urlscan.io logo urlscan.io
SecurityTrails logo

questor.desk.ms Open in urlscan Pro
52.54.177.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://questor.desk.ms/
Effective URL: https://questor.desk.ms/?Login
Submission: On June 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 24 domains to perform 120 HTTP transactions. The main IP is 52.54.177.168, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is questor.desk.ms.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 23rd 2024. Valid for: a year.
This is the only time questor.desk.ms was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.54.177.168 14618 (AMAZON-AES)
41 18.66.9.230 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 20.231.53.73 8075 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 13.107.42.14 8068 (MICROSOFT...)
120 27
2    52.54.177.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-177-168.compute-1.amazonaws.com
questor.desk.ms
41    18.66.9.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-9-230.txl50.r.cloudfront.net
dqnkcwgy21udk.cloudfront.net
8    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2606:4700::6810:6bfe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
2    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6812:8a11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
2    2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
12    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
api.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
forms.hubspot.com
2    2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
2    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
3    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
2    2606:4700::6812:f26c (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    2606:4700::6813:afbc (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
perf-na1.hsforms.com
4    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:3100::1735:2821 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
41 cloudfront.net
dqnkcwgy21udk.cloudfront.net
912 KB
12 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 4636
api.hubspot.com — Cisco Umbrella Rank: 5690
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4672
track.hubspot.com — Cisco Umbrella Rank: 2789
forms.hubspot.com — Cisco Umbrella Rank: 6246
33 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 776
q.clarity.ms — Cisco Umbrella Rank: 7755
c.clarity.ms — Cisco Umbrella Rank: 1472
30 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
343 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 352
www.linkedin.com Failed
px4.ads.linkedin.com — Cisco Umbrella Rank: 6457
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
4 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 5216
perf-na1.hsforms.com — Cisco Umbrella Rank: 4902
3 KB
4 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5335
forms.hscollectedforms.net — Cisco Umbrella Rank: 5451
25 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 958
17 KB
2 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 4202
2 KB
2 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2567
20 KB
2 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5805
24 KB
2 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3908
4 KB
2 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5954
92 KB
2 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2600
25 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3078
262 B
2 gstatic.com
fonts.gstatic.com
14 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2946
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
964 B
2 desk.ms
questor.desk.ms
7 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 226
761 B
1 google.de
www.google.de — Cisco Umbrella Rank: 8196
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
245 B
120 24
Domain Requested by
41 dqnkcwgy21udk.cloudfront.net questor.desk.ms
dqnkcwgy21udk.cloudfront.net
8 www.googletagmanager.com questor.desk.ms
www.googletagmanager.com
js.hsadspixel.net
4 www.facebook.com
4 px.ads.linkedin.com 1 redirects snap.licdn.com
4 connect.facebook.net js.hsadspixel.net
connect.facebook.net
4 api.hubspot.com js.usemessages.com
4 www.clarity.ms questor.desk.ms
www.clarity.ms
3 q.clarity.ms www.clarity.ms
2 snap.licdn.com js.hsadspixel.net
2 perf-na1.hsforms.com js.hubspot.com
2 forms.hubspot.com js.hsleadflows.net
2 forms.hsforms.com js.hscollectedforms.net
2 track.hubspot.com
2 c.clarity.ms 1 redirects
2 cta-service-cms2.hubspot.com js.hubspot.com
2 api.hubapi.com js.hsadspixel.net
2 forms.hscollectedforms.net js.hscollectedforms.net
2 js.hs-banner.com js.hs-scripts.com
2 js.usemessages.com js.hs-scripts.com
2 js.hubspot.com js.hs-scripts.com
2 js.hsadspixel.net js.hs-scripts.com
2 js.hsleadflows.net js.hs-scripts.com
2 js.hs-analytics.net js.hs-scripts.com
2 js.hscollectedforms.net js.hs-scripts.com
2 region1.analytics.google.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 js.hs-scripts.com www.googletagmanager.com
2 fonts.googleapis.com dqnkcwgy21udk.cloudfront.net
2 questor.desk.ms dqnkcwgy21udk.cloudfront.net
1 px4.ads.linkedin.com
1 c.bing.com 1 redirects
1 www.google.de questor.desk.ms
1 stats.g.doubleclick.net www.googletagmanager.com
0 www.linkedin.com Failed
120 34

This site contains no links.

Subject Issuer Validity Valid
*.desk.ms
Amazon RSA 2048 M03		 2024-05-23 -
2025-06-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
hs-scripts.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.de
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
hscollectedforms.net
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hs-analytics.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
hsleadflows.net
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
hsadspixel.net
E1		 2024-04-16 -
2024-07-15		 3 months crt.sh
hubspot.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
usemessages.com
E5		 2024-06-10 -
2024-09-08		 3 months crt.sh
hs-banner.com
E1		 2024-05-30 -
2024-08-28		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
hubapi.com
E1		 2024-05-04 -
2024-08-02		 3 months crt.sh
hsforms.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-22 -
2024-06-20		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://questor.desk.ms/?Login
Frame ID: F8C251CDCE241B9088F144A679DA4265
Requests: 118 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Desk Manager - pv0.11920

Page URL History Show full URLs

  1. http://questor.desk.ms/ HTTP 307
    https://questor.desk.ms/ Page URL
  2. https://questor.desk.ms/?Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

120
Requests

94 %
HTTPS

81 %
IPv6

24
Domains

34
Subdomains

27
IPs

4
Countries

1629 kB
Transfer

10420 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://questor.desk.ms/ HTTP 307
    https://questor.desk.ms/ Page URL
  2. https://questor.desk.ms/?Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://questor.desk.ms/ HTTP 307
  • https://questor.desk.ms/
Request Chain 31
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1244CCC3322949A1816EBD35A63DE992&RedC=c.clarity.ms&MXFR=1FF6B46FB33269E52CFFA0F3B732678C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1244CCC3322949A1816EBD35A63DE992&MUID=14FF06F50C1566692D8612690D15670B
Request Chain 55
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210947375&url=https%3A%2F%2Fquestor.desk.ms%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210947375&url=https%3A%2F%2Fquestor.desk.ms%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2518609%26time%3D1718210947375%26url%3Dhttps%253A%252F%252Fquestor.desk.ms%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue
Request Chain 110
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&e_ipv6=AQLbASkfwjfmggAAAZANWm0n59S-IAIHlDPmrdUIY90VtxZ-qrSCfPMMoA2DHwB24VWzweenp0Y3lfmD3yJdwIURfEBSdw

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
questor.desk.ms/
Redirect Chain
  • http://questor.desk.ms/
  • https://questor.desk.ms/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://questor.desk.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.177.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-177-168.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b0a251361bcca19373d89931b538d50c9fceb1044309a9ed5dd1d2706d7d48d1
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob:; connect-src https: wss: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode-block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2930
Content-Security-Policy
default-src https: data: blob:; connect-src https: wss: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https 'self';
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Jun 2024 16:49:06 GMT
Permissions-Policy
fullscreen=(self)
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode-block

Redirect headers

Location
https://questor.desk.ms/
Non-Authoritative-Reason
HttpsUpgrades
vazio.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		0
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/vazio.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JG1fvQnl_ZXcJCtB0UB9mZPYFBuj21D4
Date
Wed, 12 Jun 2024 16:49:06 GMT
Via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
37198
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Fri, 24 May 2024 20:55:38 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Amz-Cf-Id
qpYF7XmC40iJC69rmZzhFpCIzYiKfKTTXBbfWTcQudyFKnZh5v93fw==
font-awesome.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/font-awesome/css/font-awesome.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
282edf97932ca76b541a2e1420402fd95c6d80afc280786a46bf48e3531706b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dbzHikkWQRW7P_keDt8kC09oHdTJjOCD
Content-Encoding
gzip
Via
1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 06:29:09 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
37198
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:52:11 GMT
Server
AmazonS3
ETag
W/"02d7d68fb7cbf3d55179cf03b5e6dbbb"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
-Pk_WJ71wABqvgXhGEnU9SVW1uq5xEvacv83MU-mB5476XDPytVwnQ==
All.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		78 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/All.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87f84683d303dac45e1e4fc65774eaa0391fd88f345e9f0ee062fc68afe43629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
IeG35YATBaA_pcsVidR9ZirTPx_BYI0G
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 09:30:49 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
26298
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:55:32 GMT
Server
AmazonS3
ETag
W/"dc5c0109e9e116c401ed1233559b4ae0"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
6PdmV9OJkbmjHQuN9neCY-PBcHYDkuU2Ip5yZW-QzZ-qJ5KrJChA7A==
All.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		617 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d253d20cf19dda5cc3a47f0ed794a3e8d40f74abac397b374dd69383dc5f0079

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5RhIP0N7TrN7y1r3S7afOahkp3LDry1P
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 16:49:07 GMT
Last-Modified
Fri, 24 May 2024 20:53:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
x-amz-server-side-encryption
AES256
ETag
W/"25a1aebbf58296cce17f5583fa3513b0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Sd5htTpgReN-NUh52p7xsqVyW54ZLLW_ZMYnRVogvedb-Zwaqrcr7g==
allCustom.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/allCustom.css
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/css/All.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09a51053b8317e6764e6cfb53fb87e9063e8222bc05f29ab2344a368abffa223

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/All.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
QXkcD6b6pQ8BrBy8uGyyJa7bKQRpVEQK
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Tue, 11 Jun 2024 19:15:20 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
77627
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:55:04 GMT
Server
AmazonS3
ETag
W/"4b20f099ee80213ae3cfd92eb8800f18"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
yjWEtK9T4SL4z01yEtzWV8qWua3krKyMe7s9Z9V4aTGBSPFnba7lEQ==
gtm.js
www.googletagmanager.com/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9d8c4c665733aff8d382f550598591d7a4b011f27a441421ac9ab6968c6e821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71745
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:05:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 16:49:06 GMT
custom_bootstrap.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		122 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/custom_bootstrap.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d74423c09b8659df309364c953b5e8544ba64412c69b53351bc1308dcac79d38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
V8y00CiblU1yThT9LNg7lBk8hI0TDbK7
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 06:29:09 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
37198
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:55:09 GMT
Server
AmazonS3
ETag
W/"8d517065b9d5e58cccf249af4ea85a37"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
0BT74y5d_jktGQ4yo0ZJuyPu0-Go_rd-H4ZO_br2afCDOrdWM56lvQ==
css2
fonts.googleapis.com/ 		2 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Hanken+Grotesk&display=swap
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/css/custom_bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d06d2384a7901aaebd55b5a9f87792d138c647f0c07f2ec6b5d6dd19542f0bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dqnkcwgy21udk.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 16:49:06 GMT
js
www.googletagmanager.com/gtag/ 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KD88S5DBVB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cab0adca69fd4bb72a925a4e08174c1ece631c320db90bc6d2ae895fe0ba114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107098
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 16:49:06 GMT
kj8t742ax9
www.clarity.ms/tag/ 		1022 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/kj8t742ax9
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e95fb73135475ea18de0d170c9ffb9c6b82495b9825cb802e363d255cfc655e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Wed, 12 Jun 2024 16:49:06 GMT
x-azure-ref
20240612T164906Z-16577d9575dtkpws23hyetcq9g0000000e50000000018dwp
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1022
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
2750159.js
js.hs-scripts.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2750159.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4a68bf94e39090211f6c1c4362a33d9be4215b26b1cbb664ff7d57e97839f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
362684a8-741d-46db-aa3b-edf9e4f4df6a
x-envoy-upstream-service-time
7
content-length
733
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
362684a8-741d-46db-aa3b-edf9e4f4df6a
last-modified
Wed, 12 Jun 2024 15:35:25 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-q6689
access-control-allow-credentials
true
cache-control
public, max-age=90
accept-ranges
bytes
cf-ray
892b55114ae73620-FRA
expires
Wed, 12 Jun 2024 16:50:36 GMT
ieVq2YZDLWuGJpnzaiwFXS9tYvBRzyFLlZg_f_Ncs2Zq5vBM.woff2
fonts.gstatic.com/s/hankengrotesk/v8/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hankengrotesk/v8/ieVq2YZDLWuGJpnzaiwFXS9tYvBRzyFLlZg_f_Ncs2Zq5vBM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hanken+Grotesk&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294ebb02701a56535ef031d4a241cb7621aa16dbd12ea934a5e1c3e518194b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:14:18 GMT
x-content-type-options
nosniff
age
106488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13512
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:14:18 GMT
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KD88S5DBVB&gtm=45je46a0v890046393z89165546404za200zb9165546404&_p=1718210946612&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=989936454.1718210947&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718210946&sct=1&seg=0&dl=https%3A%2F%2Fquestor.desk.ms%2F&dt=Desk%20Manager%20-%20pv0.11920&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=802
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KD88S5DBVB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 16:49:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://questor.desk.ms
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KD88S5DBVB&cid=989936454.1718210947&gtm=45je46a0v890046393z89165546404za200zb9165546404&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KD88S5DBVB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 16:49:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://questor.desk.ms
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KD88S5DBVB&cid=989936454.1718210947&gtm=45je46a0v890046393z89165546404za200zb9165546404&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1754813531
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 16:49:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kj8t742ax9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240612T164906Z-16577d9575dtkpws23hyetcq9g0000000e50000000018dx9
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collectedforms.js
js.hscollectedforms.net/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4abbc8dea2f611b4eb50afc252d13326.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD66-C2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
6cfad149-3d6c-4c4a-b281-5a4984b3764f
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=892b55124ad51bdb-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6cfad149-3d6c-4c4a-b281-5a4984b3764f
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc
cf-ray
892b55124ad51bdb-FRA
x-amz-cf-id
3XjpvwTGiGH5w8dVyklarp3hq_6loMgz4fAeKAe6_qCt6Vn67S7_MA==
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
2750159.js
js.hs-analytics.net/analytics/1718210700000/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1718210700000/2750159.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
833176ac289284248db70b0f8f0cb58b27ffa6401da5a0a9c4dbc4632549a130

