20 18:33:38	Name: triptease-session-id Value: 01HQ1ZNFEE4Z3QX3P18EHWMFZG

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/181650897361672?v=2.9.147&r=stable&domain=www.civilianhotel.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.civilianhotel.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10814658.fls.doubleclick.net
adservice.google.com
api.triptease.io
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
contact-api.inguest.com
download-video.akamaized.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
messages.guest-experience.triptease.io
o.clarity.ms
onboard.triptease.io
player.vimeo.com
region1.google-analytics.com
s3.amazonaws.com
services-p1.synxis.com
services.synxis.com
static.triptease.io
targeted-messages.triptease.io
www.civilianhotel.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.68.180.169
142.250.186.166
151.101.2.133
151.101.65.182
162.159.138.60
2001:4860:4802:32::36
2606:4700:e4::ac40:ac0d
2606:4700:e4::ac40:ad0d
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2004
2a00:1450:4001:830::2003
2a02:26f0:7100::213:c669
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
44.240.80.5
45.60.155.144
45.60.243.22
52.152.143.207
52.217.82.254
68.219.88.97
0b505eb51eb7df3534832d583c92ebe36f7efb720f7abbe0b86ffa6cf3f8eff8
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
14d0e62143c44c8805185bcd6a58d080ab2159b069827a90cab10804b55e4db6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e000dc29147b02aaa77381e5792c53baace322f184fc631701d15b31e56af5e
210c7a075842f8653ffedd10e7916c4aa52ab5bf868c77598fbaec0acf6db327
27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34
2cb667769d80750e00c3b5465f689d043163187893d69c4d6399f77b71410bf4
2d11363da9a7069d56559bd8bff67935390b329d9596190eb6dc95a126d3cf4e
2fe6ce8de6af3df843f5f135eda85d64655d95746bdfd7b1e1f6749dc71af365
3514323fa4be3ed768c17e85b0fae158ae277ca4735c83de12dd0517a3aaca80
35aa0941ea47488d756b03ccd8422d8c37db9352ea022b958b3df8000fd612e6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e47ed7e42e9f1b223715d2df23de88379689748c90d9c0a77f096298a2045d5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44967af7d7413422ff93ef8e795f138ffa16e64d705bf2fcdbb164145e7d651f
46449848859ee4dfc530d7741bb88ed81f17a159859c39a87a504d264e78ffe9
486d8127fed5edcc02bbb02c18a8218cf465869923b7052eea9e8d67440374be
4be2d1f8196ed68241388c10b47438fab8e2a1cdfcb131bf09a5dad7a07c7198
50944e22829a7e23fb86e61ca5e9879ed74c6ed9d082a4988093feb8bd70a188
51b1d515ca5717973ebd9c2094d095e6358a3a90cd3dada90e11c7b15323c168
51d18670c0bfd590a9dbeffbb8d1c437cec8b68b3152411d33ffed00a46cfe24
5a58e7c2838641b8c978aee36ec0f874f9c471d301f63a54c8ea513ea972251d
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
5d3246ca1862a92cc89596df2180e7423604c5a2ce44dbfd83955633ffeb5da4
5d4d42ce3350eb8e2dfc95fede29ff3dcb96c4cb57d2f1b423ebc9b80330f06d
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fc525495440e5bc0b2adfa31b85814f65d1362f455af56c4bc94faa3445e566
66dc148b604fd11836898c1f73611a0274229ccd1382d61592207b0ab1b9b3b2
685cd6819aa9afd121da7631ba797e39a6555c0de28af8f3de1c09945dc23976
6a20e3482d5f52bc42a3df8b4fd488aab42e0de0815a7e6de93f56f37b2cd4b5
6b4ce6026b9a67267ddadaaf6351a4a842b2505a9f84df51549102869c4142d9
6e6ea0684ef2c66a0ce0ba6752e18ef9fd4cf4c40526c22d6b7ebafb16a791c6
77a1d05e0a4340224356ebe870ceb8ad1561289e7bed4681263a65ecfab43ada
88bbaebe09f6797153926c0435ac322e148f461d4fd96aa0f1407f55ba35e642
8b442299934bb2a35620f7bb27dbb4a87cf159d99e0cf9fbcc15f4875f47ae3f
90d82d5f0b36acf1bc4bab46d1783ac256667f3bf58e2f5fef5c6db0ac0d387e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b8bbddd2b11ff15305b31c42c3040bd045925dbc16cfd92c3b52ee3ea095836
a6dba5b7f6dc90dd9cb81865356f3212ded65d4a441b40be3d588ace4f81e263
b325c4ea9922fdf2a7f3860d7df4673bdf1704e3a089530fada64a6c6775af11
be847ff8e10e6dff83561458d7249d77ed5b74546110c103cd6d80a9a22b9fa8
c5572b2d13aa17a676eac508313e5ce459b0d39385d6557fe333ffef86a4a3f0
c70669431803359e9206f636b6fa849394f5147d24162a0c072583a913346ea0
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d0bffb24452fa9e8c17d913df91ff0ca8efca2351f98458a91153daf72299eb6
d2ce69a11f5de6bdc5742d80263eb1c7a27f8013d7ff7ac6d041798c05f3a235
d49a5d8262aca5d0486c917f2b51c6686165aa1fae368460ad343e028f185104
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e284434d512f51ebe7e5342fe1317817b0e0d6cc194b201d8adca646d555a68e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b9259db3e78a80ad8508554eaf953266115d3bbde2d941aa43299dacd40493
e81d3e84f2d0f0db0b0450c436b174f254089741ad8abd44eb382bdb78553661
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c118602afbf1ff15359ec4df15eb6c1e1898eaa711f585ca2b807b33180440

www.civilianhotel.com Open in urlscan Pro 13.68.180.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

96 %HTTPS

59 %IPv6

18 Domains

29 Subdomains

26 IPs

4 Countries

4332 kBTransfer

19796 kBSize

24 Cookies

9 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.civilianhotel.com Open in urlscan Pro
13.68.180.169 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

96 %
HTTPS

59 %
IPv6

18
Domains

29
Subdomains

26
IPs

4
Countries

4332 kB
Transfer

19796 kB
Size

24
Cookies

74 HTTP transactions
0 data transactions