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
J26QPWQKQKXFRRJ8
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
74edbbee-ab94-48a7-b3ad-709614aa00fc
x-envoy-upstream-service-time
21
x-amz-id-2
jAt5GqDhutTGRF9jZDQsH3PrM/6qt/63/OB6XPbwF85MmaUw3FsGuq2tLoYdcxm7oK2gSE0k0o4=
x-evy-trace-listener
listener_https
x-request-id
74edbbee-ab94-48a7-b3ad-709614aa00fc
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 30 May 2024 20:50:42 GMT
server
cloudflare
etag
W/"7bbd3333cdafc5688844d3a7bf8b92af"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
892b55124a373a90-FRA
expires
Wed, 12 Jun 2024 16:54:07 GMT
leadflows.js
js.hsleadflows.net/ 		551 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=892b55125cfa193b-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 657550dfe2740440cd2d2c5a84cf231e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
x-hubspot-correlation-id
3b27e1aa-6f99-443d-adb3-90ddb726b2d7
x-cache
RefreshHit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
43
x-evy-trace-route-configuration
listener_https/all
x-request-id
3b27e1aa-6f99-443d-adb3-90ddb726b2d7
last-modified
Thu, 30 May 2024 10:22:15 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray
892b55125cfa193b-FRA
x-amz-cf-id
Lr4KLeDD87GoB9rbXbL6n5UfVW15mTYyDWxST6dypbKtrIoZIZTmfg==
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
x-amz-version-id
tGbAtiolnAFnleIlWBGAzvQOiFsm5cIW
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cc6ada872dd8799739f0e62dddda7c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
IAD66-C2
age
152
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.563/bundles/pixels-release.js&cfRay=892b515719ac1e62-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
bf839b94-ee96-4809-9ba5-34e194daa2fe
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bf839b94-ee96-4809-9ba5-34e194daa2fe
last-modified
Thu, 30 May 2024 14:14:49 UTC
server
cloudflare
etag
W/"7f1cb0f6264fd05edb4cc0ec6a9bc096"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
MISS
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs
cf-ray
892b55124d459f38-FRA
x-amz-cf-id
o7aihLGrUGhAvK-orVWH7Ij857MTaSW2xp8Avg4MHJJ53jb7sWvwmg==
x-hs-target-asset
adsscriptloaderstatic/static-1.563/bundles/pixels-release.js
web-interactives-embed.js
js.hubspot.com/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af4c240d46b3e99eea9ccbfd9c0c1c856c710a5ed3692f455767a96224171b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1159/bundles/project.js&cfRay=892b55125dde9742-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"e6c06eb0663c717e3d4635531672a1e1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1159/bundles/project.js
date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
V4YhUHRJMuZkqxb1cpgehoNLVpfwce83
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 e04ec889239bf67ef206ad086add2d7a.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD66-C2
x-hubspot-correlation-id
d2e5217c-4feb-4053-991c-0758337d12d7
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-request-id
d2e5217c-4feb-4053-991c-0758337d12d7
last-modified
Mon, 03 Jun 2024 20:17:08 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYy85JSJie0dRPUDII8JIvVeAnYO%2BvRaelJD5NwiLj981Lrxu5yj1MsfsUOgO6yYIpoLfNCFgEPMhkmg%2F%2FjdRtlt0pNERxQAVkqMTB3R%2FpmwPaVM7zgHMTspbULD%2FqyL1K5XVeGt740r5puD"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-mgch5
cf-ray
892b55125dde9742-FRA
x-amz-cf-id
_kM1v0mod4gNUGcoQ0S67LijOhUCoky4tM2nyyJsqatJAuQeI0pJyw==
conversations-embed.js
js.usemessages.com/ 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20bd02250754a948fbcc58aa7e59f35dfcc67f595cc385dc4a783a70285b084
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
x-amz-version-id
PfN7MH7uvCEBD7IJ.VpxI5cYGUFBy9yE
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8bc7362fccd25faee5866bbedff892ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
IAD66-C2
age
261
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16595/bundles/project.js&cfRay=892b4ead6ccb1c20-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
0ed77ff7-8022-44ac-ae8b-a821a027ec7d
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0ed77ff7-8022-44ac-ae8b-a821a027ec7d
last-modified
Tue, 11 Jun 2024 19:30:53 UTC
server
cloudflare
etag
W/"35a43ae53765dc29e2b3074b27db9b07"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs
cf-ray
892b5512595137e6-FRA
x-amz-cf-id
LaOIVziZYHe9Ri4SYVNgkABDlCnTq6ANv8uX_rbYIPJscD8tvr6eOQ==
x-hs-target-asset
conversations-embed/static-1.16595/bundles/project.js
2750159.js
js.hs-banner.com/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2750159.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e532cc815a2b6c80e05a9151e5829c73a8d360307aa5e6750868c0189ffb85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
ArQ48ZUUSNWxZwP5byBmAke4UkfOraur
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
67S82ZQFQ9HHJEMB
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
b8238d2c-225b-4baa-8678-21c999d12802
x-envoy-upstream-service-time
23
x-amz-id-2
DjSH0Ks17UCY/lD6O9NuTcZXvkNtMRv1pAJveNgF8JjLo0lGJ5z4NAzS6wjHBg3r/uBS/GTUX5o=
x-evy-trace-listener
listener_https
x-request-id
b8238d2c-225b-4baa-8678-21c999d12802
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 17 May 2024 16:10:15 GMT
server
cloudflare
etag
W/"77548dabcae0551e1f20298b43713c2f"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://alliancelaundry.desk.ms
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
892b551258cc0394-FRA
expires
Wed, 12 Jun 2024 16:54:07 GMT
collect
q.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://questor.desk.ms
Date
Wed, 12 Jun 2024 16:49:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Base.html
dqnkcwgy21udk.cloudfront.net/view/11920/html/ 		61 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/html/Base.html
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
274f464d21b75ece5bc3f18b1830163ce54c8a0ce1e4044d0ab31e2f781a95e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tiFY_XOCh7kPV3pMZoF6O5yCYSnLBdj0
Content-Encoding
gzip
Via
1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 11:52:33 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
17795
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:54:51 GMT
Server
AmazonS3
ETag
W/"b85b6afee6c7411849c51121f6ab2035"
Access-Control-Max-Age
315360000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, HEAD
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Id
CQDh5yk2sRoGtOWjkJf7obsCEokeC9xgZsr5jGORaooTdg1TDkLIjg==
public
api.hubspot.com/livechat-public/v1/message/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2750159&conversations-embed=static-1.16595&mobile=false&messagesUtk=85470fe9689047de91a8586b22dadc31&traceId=85470fe9689047de91a8586b22dadc31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://questor.desk.ms
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://questor.desk.ms
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
892b55131eeb9742-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Wed, 12 Jun 2024 16:49:07 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPhjXcvoNV2Gp6r%2B0K0xyEMK%2BW22rDdpmX4cKmzcVqrINt5mugDnHZAaNnfezZAltxiKBHBkeNcnweM4uyDtTkExL9sgyENK4VL8UkhQ07yeZ6xW9lrakZ0HIzSmeYd7BT29lKiT0b0y8N2%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-5kbgp
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
9481dd51-cae9-41b9-bcef-67717c1d74c3
x-request-id
9481dd51-cae9-41b9-bcef-67717c1d74c3
public
api.hubspot.com/livechat-public/v1/message/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2750159&conversations-embed=static-1.16595&mobile=false&messagesUtk=85470fe9689047de91a8586b22dadc31&traceId=85470fe9689047de91a8586b22dadc31
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c859edfac3be2897f2b3b43ce986806ac3029c8aea3cce4f3acda9c0bd0adc7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-HubSpot-Messages-Uri
https://questor.desk.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
817c4959-0f2b-4336-8bb3-d88203327919
x-envoy-upstream-service-time
12
content-length
204
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
817c4959-0f2b-4336-8bb3-d88203327919
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-h4629
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32G9fPJqwQLb0NVs5PplXpmdaNJjjU93akqwlqgBb4xaWUtGJN%2BCQRL7cXq9RRK%2Bc3Fzv0MU2ozSpgpeb2jeieqvRqJEZpttMSTFG4DLjRHhQtfKs9OIl8AscYx7lezFzz9oPxZZnU6aLn8FEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
892b5513e8199742-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		134 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2750159&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd6f05818c97c560b3a3f27b9cf099018e6a2348d8153af645494ee3d64a693
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fc729771-cbf3-42ee-9fba-59f23c00e358
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fc729771-cbf3-42ee-9fba-59f23c00e358
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-zjnrr
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
892b55132c751bdb-FRA
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		254 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=2750159
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f26c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040357836fc833a651332d4996cd2d40c108dd1431482503e37f6f5b2142d708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fed24c6c-7922-4d1c-b5c4-16b6ee5d805c
content-encoding
br
x-envoy-upstream-service-time
20
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fed24c6c-7922-4d1c-b5c4-16b6ee5d805c
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-l9tqr
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVoQm4kV8VjtaKxTt4kKkH7Eb6ukazDdUb8%2BRrnMOLupN8q2iN2PckhblYq5Dk22qcvRYJhiBlMOn5s4xtvOB%2BbPO4pt7HqVadgsK%2BlgZJ%2BM5F5K6Rb8tVZHNldCIVePc7Qi2ADndfpbfBOI"}],"group":"cf-nel","max_age":604800}
cf-ray
892b5513790c9208-FRA
access-control-allow-headers
*
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2750159&currentUrl=https%3A%2F%2Fquestor.desk.ms%2F
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
67ff3687-bce2-413e-8c58-cd2642b77ed9
content-encoding
br
x-envoy-upstream-service-time
28
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
67ff3687-bce2-413e-8c58-cd2642b77ed9
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FqpMK05SZpK1%2B4PuTu%2BwrIjLf3oqB%2Ft7A8O%2B7CG9mWGfzt6Z3upbmmPXC92VBCLOkPt%2BT%2BcyoV9QJAWZYRUbm%2BDpX9idkRZs7%2F9kkebkrOZyeEYqc%2B%2Ffjl4ouTFq6ZsMDqHgMmT5IcUvZETEAioA06VTmhLGD1NSRU%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
892b55136f629742-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-cgx6f
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1244CCC3322949A1816EBD35A63DE992&RedC=c.clarity.ms&MXFR=1FF6B46FB33269E52CFFA0F3B732678C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1244CCC3322949A1816EBD35A63DE992&MUID=14FF06F50C1566692D8612690D15670B
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1244CCC3322949A1816EBD35A63DE992&MUID=14FF06F50C1566692D8612690D15670B
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://questor.desk.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 16:49:06 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 12 Jun 2024 16:49:07 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 89CBA835F6374A6FB3DCB33A00496466 Ref B: FRAEDGE1810 Ref C: 2024-06-12T16:49:07Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1244CCC3322949A1816EBD35A63DE992&MUID=14FF06F50C1566692D8612690D15670B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=2750159&pu=https%3A%2F%2Fquestor.desk.ms%2F&t=Desk+Manager+-+pv0.11920&cts=1718210947124&vi=c790edefd5fe0980ddd8e983ef1c35ed&nc=true&u=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&b=237219605.1.1718210947123&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ce9d03d3-e88a-4ee5-a365-ffe9ff6e39ba
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ce9d03d3-e88a-4ee5-a365-ffe9ff6e39ba
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2h718iFuOWN9sGRx4o3BTht9vXYYPPOCpWcpmVZ0wX%2Fcf5RZ9mea7h%2FKbF2g%2FE0aodgtQyrSk%2FQBefkq6obvdmI93B3WcS3%2BV85xkWwx3m3Sngr1IgSlQy2kVo%2F%2FQ39%2F34cK2C1pIB8m5F41f%2Fj"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-9kkj8
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
892b5513bdf4903d-FRA
x-robots-tag
none
favicon.ico
dqnkcwgy21udk.cloudfront.net/view/11920/img/ 		235 B
813 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1c949a70b3545f02e19796097b1b812bbabbfbc715021cffd9189bb49b407d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GfS8QAN8ARy5ttg1xWgS4aHIZhq_AQGB
Date
Tue, 11 Jun 2024 17:37:47 GMT
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
83480
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
235
Last-Modified
Fri, 24 May 2024 20:54:11 GMT
Server
AmazonS3
ETag
"44e6ed42bc95f4bf5d5cbe3275ac3c00"
Vary
Accept-Encoding
Content-Type
image/x-icon
Accept-Ranges
bytes
X-Amz-Cf-Id
120XiCTAurvAQRZTMpQMEFYa_63MQYleTMRM53-wNDEr-7PNr4XeQA==
en-US.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/lang/ 		283 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/lang/en-US.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
794f63279c1c4ea930b2bb33a3944d0ac21e02e09e784c6b15cd5cb481d1bb85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
u8ShG8HmYy4iRRg6FDfaVW8cDreRrd8I
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 16:49:07 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
19939
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:52:06 GMT
Server
AmazonS3
ETag
W/"3064a9049f7779db12dbf8c64ecea286"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
8J9rLZuZqqZU5WaWw2cctcpM64kxN2zAXRncVedjtJbAGfZKLJTrlw==
GameP3_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP3_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b2b924ac506f389e6f88bf51c91bb0a83b373e9bce73fd5a8e112f6554d02de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r.89Y4QHbw.wwQSTJdAHiA9NfZB2peNS
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
20782
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
32190
Last-Modified
Mon, 19 Feb 2024 10:05:46 GMT
Server
AmazonS3
ETag
"a26163d87eea19ff58910d2c4782cd46"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
aE9CJRm8DQb4XGyaTCDg2psuuBy3k-ppp3zuetv99pegrHb19buuaQ==
GameP1_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP1_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e8b3bdef9214b7f901a3cbc8919b498fd4fcc3fd018a0e9892090ab891f3ff3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
xUrCVt6Fz2Qnthalm1p.oyGANIEjThUy
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
20782
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
31373
Last-Modified
Mon, 19 Feb 2024 10:05:47 GMT
Server
AmazonS3
ETag
"f616b46f6a2ebd1cbafdc2e9a2e14398"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
nr3IpA62ZyJLu3eAhMBRExpnUX6UdDMEERruLFU3Q1ZtVoj_gLt6Qg==
GameP2_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP2_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fd53744fc2e90f90accb0876f553f39ce49ac53a136284659b7c09c8fc0eff2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
eyuvZ5LiPvn.efUSp.soTpwpFybFdzSD
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
14884
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
36456
Last-Modified
Mon, 19 Feb 2024 10:05:47 GMT
Server
AmazonS3
ETag
"d7a923cba83fc0ebef6bedacd55d3e69"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
zyuCYRAZORS2Pe1ipQSvx0eP71tVbn6UrrJugOiwSFBGfjuX__vuEQ==
GameP6_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP6_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ebcde96c12067d8db86303e1b34a7d622c23774d64c45fe9c267b57d5ed99db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
c28T05LzObzpxx2PJrQzYyjpc_OaCr3F
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 7cf524d1fa602798b1b3fa2d471489ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
78941
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
34387
Last-Modified
Mon, 19 Feb 2024 10:05:44 GMT
Server
AmazonS3
ETag
"35ae1b8bca933996d2aaf2591c8d8a4e"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
UMCITiYNw3uT33Ke7c0WQ5OndcqVZl5kn_vgM-SbNXGb5qI8Od78bA==
GameP4_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP4_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
x8b7kZKpNkBFqo2MS039ra6Z4ANaYOlN
Date
Wed, 12 Jun 2024 16:49:08 GMT
Via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
Last-Modified
Mon, 19 Feb 2024 10:05:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
x-amz-server-side-encryption
AES256
ETag
"88f80fa6f33f9121ae41a4a7df319156"
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29845
X-Amz-Cf-Id
0n9n-ubpxPMYCXfDYv5Hi3A5qpYkKtiYdWrIIWSUV5lBxGT-5aIxiQ==
GameP5_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP5_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a25668c3c1a9f8e43e7f8853f67bf8fcb8a7f092e9ae6bb2dbab4d2f5a34cd0f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
d5Yzclvj8.LdajQiegkmyA2yvMUF1krN
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
20780
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29320
Last-Modified
Mon, 19 Feb 2024 10:05:44 GMT
Server
AmazonS3
ETag
"0c01bc0c6d1b1b1cdc73f1032eaf5a08"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
hnIFoio38kFAQYmTkKMJyBTqj1J7b0NcHU52b8Iu5r-9T-VWUhmG8w==
matrizprioridade_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/matrizprioridade_v1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8985b65c2d2e00dade4dc412cd79a66a60d9a5d78392f774101b6d32cbb680f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
d0YLxYGk0baROmVziH29q47V4ETDtqpp
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
21040
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3577
Last-Modified
Tue, 16 Apr 2024 19:05:52 GMT
Server
AmazonS3
ETag
"43b0b3ed0c2981e0fa662b511fd90711"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
KCfDvqWuA1FAsxNxNQoqG1xP8UXFdEroM0lYn3kmwiHnz0cV1Wv90w==
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
68ab26ca-918f-4383-9fcd-86d89d34274a
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
68ab26ca-918f-4383-9fcd-86d89d34274a
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-cgx6f
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
892b551409809751-FRA
Library.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		147 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/Library.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99164d2e4d00784e19a254f0e58cece549ebb47872dff4d1e89edc796a5a0cea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U_QcUSyZEBGW0bBlMTjq5iL9dXd_LCNH
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Date
Tue, 11 Jun 2024 19:20:26 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
77322
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:53:43 GMT
Server
AmazonS3
ETag
W/"5a54648e2060f98d8d55ee1d60a9d549"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
BIrBZm2IqQC-hi9laQhtTF-2_RHvN8611ORbGRAk4pM80NUqq1EY3A==
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2750159&utk=c790edefd5fe0980ddd8e983ef1c35ed&__hstc=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&__hssc=237219605.1.1718210947123&currentUrl=https%3A%2F%2Fquestor.desk.ms%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec64f26414df0bccad30358d7083668c9473494c327b94d9b01425ae98814c60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
26f2fde0-4b5d-479a-ab42-e367d9b6421e
content-encoding
br
x-envoy-upstream-service-time
36
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
26f2fde0-4b5d-479a-ab42-e367d9b6421e
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-mtbpb
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6WrkUW0gVtiD2o27YxXUItIEAsL9wHjGm1%2F%2FtXBBeqKHZo7A4%2FWa6Eh182U4l7KFjXNqRxL5gantK1%2FRaZOHRiSJ%2FVszzVe3F2RtKptvW9X5BLBnJlhj7HilRHlKfe43zKbXepRoW1pF5UcyWEb"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
892b5514288a9742-FRA
App.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		221 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/App.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54be46d79a3f136dfd2875a907c7e05f333f555e9a3022091b13d7be2e016c69

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GDs1rjEA5wdTK1Q19RpLCjxS.EMSmL8j
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 15:33:11 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
4557
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:53:40 GMT
Server
AmazonS3
ETag
W/"617463597b3338d1617c64dee76bc7ae"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
P_seYUvb2UukmkuAPhve0WqQIeER6WxRDDy_M8ec4FNobrQV0GQYVA==
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
88a1f067-0255-4491-9f11-6685c4a63ed4
x-envoy-upstream-service-time
12
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
88a1f067-0255-4491-9f11-6685c4a63ed4
last-modified
Wed, 12 Jun 2024 16:49:07 GMT
server
cloudflare
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-4xq5s
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
892b55146a069751-FRA
js
www.googletagmanager.com/gtag/ 		236 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-989789527
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a82e9e90e79c56229948a3b2209a07d4455c2a9478a4e89e8fd7b8f234a389d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85955
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:05:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 16:49:07 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-989789527&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6cc08504ca83f56a2cb4623e2139f0dd418448dee34a5764c28a586010a4baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86020
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:05:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 16:49:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 16:49:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
qmE7dgVOjckUmFn5aN/nH5Pe/6a6PZE4TaNZGUf3DjncNUszUuLunuUkLwKMbbkIUimbNXuoWOYl+yVrfPpKvA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2024 16:52:20 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=74043
accept-ranges
bytes
content-length
16683
Menu.html
dqnkcwgy21udk.cloudfront.net/view/11920/html/ 		275 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/html/Menu.html
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Access-Control-Max-Age
315360000
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, HEAD
Access-Control-Allow-Origin
*
X-Cache
Error from cloudfront
Content-Type
application/xml
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Connection
keep-alive
X-Amz-Cf-Id
Btw42SbIfxZLPxXf6XY_CMtAp_HnxwOQrIDMFSl5Ef1QXgGtUmq_Xw==
Controller.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		1 MB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/Controller.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6cc3d481f10caa11b8bb8c1354a32868a07d71a5f18969bd669fa3b1eb3a51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 12:25:12 GMT
x-amz-version-id
.5SP9cKC15T6o82zESCJyHc3Tl9LkYMT
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
15835
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:53:43 GMT
Server
AmazonS3
ETag
W/"e68d93628051dee18fc395049466d1fa"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
aWsaKFlDA-gi0TxC5QA8lwWZQdG1268UXbdM5UixMbGVqekH_WSJWw==
1352160858747540
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1352160858747540?v=2.9.157&r=stable&domain=questor.desk.ms&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a1887221a20f20d79b7f28ecda9f9a587fa0114de8532110ec2f9c9893c7462
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 16:49:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1328, tbw=63459, tp=-1, tpl=-1, uplat=125, ullat=0
pragma
public
x-fb-debug
ZaSi9SPOIbBDaEtMdfRyh3OLUeMhDQVZw8xWkR5QBuk15yUc2rlV9daxC0icX7KF0iQOI4sgG7N7gdfjxLvJbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		2 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2518609&time=1718210947375&url=https%3A%2F%2Fquestor.desk.ms%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 622F0BADD6694E14A49168E4FBD15DD5 Ref B: FRAEDGE1708 Ref C: 2024-06-12T16:49:07Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYatCksaZB8v0Wirap15A==
x-fs-uuid
00061ab4292c69907cbf45a2adaa75e4
li_sync
www.linkedin.com/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210947375&url=https%3A%2F%2Fquestor.desk.ms%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210947375&url=https%3A%2F%2Fquestor.desk.ms%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2518609%26time%3D1718210947375%26url%3Dhttps%253A%252F%252Fquestor.desk.ms%252F%2...
0
0
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1352160858747540&ev=PageView&dl=https%3A%2F%2Fquestor.desk.ms%2F&rl=&if=false&ts=1718210947468&sw=1600&sh=1200&ud[external_id]=c790edefd5fe0980ddd8e983ef1c35ed&v=2.9.157&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718210947467.828682812837935579&ler=empty&cdl=API_unavailable&it=1718210947326&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Jun 2024 16:49:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1352160858747540&ev=PageView&dl=https%3A%2F%2Fquestor.desk.ms%2F&rl=&if=false&ts=1718210947468&sw=1600&sh=1200&ud[external_id]=c790edefd5fe0980ddd8e983ef1c35ed&v=2.9.157&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718210947467.828682812837935579&ler=empty&cdl=API_unavailable&it=1718210947326&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0a544ed6bbf1ef52","source_keys":["1","2"]},{"key_piece":"0x5105f5d89c531976","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 12 Jun 2024 16:49:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3095, tp=-1, tpl=-1, uplat=233, ullat=0
pragma
no-cache
x-fb-debug
joiEjJv8vFfEhV66XteItwmFCEDeiFsel6kschO+EA39JdJxcvAR9G91eQNSQtdYvsjFso1CzFczeYhN2EoCbQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Primary Request /
questor.desk.ms/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://questor.desk.ms/?Login
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/App.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.177.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-177-168.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b0a251361bcca19373d89931b538d50c9fceb1044309a9ed5dd1d2706d7d48d1
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob:; connect-src https: wss: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode-block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://questor.desk.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2930
Content-Security-Policy
default-src https: data: blob:; connect-src https: wss: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https 'self';
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Jun 2024 16:49:07 GMT
Permissions-Policy
fullscreen=(self)
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode-block
collect
q.clarity.ms/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0
collect
q.clarity.ms/ 		0
0
vazio.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/vazio.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/?Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JG1fvQnl_ZXcJCtB0UB9mZPYFBuj21D4
Date
Wed, 12 Jun 2024 16:49:06 GMT
Via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
Last-Modified
Fri, 24 May 2024 20:55:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Age
37198
x-amz-server-side-encryption
AES256
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
0
X-Amz-Cf-Id
qpYF7XmC40iJC69rmZzhFpCIzYiKfKTTXBbfWTcQudyFKnZh5v93fw==
font-awesome.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/font-awesome/css/ 		30 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/font-awesome/css/font-awesome.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/?Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
282edf97932ca76b541a2e1420402fd95c6d80afc280786a46bf48e3531706b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dbzHikkWQRW7P_keDt8kC09oHdTJjOCD
Content-Encoding
gzip
Via
1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 06:29:09 GMT
Last-Modified
Fri, 24 May 2024 20:52:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Age
37198
x-amz-server-side-encryption
AES256
ETag
W/"02d7d68fb7cbf3d55179cf03b5e6dbbb"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
X-Amz-Cf-Id
-Pk_WJ71wABqvgXhGEnU9SVW1uq5xEvacv83MU-mB5476XDPytVwnQ==
All.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		78 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/All.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/?Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87f84683d303dac45e1e4fc65774eaa0391fd88f345e9f0ee062fc68afe43629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
IeG35YATBaA_pcsVidR9ZirTPx_BYI0G
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 09:30:49 GMT
Last-Modified
Fri, 24 May 2024 20:55:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Age
26298
x-amz-server-side-encryption
AES256
ETag
W/"dc5c0109e9e116c401ed1233559b4ae0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
X-Amz-Cf-Id
6PdmV9OJkbmjHQuN9neCY-PBcHYDkuU2Ip5yZW-QzZ-qJ5KrJChA7A==
All.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		617 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/?Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d253d20cf19dda5cc3a47f0ed794a3e8d40f74abac397b374dd69383dc5f0079

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5RhIP0N7TrN7y1r3S7afOahkp3LDry1P
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 16:49:07 GMT
Last-Modified
Fri, 24 May 2024 20:53:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
x-amz-server-side-encryption
AES256
ETag
W/"25a1aebbf58296cce17f5583fa3513b0"
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
X-Amz-Cf-Id
Sd5htTpgReN-NUh52p7xsqVyW54ZLLW_ZMYnRVogvedb-Zwaqrcr7g==
allCustom.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		22 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/allCustom.css
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/css/All.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09a51053b8317e6764e6cfb53fb87e9063e8222bc05f29ab2344a368abffa223

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/All.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
QXkcD6b6pQ8BrBy8uGyyJa7bKQRpVEQK
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Tue, 11 Jun 2024 19:15:20 GMT
Last-Modified
Fri, 24 May 2024 20:55:04 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Age
77627
x-amz-server-side-encryption
AES256
ETag
W/"4b20f099ee80213ae3cfd92eb8800f18"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
X-Amz-Cf-Id
yjWEtK9T4SL4z01yEtzWV8qWua3krKyMe7s9Z9V4aTGBSPFnba7lEQ==
gtm.js
www.googletagmanager.com/ 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/?Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9d8c4c665733aff8d382f550598591d7a4b011f27a441421ac9ab6968c6e821
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 16:05:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71745
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 16:49:06 GMT
custom_bootstrap.min.css
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		122 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/custom_bootstrap.min.css
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/?Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d74423c09b8659df309364c953b5e8544ba64412c69b53351bc1308dcac79d38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
V8y00CiblU1yThT9LNg7lBk8hI0TDbK7
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 06:29:09 GMT
Last-Modified
Fri, 24 May 2024 20:55:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Age
37198
x-amz-server-side-encryption
AES256
ETag
W/"8d517065b9d5e58cccf249af4ea85a37"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
X-Amz-Cf-Id
0BT74y5d_jktGQ4yo0ZJuyPu0-Go_rd-H4ZO_br2afCDOrdWM56lvQ==
css2
fonts.googleapis.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Hanken+Grotesk&display=swap
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/css/custom_bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d06d2384a7901aaebd55b5a9f87792d138c647f0c07f2ec6b5d6dd19542f0bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dqnkcwgy21udk.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 16:49:06 GMT
ieVq2YZDLWuGJpnzaiwFXS9tYvBRzyFLlZg_f_Ncs2Zq5vBM.woff2
fonts.gstatic.com/s/hankengrotesk/v8/ 		13 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hankengrotesk/v8/ieVq2YZDLWuGJpnzaiwFXS9tYvBRzyFLlZg_f_Ncs2Zq5vBM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hanken+Grotesk&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294ebb02701a56535ef031d4a241cb7621aa16dbd12ea934a5e1c3e518194b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:14:18 GMT
x-content-type-options
nosniff
age
106488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13512
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:14:18 GMT
Base.html
dqnkcwgy21udk.cloudfront.net/view/11920/html/ 		61 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/html/Base.html
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
274f464d21b75ece5bc3f18b1830163ce54c8a0ce1e4044d0ab31e2f781a95e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tiFY_XOCh7kPV3pMZoF6O5yCYSnLBdj0
Content-Encoding
gzip
Via
1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 11:52:33 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
17795
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Last-Modified
Fri, 24 May 2024 20:54:51 GMT
Server
AmazonS3
ETag
W/"b85b6afee6c7411849c51121f6ab2035"
Access-Control-Max-Age
315360000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, HEAD
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Id
CQDh5yk2sRoGtOWjkJf7obsCEokeC9xgZsr5jGORaooTdg1TDkLIjg==
GameP3_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP3_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b2b924ac506f389e6f88bf51c91bb0a83b373e9bce73fd5a8e112f6554d02de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r.89Y4QHbw.wwQSTJdAHiA9NfZB2peNS
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
20782
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
32190
Last-Modified
Mon, 19 Feb 2024 10:05:46 GMT
Server
AmazonS3
ETag
"a26163d87eea19ff58910d2c4782cd46"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
aE9CJRm8DQb4XGyaTCDg2psuuBy3k-ppp3zuetv99pegrHb19buuaQ==
GameP1_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP1_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e8b3bdef9214b7f901a3cbc8919b498fd4fcc3fd018a0e9892090ab891f3ff3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
xUrCVt6Fz2Qnthalm1p.oyGANIEjThUy
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
20782
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
31373
Last-Modified
Mon, 19 Feb 2024 10:05:47 GMT
Server
AmazonS3
ETag
"f616b46f6a2ebd1cbafdc2e9a2e14398"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
nr3IpA62ZyJLu3eAhMBRExpnUX6UdDMEERruLFU3Q1ZtVoj_gLt6Qg==
GameP2_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP2_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fd53744fc2e90f90accb0876f553f39ce49ac53a136284659b7c09c8fc0eff2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
eyuvZ5LiPvn.efUSp.soTpwpFybFdzSD
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
14884
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
36456
Last-Modified
Mon, 19 Feb 2024 10:05:47 GMT
Server
AmazonS3
ETag
"d7a923cba83fc0ebef6bedacd55d3e69"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
zyuCYRAZORS2Pe1ipQSvx0eP71tVbn6UrrJugOiwSFBGfjuX__vuEQ==
GameP6_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP6_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ebcde96c12067d8db86303e1b34a7d622c23774d64c45fe9c267b57d5ed99db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
c28T05LzObzpxx2PJrQzYyjpc_OaCr3F
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 7cf524d1fa602798b1b3fa2d471489ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
78941
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
34387
Last-Modified
Mon, 19 Feb 2024 10:05:44 GMT
Server
AmazonS3
ETag
"35ae1b8bca933996d2aaf2591c8d8a4e"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
UMCITiYNw3uT33Ke7c0WQ5OndcqVZl5kn_vgM-SbNXGb5qI8Od78bA==
GameP4_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP4_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b73b9aeec82d0bddec20adb59c126448b2e116f918f35f63adf728edd4e240e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
x8b7kZKpNkBFqo2MS039ra6Z4ANaYOlN
Date
Wed, 12 Jun 2024 16:49:08 GMT
Via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
Last-Modified
Mon, 19 Feb 2024 10:05:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
x-amz-server-side-encryption
AES256
ETag
"88f80fa6f33f9121ae41a4a7df319156"
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29845
X-Amz-Cf-Id
0n9n-ubpxPMYCXfDYv5Hi3A5qpYkKtiYdWrIIWSUV5lBxGT-5aIxiQ==
GameP5_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/msg/gamification/GameP5_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a25668c3c1a9f8e43e7f8853f67bf8fcb8a7f092e9ae6bb2dbab4d2f5a34cd0f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
d5Yzclvj8.LdajQiegkmyA2yvMUF1krN
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
20780
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29320
Last-Modified
Mon, 19 Feb 2024 10:05:44 GMT
Server
AmazonS3
ETag
"0c01bc0c6d1b1b1cdc73f1032eaf5a08"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
hnIFoio38kFAQYmTkKMJyBTqj1J7b0NcHU52b8Iu5r-9T-VWUhmG8w==
matrizprioridade_v1.png
dqnkcwgy21udk.cloudfront.net/sistema/layout/images/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/sistema/layout/images/matrizprioridade_v1.png
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8985b65c2d2e00dade4dc412cd79a66a60d9a5d78392f774101b6d32cbb680f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
d0YLxYGk0baROmVziH29q47V4ETDtqpp
Date
Wed, 12 Jun 2024 16:49:07 GMT
Via
1.1 bdb480ba487636e194d63f984ed846f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
21040
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3577
Last-Modified
Tue, 16 Apr 2024 19:05:52 GMT
Server
AmazonS3
ETag
"43b0b3ed0c2981e0fa662b511fd90711"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
KCfDvqWuA1FAsxNxNQoqG1xP8UXFdEroM0lYn3kmwiHnz0cV1Wv90w==
en-US.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/lang/ 		283 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/lang/en-US.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
794f63279c1c4ea930b2bb33a3944d0ac21e02e09e784c6b15cd5cb481d1bb85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
u8ShG8HmYy4iRRg6FDfaVW8cDreRrd8I
Content-Encoding
gzip
Via
1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 16:49:07 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
19939
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:52:06 GMT
Server
AmazonS3
ETag
W/"3064a9049f7779db12dbf8c64ecea286"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
8J9rLZuZqqZU5WaWw2cctcpM64kxN2zAXRncVedjtJbAGfZKLJTrlw==
js
www.googletagmanager.com/gtag/ 		314 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KD88S5DBVB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cab0adca69fd4bb72a925a4e08174c1ece631c320db90bc6d2ae895fe0ba114
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107098
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 16:49:06 GMT
kj8t742ax9
www.clarity.ms/tag/ 		885 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/kj8t742ax9
Requested by
Host: questor.desk.ms
URL: https://questor.desk.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2672a8522efc9ce2cf7d9fe367bec42915055e0cbb9e4b96ef9cd5deb4db6abe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Wed, 12 Jun 2024 16:49:08 GMT
x-azure-ref
20240612T164908Z-16577d9575dtkpws23hyetcq9g0000000e50000000018e0w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
885
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
2750159.js
js.hs-scripts.com/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2750159.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4a68bf94e39090211f6c1c4362a33d9be4215b26b1cbb664ff7d57e97839f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
362684a8-741d-46db-aa3b-edf9e4f4df6a
x-envoy-upstream-service-time
7
content-length
733
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
362684a8-741d-46db-aa3b-edf9e4f4df6a
last-modified
Wed, 12 Jun 2024 15:35:25 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-q6689
access-control-allow-credentials
true
cache-control
public, max-age=90
accept-ranges
bytes
cf-ray
892b55114ae73620-FRA
expires
Wed, 12 Jun 2024 16:50:36 GMT
Library.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		147 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/Library.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99164d2e4d00784e19a254f0e58cece549ebb47872dff4d1e89edc796a5a0cea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U_QcUSyZEBGW0bBlMTjq5iL9dXd_LCNH
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Date
Tue, 11 Jun 2024 19:20:26 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
77322
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:53:43 GMT
Server
AmazonS3
ETag
W/"5a54648e2060f98d8d55ee1d60a9d549"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
BIrBZm2IqQC-hi9laQhtTF-2_RHvN8611ORbGRAk4pM80NUqq1EY3A==
App.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/App.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54be46d79a3f136dfd2875a907c7e05f333f555e9a3022091b13d7be2e016c69

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GDs1rjEA5wdTK1Q19RpLCjxS.EMSmL8j
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Date
Wed, 12 Jun 2024 15:33:11 GMT
X-Amz-Cf-Pop
TXL50-P1
Age
4557
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:53:40 GMT
Server
AmazonS3
ETag
W/"617463597b3338d1617c64dee76bc7ae"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
P_seYUvb2UukmkuAPhve0WqQIeER6WxRDDy_M8ec4FNobrQV0GQYVA==
MenuLogin.html
dqnkcwgy21udk.cloudfront.net/view/11920/html/ 		221 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/html/MenuLogin.html
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1abf9993c96de1ecf12a7587ed38bfde08eb1943485aa3d6f2a89bf8822463c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 16:49:09 GMT
x-amz-version-id
IhcWcUkgJ9QpxW7reimGgxbKYlpg3USG
Via
1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
221
Last-Modified
Fri, 24 May 2024 20:54:42 GMT
Server
AmazonS3
ETag
"4f1e521fc2e5d7fb5e846391c38ac0fc"
Access-Control-Max-Age
315360000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, HEAD
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
WEHanukxKu6AgzRJj4kaOuy4k2W_cPQHw9nMdPv_FkUwIO_roBkmOQ==
Controller.min.js
dqnkcwgy21udk.cloudfront.net/view/11920/js/ 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/js/Controller.min.js
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/js/All.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6cc3d481f10caa11b8bb8c1354a32868a07d71a5f18969bd669fa3b1eb3a51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 12:25:12 GMT
x-amz-version-id
.5SP9cKC15T6o82zESCJyHc3Tl9LkYMT
Content-Encoding
gzip
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
15835
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 24 May 2024 20:53:43 GMT
Server
AmazonS3
ETag
W/"e68d93628051dee18fc395049466d1fa"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
aWsaKFlDA-gi0TxC5QA8lwWZQdG1268UXbdM5UixMbGVqekH_WSJWw==
collectedforms.js
js.hscollectedforms.net/ 		69 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4abbc8dea2f611b4eb50afc252d13326.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD66-C2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
6cfad149-3d6c-4c4a-b281-5a4984b3764f
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=892b55124ad51bdb-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6cfad149-3d6c-4c4a-b281-5a4984b3764f
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc
cf-ray
892b55124ad51bdb-FRA
x-amz-cf-id
3XjpvwTGiGH5w8dVyklarp3hq_6loMgz4fAeKAe6_qCt6Vn67S7_MA==
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
2750159.js
js.hs-analytics.net/analytics/1718210700000/ 		69 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1718210700000/2750159.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
833176ac289284248db70b0f8f0cb58b27ffa6401da5a0a9c4dbc4632549a130

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
J26QPWQKQKXFRRJ8
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
74edbbee-ab94-48a7-b3ad-709614aa00fc
x-envoy-upstream-service-time
21
x-amz-id-2
jAt5GqDhutTGRF9jZDQsH3PrM/6qt/63/OB6XPbwF85MmaUw3FsGuq2tLoYdcxm7oK2gSE0k0o4=
x-evy-trace-listener
listener_https
x-request-id
74edbbee-ab94-48a7-b3ad-709614aa00fc
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 30 May 2024 20:50:42 GMT
server
cloudflare
etag
W/"7bbd3333cdafc5688844d3a7bf8b92af"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
892b55124a373a90-FRA
expires
Wed, 12 Jun 2024 16:54:07 GMT
leadflows.js
js.hsleadflows.net/ 		551 KB
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://questor.desk.ms/
If-None-Match
W/"be45bdb720f44c8db4ee42bc228ff2a8"
If-Modified-Since
Thu, 30 May 2024 10:22:15 UTC
sec-ch-ua-platform
"Win32"

Response headers

x-evy-trace-route-service-name
envoyset-translator
age
1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=892b55125cfa193b-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date
Wed, 12 Jun 2024 16:49:08 GMT
x-amz-version-id
HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
via
1.1 657550dfe2740440cd2d2c5a84cf231e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD66-C2
x-hubspot-correlation-id
3b27e1aa-6f99-443d-adb3-90ddb726b2d7
x-cache
RefreshHit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
43
x-evy-trace-route-configuration
listener_https/all
x-request-id
3b27e1aa-6f99-443d-adb3-90ddb726b2d7
last-modified
Thu, 30 May 2024 10:22:15 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray
892b5519dffd193b-FRA
x-amz-cf-id
Lr4KLeDD87GoB9rbXbL6n5UfVW15mTYyDWxST6dypbKtrIoZIZTmfg==
fb.js
js.hsadspixel.net/ 		6 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
x-amz-version-id
tGbAtiolnAFnleIlWBGAzvQOiFsm5cIW
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cc6ada872dd8799739f0e62dddda7c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
IAD66-C2
age
152
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.563/bundles/pixels-release.js&cfRay=892b515719ac1e62-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
bf839b94-ee96-4809-9ba5-34e194daa2fe
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bf839b94-ee96-4809-9ba5-34e194daa2fe
last-modified
Thu, 30 May 2024 14:14:49 UTC
server
cloudflare
etag
W/"7f1cb0f6264fd05edb4cc0ec6a9bc096"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
MISS
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs
cf-ray
892b55124d459f38-FRA
x-amz-cf-id
o7aihLGrUGhAvK-orVWH7Ij857MTaSW2xp8Avg4MHJJ53jb7sWvwmg==
x-hs-target-asset
adsscriptloaderstatic/static-1.563/bundles/pixels-release.js
web-interactives-embed.js
js.hubspot.com/ 		82 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af4c240d46b3e99eea9ccbfd9c0c1c856c710a5ed3692f455767a96224171b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Origin
https://questor.desk.ms
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1159/bundles/project.js&cfRay=892b55125dde9742-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"e6c06eb0663c717e3d4635531672a1e1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1159/bundles/project.js
date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
V4YhUHRJMuZkqxb1cpgehoNLVpfwce83
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 e04ec889239bf67ef206ad086add2d7a.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD66-C2
x-hubspot-correlation-id
d2e5217c-4feb-4053-991c-0758337d12d7
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-request-id
d2e5217c-4feb-4053-991c-0758337d12d7
last-modified
Mon, 03 Jun 2024 20:17:08 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYy85JSJie0dRPUDII8JIvVeAnYO%2BvRaelJD5NwiLj981Lrxu5yj1MsfsUOgO6yYIpoLfNCFgEPMhkmg%2F%2FjdRtlt0pNERxQAVkqMTB3R%2FpmwPaVM7zgHMTspbULD%2FqyL1K5XVeGt740r5puD"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-mgch5
cf-ray
892b55125dde9742-FRA
x-amz-cf-id
_kM1v0mod4gNUGcoQ0S67LijOhUCoky4tM2nyyJsqatJAuQeI0pJyw==
conversations-embed.js
js.usemessages.com/ 		85 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20bd02250754a948fbcc58aa7e59f35dfcc67f595cc385dc4a783a70285b084
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
x-amz-version-id
PfN7MH7uvCEBD7IJ.VpxI5cYGUFBy9yE
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8bc7362fccd25faee5866bbedff892ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
IAD66-C2
age
261
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16595/bundles/project.js&cfRay=892b4ead6ccb1c20-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
0ed77ff7-8022-44ac-ae8b-a821a027ec7d
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0ed77ff7-8022-44ac-ae8b-a821a027ec7d
last-modified
Tue, 11 Jun 2024 19:30:53 UTC
server
cloudflare
etag
W/"35a43ae53765dc29e2b3074b27db9b07"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs
cf-ray
892b5512595137e6-FRA
x-amz-cf-id
LaOIVziZYHe9Ri4SYVNgkABDlCnTq6ANv8uX_rbYIPJscD8tvr6eOQ==
x-hs-target-asset
conversations-embed/static-1.16595/bundles/project.js
2750159.js
js.hs-banner.com/ 		67 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2750159.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2750159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e532cc815a2b6c80e05a9151e5829c73a8d360307aa5e6750868c0189ffb85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-amz-version-id
ArQ48ZUUSNWxZwP5byBmAke4UkfOraur
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
67S82ZQFQ9HHJEMB
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
b8238d2c-225b-4baa-8678-21c999d12802
x-envoy-upstream-service-time
23
x-amz-id-2
DjSH0Ks17UCY/lD6O9NuTcZXvkNtMRv1pAJveNgF8JjLo0lGJ5z4NAzS6wjHBg3r/uBS/GTUX5o=
x-evy-trace-listener
listener_https
x-request-id
b8238d2c-225b-4baa-8678-21c999d12802
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 17 May 2024 16:10:15 GMT
server
cloudflare
etag
W/"77548dabcae0551e1f20298b43713c2f"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://alliancelaundry.desk.ms
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
892b551258cc0394-FRA
expires
Wed, 12 Jun 2024 16:54:07 GMT
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2750159&currentUrl=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&utk=c790edefd5fe0980ddd8e983ef1c35ed&__hstc=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&__hssc=237219605.1.1718210947123&referrer=https%3A%2F%2Fquestor.desk.ms%2F
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fb72afd0-b770-4744-899f-8df84eded9f5
content-encoding
br
x-envoy-upstream-service-time
64
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fb72afd0-b770-4744-899f-8df84eded9f5
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9P66EU0n0rpj%2ButgsE2RHUmSdy6DY41ynmBBdLKqOPiiGZZPl5orI1t9i4HKdZKNq1G2n6e3e7at%2BmAl%2FAwIXehvSvXmPkPch7tP%2F2ciK2LjGg%2B14gYZo11LQnTda0TBBx8veNFfeox%2B1XPsjLAnm8bnW5AL27VkP4%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
892b5519e9f59742-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fnshr
public
api.hubspot.com/livechat-public/v1/message/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2750159&conversations-embed=static-1.16595&mobile=false&messagesUtk=657d7a351ce14452bd92dbacbe41de91&traceId=657d7a351ce14452bd92dbacbe41de91&hubspotUtk=c790edefd5fe0980ddd8e983ef1c35ed&__hstc=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&__hssc=237219605.1.1718210947123&referrer=https%3A%2F%2Fquestor.desk.ms%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://questor.desk.ms
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://questor.desk.ms
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
892b5519f9fd9742-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Wed, 12 Jun 2024 16:49:08 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXhJovLQN5JalZnM9GQcoQBf%2BVzqfzAw4gt2eMzECeME5PPSLC7B6RlkUo7%2Fsn7SAM8r%2BlSdBBeFW6X3fcG64vjS0p7UbPpm%2B5IXk0uTLGcRRThtB8iLNKgsw0smsuehNkfeTn2u5lj1oottxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-5qls7
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
af992615-f584-4246-9801-3c042281f3ee
x-request-id
af992615-f584-4246-9801-3c042281f3ee
public
api.hubspot.com/livechat-public/v1/message/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2750159&conversations-embed=static-1.16595&mobile=false&messagesUtk=657d7a351ce14452bd92dbacbe41de91&traceId=657d7a351ce14452bd92dbacbe41de91&hubspotUtk=c790edefd5fe0980ddd8e983ef1c35ed&__hstc=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&__hssc=237219605.1.1718210947123&referrer=https%3A%2F%2Fquestor.desk.ms%2F
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd66fe1060ad6eb5b8b7c108d78cf68a9b263e669c00c6364fc257db410651d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-HubSpot-Messages-Uri
https://questor.desk.ms/?Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5f5fd997-06d5-4585-a9d7-e1242ab591f4
x-envoy-upstream-service-time
34
content-length
212
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5f5fd997-06d5-4585-a9d7-e1242ab591f4
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-6pxvl
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUppe66Echhhm7LfgCRC0JFKRZtS%2BIQSPGO%2FpWmTQxmg12bA%2BiaPqOBzfeSN9cLOfuI794mMGO5r9JuBaSb8RjQGTgeh3pxm%2FtzJZhhA66ChNG5tlO2jXb2zmnWbug4wosRukdRU8e7YBKPjEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
892b551aeb6d9742-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		254 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=2750159
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f26c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040357836fc833a651332d4996cd2d40c108dd1431482503e37f6f5b2142d708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2ef67a78-38f2-42f9-a9c5-fde035b6583f
content-encoding
br
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2ef67a78-38f2-42f9-a9c5-fde035b6583f
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-j8hrk
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6NGZqTRuRYijSLV5nu0XCp3oDzAVE4qrclXmlB4a6J8kJVDFKDQxe4XdjlwuIcVS7ZbeDxsLpmE4vDieS7payufgIoc52Senl%2BCJO%2BlD%2FxZg9Z2AEv0PAt%2FKQ3ohQ%2FW3pYIyJ3LijUVCZVU"}],"group":"cf-nel","max_age":604800}
cf-ray
892b5519f8239208-FRA
access-control-allow-headers
*
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		134 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2750159&utk=c790edefd5fe0980ddd8e983ef1c35ed
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd6f05818c97c560b3a3f27b9cf099018e6a2348d8153af645494ee3d64a693
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5895bad9-28b8-484a-bcc8-c43f5c70ca3e
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5895bad9-28b8-484a-bcc8-c43f5c70ca3e
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
892b551a0f241bdb-FRA
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KD88S5DBVB&gtm=45je46a0v890046393z89165546404za200zb9165546404&_p=1718210948067&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=989936454.1718210947&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sid=1718210946&sct=1&seg=1&dl=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&dr=https%3A%2F%2Fquestor.desk.ms%2F&dt=Desk%20Manager%20-%20pv0.11920&_s=1&tfd=513
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KD88S5DBVB&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 16:49:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://questor.desk.ms
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kj8t742ax9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:06 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240612T164906Z-16577d9575dtkpws23hyetcq9g0000000e50000000018dx9
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
__ptq.gif
track.hubspot.com/ 		45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=2750159&r=https%3A%2F%2Fquestor.desk.ms%2F&pu=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&t=Desk+Manager+-+pv0.11920&cts=1718210948243&vi=c790edefd5fe0980ddd8e983ef1c35ed&nc=false&u=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&b=237219605.2.1718210947123&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a0c83e34-ec32-4b91-977e-ca55490a29a2
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a0c83e34-ec32-4b91-977e-ca55490a29a2
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XeY5l9LBGBqcVP05qwZPNOQpL%2FtoF3Kwzbls3v%2BNkdGFgfhcpWMkCzPFaNs%2BRWwX2T7tRkwDJBmk1xMdiIUtPPQK%2Fes8Sxz2%2BPuJZIQv%2Fh4bPzVyQ%2FbnkA0KIbbQDWO0CplOTdlb94eAhyJsGrTG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-djmcg
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
892b551a8ed5903d-FRA
x-robots-tag
none
favicon.ico
dqnkcwgy21udk.cloudfront.net/view/11920/img/ 		235 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1c949a70b3545f02e19796097b1b812bbabbfbc715021cffd9189bb49b407d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GfS8QAN8ARy5ttg1xWgS4aHIZhq_AQGB
Date
Tue, 11 Jun 2024 17:37:47 GMT
Via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
Last-Modified
Fri, 24 May 2024 20:54:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P1
Age
83480
x-amz-server-side-encryption
AES256
ETag
"44e6ed42bc95f4bf5d5cbe3275ac3c00"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
235
X-Amz-Cf-Id
120XiCTAurvAQRZTMpQMEFYa_63MQYleTMRM53-wNDEr-7PNr4XeQA==
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=15
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a6097d99-7358-4528-9fd1-f689d43afa23
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a6097d99-7358-4528-9fd1-f689d43afa23
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-wqgrm
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
892b551acce79751-FRA
js
www.googletagmanager.com/gtag/ 		236 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-989789527
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a82e9e90e79c56229948a3b2209a07d4455c2a9478a4e89e8fd7b8f234a389d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85955
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:05:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 16:49:07 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-989789527&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8BV4ZS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6cc08504ca83f56a2cb4623e2139f0dd418448dee34a5764c28a586010a4baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86020
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 16:05:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 16:49:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 16:49:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
qmE7dgVOjckUmFn5aN/nH5Pe/6a6PZE4TaNZGUf3DjncNUszUuLunuUkLwKMbbkIUimbNXuoWOYl+yVrfPpKvA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2024 16:52:20 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=74043
accept-ranges
bytes
content-length
16683
1352160858747540
connect.facebook.net/signals/config/ 		57 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1352160858747540?v=2.9.157&r=stable&domain=questor.desk.ms&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a1887221a20f20d79b7f28ecda9f9a587fa0114de8532110ec2f9c9893c7462
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 16:49:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1328, tbw=63459, tp=-1, tpl=-1, uplat=125, ullat=0
pragma
public
x-fb-debug
ZaSi9SPOIbBDaEtMdfRyh3OLUeMhDQVZw8xWkR5QBuk15yUc2rlV9daxC0icX7KF0iQOI4sgG7N7gdfjxLvJbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		2 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6F6F9F67A18541178673211AC9C79230 Ref B: FRAEDGE1708 Ref C: 2024-06-12T16:49:08Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYatCk6NjPGILPDuuC6Lg==
x-fs-uuid
00061ab4293a3633c620b3c3bae0ba2e
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&e_ipv6=AQLbASkfwjfmggAAAZANWm0n59S-IAIHlDPmrdUIY90VtxZ-qrSCfPMMoA2DHwB24V...
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&e_ipv6=AQLbASkfwjfmggAAAZANWm0n59S-IAIHlDPmrdUIY90VtxZ-qrSCfPMMoA2DHwB24VWzweenp0Y3lfmD3yJdwIURfEBSdw
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://questor.desk.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 16:49:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 13B43EED223541AF8B9A32C3A3E1C20D Ref B: FRAEDGE1208 Ref C: 2024-06-12T16:49:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYatCk9NAl7IMqgVzy0EQ==

Redirect headers

date
Wed, 12 Jun 2024 16:49:08 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 22F406BB933A4EC2B904474FA8B29613 Ref B: FRAEDGE1919 Ref C: 2024-06-12T16:49:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2518609&time=1718210948305&url=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&e_ipv6=AQLbASkfwjfmggAAAZANWm0n59S-IAIHlDPmrdUIY90VtxZ-qrSCfPMMoA2DHwB24VWzweenp0Y3lfmD3yJdwIURfEBSdw
x-li-proto
http/2
content-length
0
x-li-uuid
AAYatCk6RpUnAgA2lOBRxA==
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1352160858747540&ev=PageView&dl=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&rl=https%3A%2F%2Fquestor.desk.ms%2F&if=false&ts=1718210948311&sw=1600&sh=1200&ud[external_id]=c790edefd5fe0980ddd8e983ef1c35ed&v=2.9.157&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718210947467.828682812837935579&ler=empty&cdl=API_unavailable&it=1718210948301&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1328, tbw=6325, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Jun 2024 16:49:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1352160858747540&ev=PageView&dl=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin&rl=https%3A%2F%2Fquestor.desk.ms%2F&if=false&ts=1718210948311&sw=1600&sh=1200&ud[external_id]=c790edefd5fe0980ddd8e983ef1c35ed&v=2.9.157&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718210947467.828682812837935579&ler=empty&cdl=API_unavailable&it=1718210948301&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0a544ed6bbf1ef52","source_keys":["1","2"]},{"key_piece":"0x5105f5d89c531976","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 12 Jun 2024 16:49:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1328, tbw=6494, tp=-1, tpl=-1, uplat=106, ullat=0
pragma
no-cache
x-fb-debug
Kpze3HGxhirYjX70uyx/KvpQ0+culQocQCaEMLChjd7UbN+avGwmuKTh9fLTJ8qmjL6w6gKBquCFoIAV2hJR0g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2750159&utk=c790edefd5fe0980ddd8e983ef1c35ed&__hstc=237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1&__hssc=237219605.2.1718210947123&referrer=https%3A%2F%2Fquestor.desk.ms%2F&currentUrl=https%3A%2F%2Fquestor.desk.ms%2F%3FLogin
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7945c4289b0cea588a944b23a4e33b18122ba0f1ce05116e8e07a7edf3c4826c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
8b9a73be-c027-4b48-b606-62dc1e425646
content-encoding
br
x-envoy-upstream-service-time
127
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8b9a73be-c027-4b48-b606-62dc1e425646
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://questor.desk.ms
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-pzx94
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59Yn%2B5ZNm6dkto6Y6musVRj5jqz2UMImWD%2Fyw%2BFm6a7PrwI8WSn3b9fx%2FkFLG5oAzIrPTDLO2QyQu99Rh0dFnjHeD90kM8A2YAOstb7qMauyT7fYtJp2p%2BFxsoAcol5RyQgeAk%2B6ZVqzu%2Fdq9jz0"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
892b551b1bad9742-FRA
collect
q.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://questor.desk.ms
Date
Wed, 12 Jun 2024 16:49:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
59c84c59-c7ab-482b-8934-2cbe901c2c92
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
59c84c59-c7ab-482b-8934-2cbe901c2c92
last-modified
Wed, 12 Jun 2024 16:49:08 GMT
server
cloudflare
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-nr4kt
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
892b551b2df49751-FRA
wallpaper_v7.jpg
dqnkcwgy21udk.cloudfront.net/view/11920/css/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/wallpaper_v7.jpg
Requested by
Host: dqnkcwgy21udk.cloudfront.net
URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/css/allCustom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-230.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c47766233014fb32b672e6824c885134723c72f159cf648e79446bc6f2f220fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dqnkcwgy21udk.cloudfront.net/view/11920/css/allCustom.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
_7ntXM19._RKrIGQycvo7ve9d6x7SSdp
Date
Wed, 12 Jun 2024 11:25:14 GMT
Via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL50-P1
Age
19435
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
69018
Last-Modified
Fri, 24 May 2024 20:55:33 GMT
Server
AmazonS3
ETag
"7dbdc32acf7a573a02706bdb1893326b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
YaZrpo7S5H8UjwQlucF-mm0xa_Xu13DK0xjBvo5bllVyKEX0gkWmSA==
/
px.ads.linkedin.com/wa/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://questor.desk.ms/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 16:49:08 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4625A917170A44FCB04537CC8B7E6942 Ref B: FRAEDGE1919 Ref C: 2024-06-12T16:49:08Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://questor.desk.ms
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYatClD8Fr3riFshsZFJA==
collect
q.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://questor.desk.ms/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://questor.desk.ms
Date
Wed, 12 Jun 2024 16:49:09 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.linkedin.com
URL
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2518609%26time%3D1718210947375%26url%3Dhttps%253A%252F%252Fquestor.desk.ms%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue
Domain
q.clarity.ms
URL
https://q.clarity.ms/collect
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KD88S5DBVB&gtm=45je46a0v890046393z89165546404za200zb9165546404&_p=1718210946612&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=989936454.1718210947&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1718210946&sct=1&seg=1&dl=https%3A%2F%2Fquestor.desk.ms%2F&dt=Desk%20Manager%20-%20pv0.11920&en=page_view&_et=2&tfd=2018
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KD88S5DBVB&gtm=45je46a0v890046393za200zb9165546404&_p=1718210946612&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTQ1Zm&cid=989936454.1718210947&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=3&sid=1718210946&sct=1&seg=1&dl=https%3A%2F%2Fquestor.desk.ms%2F&dt=Desk%20Manager%20-%20pv0.11920&en=user_engagement&_et=1212&tfd=2019
Domain
q.clarity.ms
URL
https://q.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

582 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer object| appDirect number| sh object| css object| LZString object| $jscomp function| $ function| jQuery function| eve function| Raphael object| Morris function| moment string| locatonTemp number| version string| hashTemp object| versionTemp string| errologinTemp string| loginexternoTemp string| dgdTemp object| google_tag_manager object| google_tag_data function| clarity object| L number| glbUpdateFile object| glbABIcones object| glbACAC object| glbACACUsu object| glbCHide boolean| tmpJSAudio function| hashChangeTemp function| criaMenuPermissao function| populaDGD function| populaModalTaskChamado function| urlAgendamento function| geraLinkChamado function| populaPAC function| populaPS function| populaPA function| populaPL function| populaPAF function| populaPAM string| glbSuporteDMS function| menuOperadorSuporte function| showThumbnail function| populaFormCustomChamadoPS function| populaFormCustomRelatorio function| populaFormCustomCadastroExterno function| retornoGridPopulaColunaCustomPS function| exibeAlertaPonto function| retornoGridAplicaCorBotaoPAGenerico function| retornoGridPopulaColunaCustomChamados function| retornoGridPopulaColunasCustom function| PopulaColunasCustom function| dgdChamadosSuporte function| retornoSalvarMarcaBotaoRoxoTemplate function| populaFormCustomChamadoHistoricos function| exibeEditarCategorizarGrid function| callNenhumRegistro function| populaPanelPC function| permissaoAnexos function| continuarLendo function| createHTMLCamposExtras function| renderHTMLCamposExtras function| fbsPSSalvar function| fbsCSSalvar undefined| EditorMaestroRequestCronHTTP undefined| EditorMaestroResponseCronHTTP function| fbsCMSalvar undefined| EditorMaestroTablesHTTP undefined| EditorMaestroTablesKanbanHTTP function| fbsTMSalvar undefined| EditorARMaestroJFiltros function| fbsARMSalvar undefined| EditorDARelatorios function| fbsDARSalvar function| rodapeDespesas function| rodapePesquisaSatisfacao function| rodapeGamePesos function| rodapeTablesCMaestro function| getTemporadaGame function| getPodio function| modalChamadosAnexos function| htmlInfoSolicitante function| widthConversation function| previewFileConversa function| scrollBottomTmp function| espacoURL function| mascarasCamposExtras function| alertResultMyLocationCh string| glbChave undefined| thisTLC undefined| attrTLC function| tlChamado function| testIdMicrosoft function| ARMaestro function| DACustom number| sDAglb function| removeDisabled function| adicionaDisabled object| glbAppConf string| glbLC string| glbLang string| glbVersion object| glbColors object| glbSearch object| glbHostName string| glbSubDominio string| glbAppName number| glbWVAndroid boolean| glbWViOS boolean| glbIE number| glbWidth object| glbAbortAjax undefined| glbTimerPanel string| glbTempSSJSON boolean| glbRFEditar function| unique function| urlify function| sleep function| urlphone function| feT function| containsValue function| resizeBarraStatus function| accentsToCharCode function| escapeTags function| decodeEntities function| cLineGrid function| formataCamposModalAlt function| formataValor function| populaBuscaAjaxFormAlt function| populaFilesAlt function| validaPermissaoLista function| criaDataFiltro function| direcionaPagamento function| requiredMsgErro function| formataNumero function| pad function| utcCalc function| dataAtual function| horaAtual function| dataRev function| diaFixo function| mesAnoFixoRev function| mesAnoFixoRevMin function| traduzMes function| somaDias function| somaHoras function| somaDataVencimento function| loadJS function| loadFunction function| direcionaUsuario function| criaHtmlArquivos function| criaBaseGridPadrao function| aplicaCorBotaoPA function| carregaGridPadrao function| permissaoBotoes function| modalLoginTipo function| geraUrl function| fbsExportar function| removeVirgulas function| marcaIntervaloCheckbox function| requiredImportar function| processaImportacao string| h function| hashChange function| ocultaMenu function| dGD function| cNavegacao function| slideShowVisualiza function| slideShowActive function| slideShowLinhas function| populaModalGridSS function| agrupaColunasSS function| configuracaoSS function| colunaSS undefined| pSS function| startTimerSS function| renderizarSS function| toggleFullScreen function| visRefresh function| vis undefined| intervalBarraTmp number| iBarraTmp function| barraTop function| timerPanelAnimate function| timerPanelPlay function| somaSQL0 function| somaSQL1 function| colorSQL0 function| colorSQL1 function| colorBar0 function| colorBar1 function| renderDA function| criaFiltroDA function| callDA function| formatoEditarEntitiesDecode function| formatoEditarUTF8Decode function| formatoEditarEntitiesDecode2 function| formatoEditarFormataTextoCompleto function| formatoHtmlRProximoE function| formatoHtmlExportConcat function| formatoHtmlOperVinc function| formatoHtmlChVinc function| formatoHtmlSeVazioDefaultTodos function| formatoHtmlSeVazioDefaultTodosLixeira function| formatoHtmlSeZero function| formatoHtmlStsProj function| formatoHtmlCL function| formatoHtmlTraduzIdioma function| formatoHtmlCountComma function| formatoHtmlCountPipe function| formatoHtmlCount function| formatoHtmlQuantidadeAutoCategoria function| formatoHtmlQuantidadeClientes function| formatoHtmlQuantidadeGrupos function| formatoHtmlQuantidadeIcs function| formatoHtmlQuantidadeChamados function| formatoHtmlQuantidadeNotas function| formatoHtmlConcatConfigChamado function| formatoHtmlTipoSomenteTraducao function| formatoEditarCheckbox function| formatoHtmlSimNao function| formatoHtmlFMPC function| formatoHtmlValorReal function| formatoHtmlSimNaoRep function| formatoHtmlSimNaoCheck function| formatoHtmlTipoLogAcesso function| formatoHtmlConcatSmallTraduzDataHoraPortal function| formatoHtmlConcatSmallTraduzDataHora function| formatoHtmlTraduzDataHora function| formatoHtmlDataMin function| traduzDataHora function| htmlTooltip function| tempoRevFormat function| formatoHtmltempoRevFormatMinuto function| formatoHtmltempoRevFormatHora function| formatoHtmlTempoRevFormatHora function| formatoHtmlTempoRevFormatHoraTooltip function| formatoHtmlTempoRevFormatMinutoTooltip function| formatoHtmlConcatSmallTempoHora function| TimeToSec function| formatoHtmlTimeToRevFormatMinuto function| formatoHtmlMinutoToRevFormatMinuto function| formatoHtmlSegundoToRevFormatMinuto function| formatoHtmlSegundoToRevFormatHora function| formatoHtmlSegundoToRevFormatHoraMinutoSegundo function| formatoHtmlMinutoToRevFormatMinutoCounter function| formatoHtmlLimitStr function| formatoHtmlLimitStrToolTip function| formatoHtmlConcatSmall function| toObj function| formatoHtmlConcatSmallDefault function| formatoHtmlDefaultTooltip function| formatoHtmlTooltipCE function| formatoHtmlConcatSmallDefaultTooltip function| formatoHtmlCEOrdem function| formatoHtmlConcatSmallClienteChamado function| formatoHtmlConcatSmallCapitalize function| formatoHtmlConcat function| formatoHtmlConcatTags function| formatoHtmlConcatSmallCapitalizeOperadorGrupo function| formatoHtmlGridOperadorGrupoChamado function| formatoHtmlConcatLixeira function| formatoHtmlHRealPrev function| formatoHtmlHGastoOrcamento function| formatoHtmlColDataPrevista function| formatoHtmlConcatSmallLixeira function| formatoHtmlConcatSmallLixeiraBr function| formatoHtmlConcatSmallLixeiraCapitalize function| formatoHtmlConcatFavorito function| formatoEditarFormataNumero function| formatoHtmlFormataMoeda function| formatoEditarImgCloudFront function| formatoHtmlImg128 function| formatoHtmlIconAnexos function| formatoHtmlIcone function| formatoHtmlIconMediaAS function| formatoHtmlIconFluxos function| formatoBATraduz function| formatoBAChamadoFilho function| formatoBAChamadoPai function| formatoBACodOperador function| formatoBALicOperador function| formatoBAStatusSla function| formatoBATransferirOperador function| formatoHtmlTraduzRelatorioTipo function| formatoHtmlATTipo function| formatoHtmlCMTipo function| formatoHtmlOpersMin function| formatoHtmlConcatSmallDecodeDefault function| formatoHtmlPrioridadeGridChamado function| formatoHtmlChamadoLogsTipo function| formatoHtmlIconCloudFStatus function| formatoHtmlPesquisaSatisfacao function| formatoHtmlPesquisaSatisfacaoSuporte function| formatoHtmlSlaExpira function| formatoHtmlSlaExpiraChamadoSuporte function| formatoHtmlTipoSlaAndamento function| formatoHtmlSlaCor function| formatoHtmlSlaInternoCliente function| formatoHtmlSlaAtual function| formatoHtmlGridSla1TempoRestante function| formatoHtmlGridSla2TempoRestante function| formatoHtmlTipoData function| formatoHtmlTipoDataNotif function| formatoHtmlTipoNotifPermissao function| limpaCountComma function| formatoHtmlConcatSmallLixeiraNotificacoes function| formatoHtmlIconCL function| formatoHtmlTipoBloquear function| formatoHtmlTipoConfiguracoes function| populaFormConfigStatus function| formatoHtmlOpcoesStatus function| populaFormRemoveCExtra function| formatoHtmlIconCatalogos function| formatoHtmlPriAdic function| formatoHtmlConfigAutoStatus function| formatoHtmlTipoQst function| formatoHtmlExportTipoQst function| formatoHtmlQuantidadeAlternativas function| formatoHtmlQuantidadeConfPSCli function| formatoHtmlQuantidadeConfPSOp function| formatoHtmlQuantidadeConfPSAutoCat function| formatoHtmlIconPrefixoContrato function| formatoHtmlIconPrefixoTrial function| formatoHtmlIconMapaAtendimento function| formatoHtmlIconOperBloq function| formatoHtmlIconOnlineOffline function| formatoHtmlStatusICsTipo function| formatoHtmlLocalLogAcesso function| formatoHtmlTipoBlackList function| formatoHtmlSMSCodRecurso function| formatoHtmlTipoBounce function| formatoHtmlTipoFAC function| formatoHtmlAjustaAlocado function| formatoHtmlAjustaProprietario function| formatoHtmlTipoAtivo function| formatoHtmlZeroToVazio function| formatoHtmlIconInventarios function| formatoHtmlCFTipoP function| formatoHtmlCorSla function| formatoHtmlIconUsuarioPadrao function| formatoHtmlConcatSmallInteracao function| formatoHtmlAuxValor function| formatoHtmlConcatSmallDeParaOper function| formatoHtmlStripTags function| formatoHtmlAuxDespesaDe function| formatoHtmlTraduzTipoDespesa function| formatoHtmlConcatTituloConteudo function| formatoHtmlConcatTituloConteudoPortal function| formatoHtmlConcatCateSub function| formatoHtmlReqAprov function| formatoHtmlDA function| formatoHtmlIco function| formatoHtmlLog function| formatoHtmlLogDescricao function| execFs function| formatoHtmlConfigRelatorio function| rangeFixo function| formatoHtmlGridRelatorioTimerHora function| formatoHtmlGridRelatorioTimerDia function| formatoHtmlGridRelatorioTimerSemana function| formatoHtmlGridRelatorioTimerMes function| formatoHtmlGridRelatorioTimerAno function| formatoRelatCDefault function| formatoRelatCSelectBox function| formatoRelatCBoolean function| formatoRelatCSlaStatus function| formatoRelatCAprovacaoStatus function| formatoRelatCDate function| formatoRelatCWeek function| formatoRelatCHour function| formatoRelatCHourExtended function| formatoRelatCKey function| formatoRelatCCountry function| formatoBAFatherRelat function| formatoHtmlGridHorasUltSegundoToRevContratado function| formatoHtmlGridHorasUltSegundoToRevUtilizado function| formatoHtmlGridHorasUltSegundoToRevTempoRestante function| formatoHtmlGridHorasUltSegundoToRevDesconto function| formatoHtmlGridChamadosContratado function| formatoHtmlGridChamadosRestante function| formatoHtmlGameTipoVinculo function| formatoHtmlGameTipoPeso string| glbTimer undefined| channelRT undefined| channelRT_IA_PC object| glbUserCod string| glbPrefixo string| glbUrlRT string| glbUrlSSOPC function| matrizPrioridade object| Bacessadas function| replaceBtnPS function| showContainerChatUsu function| geraPass function| getRandomChar undefined| tipoTemp undefined| attrA undefined| attrB undefined| sChatTmp function| ordenaOption function| populaFormAtrasoContratos function| dataCustomPA function| visualizaBaseConhecimento function| visualizaBaseConhecimentoIdioma function| startTimer function| RealSerializeToDgd function| CMClick function| AvisoUpdateMassa function| ConfirmaUpdateMassa function| showModalChamadosAnexos function| criaInteracaoBaseChat function| readBarcodeCh_iOS function| androidReadBarcodeCh function| alertReadBarcodeCh function| populaFormCustomAvaliacaoTecnica function| linkDiretoBC function| populaFormCustomBaseConhecimento object| jsonCatBlocoTmp function| categoriaBloco function| arvoreBlocos object| glbJsonArvorePortal function| populaArvoreAssunto function| criaCamposAberturaChPortal function| aplicaAutoCatPortal object| glbJsonArvore function| trataContenteditable function| pasteBase64 function| replaceStyleAttr function| removeTagsExcludeImgBr function| setEndOfContenteditable function| populaListaContratos function| populaListaPaiFilho function| retornoSalvarVincularChamadoPaiFilho function| retornoSalvarPopulaDespesasChamado function| interagirEmNomeDe function| populaChamadoSlaLogs function| exibeOcultaCAC function| icsDisponiveis function| ClickFirstCall function| ChangeFirstCall function| populaIndicacaoChamadosSolicitante function| populaPSRespondida function| populaAprovacao function| populaHorasCliente function| populaChamadoInfo function| retornoSalvarChamadoAtualizaTarifar function| populaEncerrado function| populaFormChamadoSlaCamposCustom function| populaFormInteracaoCamposCustom function| populaSla function| retornoSalvarChamadoSla function| populaFormChamadosICs function| populaFormChamadosCamposCustom function| pinChamadosSuporte function| populaCategorizacao function| populaChamado function| populaBotaoNovaInteracao function| populaBotaoBaseConhecimento function| populaBotaoNovoComentario function| populaHistorico function| populaCampoExtra function| populaICs function| populaDespesas function| populaLogs function| escondeCamposChamadoEditar function| escondeCamposChamadoCriar function| escondeCamposChamado function| escondeCamposAssuntoCampoExtra function| retornoSalvarChamadoAjaxVincularPaiFilho function| escondeCriarAcao function| retornoSalvarPopulaHistorico function| animacaoGame function| retornoSalvarAtualizaHistorico function| retornoGridCriaIndicadorTempoMedioAtendimento function| TMAdgdToTicket function| retornoGridCriaIndicadorHorasUltrapassadas function| ToggleFiltrosHorasUltrapassadas function| retornoGridCriaIndicadorInsights function| retornoGridCriaIndicadorAnaliseComparativaChamados function| criaBlocoAnaliseComparativaChamados string| sStringChamadoTmp function| retornoSalvarCategorizacao undefined| minhaRequisicaoIA function| retornoSalvarAtualizaStatusIc function| retornoSalvarResetaCampos function| retornoSalvarImprimeInventarioManual function| GerarChaveAPI function| DesbloqOperadores function| populaFormGruposCamposCustom function| processaTemplate function| retornoSalvarUrlCript function| populaFormCustomPesquisaSatisfacao function| alertResultMyLocation function| bPonto function| populaFormRelatorios function| htmlDataBetween function| htmlDataNormal function| htmlDataMesDia function| htmlDataSemana function| htmlPaises function| retornoGridCriaIndicadorAnaliseSLA function| SLAdgdToTicket function| retornoSalvarChComentar function| populaProjTarefa function| fbsTarefas function| addDataHoraTarefas function| concluirTarefas function| tarefaPConcluido function| retornoSalvarProjetos undefined| notifyMe function| formatoHtmlConfigGridAutocat function| cronAlertas function| formataCelular function| prefixaTexto function| populaFormCustomChamados function| htmlInteragirChamado function| populaFormChamadosBaseConhecimento function| PopulaPanelColunasCustom function| populaFormCustomNotificacoes function| AtualizaStatusIc function| resetaCampos function| PopulaPanelLogAcessoColunasCustom function| populaFormCustomSMSConsumo function| traduzIdioma function| defaultCustomModal function| populaFormCustomTarefasNotas function| populaFormCustomTarefas object| _hsp object| __hsCollectedFormsDebug object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| PIXELS_RAN object| enabledEventSettings object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running boolean| hubspot_live_messages_running object| HubSpotConversations boolean| _hspb_ran boolean| _hspb_loaded function| onYouTubeIframeAPIReady object| gaGlobal object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| fbq function| _fbq object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk boolean| LEAD_FLOW_DOCUMENT_READY_RAN object| ORIBILI

30 Cookies

Domain/Path Name / Value
questor.desk.ms/ Name: AWSELB
Value: B53D4D870483A9254CB7E476CD25F6B9594C8285A21980D533D1F5E0BDD5E9BE2E79450ACEF19FB57313275B51B0EBCB6990A6A3443215E9A886344F01D21DFFD66A2D08CA
questor.desk.ms/ Name: AWSELBCORS
Value: B53D4D870483A9254CB7E476CD25F6B9594C8285A21980D533D1F5E0BDD5E9BE2E79450ACEF19FB57313275B51B0EBCB6990A6A3443215E9A886344F01D21DFFD66A2D08CA
.desk.ms/ Name: _ga
Value: GA1.1.989936454.1718210947
www.clarity.ms/ Name: CLID
Value: 14ca3b4cc0fe44cc868fc88c057f8637.20240612.20250612
.desk.ms/ Name: _clck
Value: 1ksv079%7C2%7Cfmk%7C0%7C1624
questor.desk.ms/ Name: __hstc
Value: 237219605.c790edefd5fe0980ddd8e983ef1c35ed.1718210947123.1718210947123.1718210947123.1
questor.desk.ms/ Name: hubspotutk
Value: c790edefd5fe0980ddd8e983ef1c35ed
questor.desk.ms/ Name: __hssrc
Value: 1
.hubspot.com/ Name: __cf_bm
Value: D.1XTYgabAItBwNUSDcQ1KA3GdIRjamDtyFAE_0ywJA-1718210947-1.0.1.1-klqKKf8Q2vkDcrN48aInSJM4YzXIs.Oc1tAqVNUhUiU9Q2p9Dqh7a0ZtogRtqzK8MpXoUa.QLcnW0pPPyMRbSQ
.hubspot.com/ Name: _cfuvid
Value: UTKhYYg44pwZm6jiakTRV_dUAO.YDFbFcAFyp9T_XQc-1718210947284-0.0.1.1-604800000
.bing.com/ Name: MUID
Value: 14FF06F50C1566692D8612690D15670B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 14FF06F50C1566692D8612690D15670B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 14FF06F50C1566692D8612690D15670B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.desk.ms/ Name: _gcl_au
Value: 1.1.1884121469.1718210947
.hsforms.com/ Name: __cf_bm
Value: zNYkZxAXt4wh5lCEcflDx8gesWlaV4P_EmYSHXd35rI-1718210947-1.0.1.1-eQVlzUCQp3QXisTBoy2dVPFht4iGoaiEMxK37TUsWi8fbLKM.9q9W8n9GTniZZmCWF3fQR1_ttJOHM89dFJsrQ
.hsforms.com/ Name: _cfuvid
Value: e9SjsMku4jwLhh.8Kbrx2Z82p12dEPhgYsWT5gmv3gU-1718210947436-0.0.1.1-604800000
.desk.ms/ Name: _fbp
Value: fb.1.1718210947467.828682812837935579
.linkedin.com/ Name: li_sugr
Value: bb9d202b-445f-4b00-a319-bb640154ba54
.linkedin.com/ Name: bcookie
Value: "v=2&a791f48d-22a2-43c0-8ece-d243d8a9f444"
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3055:u=1:x=1:i=1718210947:t=1718297347:v=2:sig=AQEnSdmRKEb7145jLP_vfztirxLYcND7"
.linkedin.com/ Name: UserMatchHistory
Value: AQLl78iQW77G1wAAAZANWmpAQSnyOk7cK7pEfo13lYbap5pxsYFiD0mHwNWynK72YeuDbNYLHHj4Mw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIEAguAuTAhaQAAAZANWmpATgogTCIXAwlI_LMJ54SOAchQNHJRg2Wv_gM9FDS9jgNhmLI26QoZlOljcru6jw
.desk.ms/ Name: _ga_KD88S5DBVB
Value: GS1.1.1718210946.1.1.1718210948.58.0.0
questor.desk.ms/ Name: __hssc
Value: 237219605.2.1718210947123
.desk.ms/ Name: _clsk
Value: 100hw14%7C1718210948668%7C2%7C1%7Cq.clarity.ms%2Fcollect
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTgyMTA5NDk7MjswMjGGoHQ4DGgMUIXBCQjgdi/2CUlh8ofTvsJ+8ADY7lmO6w==

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://questor.desk.ms/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://questor.desk.ms/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://dqnkcwgy21udk.cloudfront.net/view/11920/html/Menu.html
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
recommendation verbose URL: https://questor.desk.ms/?Login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://questor.desk.ms/?Login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: blob:; connect-src https: wss: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode-block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
c.bing.com
c.clarity.ms
connect.facebook.net
cta-service-cms2.hubspot.com
dqnkcwgy21udk.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.clarity.ms
questor.desk.ms
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
www.linkedin.com
q.clarity.ms
region1.analytics.google.com
www.linkedin.com
13.107.42.14
18.66.9.230
20.231.53.73
2001:4860:4802:32::36
2606:4700:4400::ac40:991b
2606:4700::6810:4e8e
2606:4700::6810:6bfe
2606:4700::6810:7574
2606:4700::6810:8dd1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:8a11
2606:4700::6812:f26c
2606:4700::6813:afbc
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:400c:c0d::9c
2a02:26f0:3100::1735:2821
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
52.54.177.168
68.219.88.97
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
040357836fc833a651332d4996cd2d40c108dd1431482503e37f6f5b2142d708
09a51053b8317e6764e6cfb53fb87e9063e8222bc05f29ab2344a368abffa223
0a82e9e90e79c56229948a3b2209a07d4455c2a9478a4e89e8fd7b8f234a389d
2672a8522efc9ce2cf7d9fe367bec42915055e0cbb9e4b96ef9cd5deb4db6abe
274f464d21b75ece5bc3f18b1830163ce54c8a0ce1e4044d0ab31e2f781a95e4
282edf97932ca76b541a2e1420402fd95c6d80afc280786a46bf48e3531706b6
294ebb02701a56535ef031d4a241cb7621aa16dbd12ea934a5e1c3e518194b37
2af4c240d46b3e99eea9ccbfd9c0c1c856c710a5ed3692f455767a96224171b2
3a1887221a20f20d79b7f28ecda9f9a587fa0114de8532110ec2f9c9893c7462
3e95fb73135475ea18de0d170c9ffb9c6b82495b9825cb802e363d255cfc655e
42e532cc815a2b6c80e05a9151e5829c73a8d360307aa5e6750868c0189ffb85
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f
4b2b924ac506f389e6f88bf51c91bb0a83b373e9bce73fd5a8e112f6554d02de
4ebcde96c12067d8db86303e1b34a7d622c23774d64c45fe9c267b57d5ed99db
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
54be46d79a3f136dfd2875a907c7e05f333f555e9a3022091b13d7be2e016c69
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5cab0adca69fd4bb72a925a4e08174c1ece631c320db90bc6d2ae895fe0ba114
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d6cc3d481f10caa11b8bb8c1354a32868a07d71a5f18969bd669fa3b1eb3a51
7945c4289b0cea588a944b23a4e33b18122ba0f1ce05116e8e07a7edf3c4826c
794f63279c1c4ea930b2bb33a3944d0ac21e02e09e784c6b15cd5cb481d1bb85
7e8b3bdef9214b7f901a3cbc8919b498fd4fcc3fd018a0e9892090ab891f3ff3
833176ac289284248db70b0f8f0cb58b27ffa6401da5a0a9c4dbc4632549a130
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
87f84683d303dac45e1e4fc65774eaa0391fd88f345e9f0ee062fc68afe43629
8985b65c2d2e00dade4dc412cd79a66a60d9a5d78392f774101b6d32cbb680f9
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
99164d2e4d00784e19a254f0e58cece549ebb47872dff4d1e89edc796a5a0cea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9fd53744fc2e90f90accb0876f553f39ce49ac53a136284659b7c09c8fc0eff2
a1abf9993c96de1ecf12a7587ed38bfde08eb1943485aa3d6f2a89bf8822463c
a1c949a70b3545f02e19796097b1b812bbabbfbc715021cffd9189bb49b407d2
a25668c3c1a9f8e43e7f8853f67bf8fcb8a7f092e9ae6bb2dbab4d2f5a34cd0f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afd6f05818c97c560b3a3f27b9cf099018e6a2348d8153af645494ee3d64a693
b0a251361bcca19373d89931b538d50c9fceb1044309a9ed5dd1d2706d7d48d1
b6cc08504ca83f56a2cb4623e2139f0dd418448dee34a5764c28a586010a4baf
b73b9aeec82d0bddec20adb59c126448b2e116f918f35f63adf728edd4e240e2
b9d8c4c665733aff8d382f550598591d7a4b011f27a441421ac9ab6968c6e821
bd66fe1060ad6eb5b8b7c108d78cf68a9b263e669c00c6364fc257db410651d2
c47766233014fb32b672e6824c885134723c72f159cf648e79446bc6f2f220fb
c859edfac3be2897f2b3b43ce986806ac3029c8aea3cce4f3acda9c0bd0adc7b
d06d2384a7901aaebd55b5a9f87792d138c647f0c07f2ec6b5d6dd19542f0bcf
d253d20cf19dda5cc3a47f0ed794a3e8d40f74abac397b374dd69383dc5f0079
d74423c09b8659df309364c953b5e8544ba64412c69b53351bc1308dcac79d38
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
e20bd02250754a948fbcc58aa7e59f35dfcc67f595cc385dc4a783a70285b084
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4a68bf94e39090211f6c1c4362a33d9be4215b26b1cbb664ff7d57e97839f3
ec64f26414df0bccad30358d7083668c9473494c327b94d9b01425ae98814c60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629